From 2b0bbd3e62e70e836a3576addf8b28285a39ea6f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Simon=20H=C3=BClkenberg?= Date: Wed, 3 Aug 2022 14:44:11 +0200 Subject: [PATCH 1/2] Apply megalinter autofixes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Simon HΓΌlkenberg --- .codeclimate.yml | 2 +- .github/release-drafter.yml | 56 +- .github/workflows/helm-docs.yaml | 2 +- .github/workflows/release-tweet.yaml | 2 +- .mega-linter.yml | 2 +- .../parser/__testFiles__/empty.json | 3 +- .../parser/__testFiles__/example.com.json | 4 +- .../new-scanner-parse-definition.yaml | 15 +- auto-discovery/kubernetes/.vscode/launch.json | 46 +- auto-discovery/kubernetes/.vscode/tasks.json | 23 +- .../kubernetes/config/crd/kustomization.yaml | 4 +- .../config/crd/kustomizeconfig.yaml | 24 +- .../config/default/kustomization.yaml | 20 +- .../default/manager_auth_proxy_patch.yaml | 20 +- .../config/default/manager_config_patch.yaml | 20 +- .../config/manager/kustomization.yaml | 8 +- .../kubernetes/config/manager/manager.yaml | 50 +- .../config/prometheus/kustomization.yaml | 2 +- .../rbac/auth_proxy_client_clusterrole.yaml | 8 +- .../config/rbac/auth_proxy_role.yaml | 24 +- .../config/rbac/auth_proxy_role_binding.yaml | 6 +- .../config/rbac/auth_proxy_service.yaml | 6 +- .../rbac/autodiscoveryconfig_editor_role.yaml | 36 +- .../rbac/autodiscoveryconfig_viewer_role.yaml | 28 +- .../kubernetes/config/rbac/kustomization.yaml | 34 +- .../config/rbac/leader_election_role.yaml | 62 +- .../rbac/leader_election_role_binding.yaml | 6 +- .../kubernetes/config/rbac/role_binding.yaml | 6 +- .../container_scan_controller_test.go | 2 +- .../controllers/service_scan_controller.go | 4 +- .../kubernetes/demo/install-dependencies.sh | 8 +- .../rbac/leader_election_role_binding.yaml | 6 +- .../templates/rbac/role_binding.yaml | 6 +- bin/add-license-header.sh | 14 +- bin/install-minikube.sh | 6 +- bin/install.sh | 89 +- bin/minio-port-forward.sh | 18 +- bin/npm-audit-fix-all.sh | 4 +- bin/npm-check-updates.sh | 11 +- bin/uninstall.sh | 4 +- .../bodgeit/container/docker-compose.yml | 4 +- demo-targets/bodgeit/templates/service.yaml | 15 +- demo-targets/bodgeit/values.yaml | 12 +- demo-targets/dummy-ssh/templates/service.yaml | 15 +- demo-targets/dummy-ssh/values.yaml | 9 +- .../http-webhook/container/docker-compose.yml | 14 +- .../http-webhook/templates/service.yaml | 15 +- demo-targets/http-webhook/values.yaml | 12 +- .../juice-shop/container/docker-compose.yml | 2 +- .../juice-shop/templates/service.yaml | 15 +- demo-targets/juice-shop/values.yaml | 15 +- .../old-joomla/templates/service.yaml | 12 +- demo-targets/old-joomla/values.yaml | 14 +- demo-targets/old-typo3/templates/service.yaml | 12 +- demo-targets/old-typo3/values.yaml | 14 +- .../old-wordpress/templates/service.yaml | 15 +- demo-targets/old-wordpress/values.yaml | 9 +- .../container/docker-compose.yml | 2 +- .../swagger-petstore/templates/service.yaml | 15 +- demo-targets/swagger-petstore/values.yaml | 12 +- .../unsafe-https/templates/service.yaml | 15 +- demo-targets/unsafe-https/values.yaml | 9 +- .../vulnerable-log4j/templates/service.yaml | 15 +- demo-targets/vulnerable-log4j/values.yaml | 9 +- hook-sdk/nodejs/package.json | 2 +- hooks/cascading-scans/Chart.yaml | 1 - hooks/cascading-scans/hook/scope-limiter.ts | 4 +- .../templates/role-binding.yaml | 2 +- hooks/cascading-scans/templates/role.yaml | 2 +- .../templates/service-account.yaml | 2 +- hooks/generic-webhook/values.yaml | 4 +- .../hook/__testfiles__/trello.json | 16 +- hooks/notification/hook/package.json | 2 +- hooks/notification/templates/configmap.yaml | 5 +- hooks/notification/values.yaml | 1 - hooks/persistence-azure-monitor/Chart.yaml | 2 +- hooks/persistence-azure-monitor/hook/hook.js | 2 +- .../hook/package-lock.json | 14046 +++---- .../hook/package.json | 80 +- ...efectDojoFindingToSecureCodeBoxMapper.java | 2 +- .../VersionedEngagementsStrategy.java | 2 +- .../hook/src/main/resources/application.yaml | 16 +- .../resources/kubehunter-dd-findings.json | 12 +- .../dashboards/daily-summary.json | 2 +- .../dashboards/nikto-overview.json | 2 +- .../dashboards/portscan-overview.json | 2 +- .../dashboards/ssh-overview.json | 66 +- .../dashboards/subdomain-overview.json | 6 +- .../dashboards/tls-ssl-overview.json | 6 +- .../dashboards/wordpress-overview.json | 2 +- .../dashboards/zap-overview.json | 2 +- .../dashboard-importer/export-dashboards.sh | 2 +- .../dashboard-importer/import-dashboards.sh | 16 +- operator/Chart.yaml | 2 +- operator/Dockerfile | 2 +- operator/config/crd/kustomization.yaml | 14 +- operator/config/crd/kustomizeconfig.yaml | 24 +- operator/config/default/kustomization.yaml | 14 +- .../default/manager_auth_proxy_patch.yaml | 32 +- .../config/default/manager_config_patch.yaml | 20 +- operator/config/manager/kustomization.yaml | 8 +- operator/config/manager/manager.yaml | 54 +- operator/config/prometheus/kustomization.yaml | 2 +- .../rbac/auth_proxy_client_clusterrole.yaml | 8 +- operator/config/rbac/auth_proxy_role.yaml | 24 +- .../config/rbac/auth_proxy_role_binding.yaml | 6 +- operator/config/rbac/auth_proxy_service.yaml | 6 +- .../rbac/cascadingrule_editor_role.yaml | 36 +- .../rbac/cascadingrule_viewer_role.yaml | 28 +- operator/config/rbac/kustomization.yaml | 34 +- .../config/rbac/leader_election_role.yaml | 62 +- .../rbac/leader_election_role_binding.yaml | 6 +- .../rbac/parsedefinition_editor_role.yaml | 36 +- .../rbac/parsedefinition_viewer_role.yaml | 28 +- operator/config/rbac/role_binding.yaml | 6 +- operator/config/rbac/scan_editor_role.yaml | 36 +- operator/config/rbac/scan_viewer_role.yaml | 28 +- .../rbac/scancompletionhook_editor_role.yaml | 36 +- .../rbac/scancompletionhook_viewer_role.yaml | 28 +- .../config/rbac/scantype_editor_role.yaml | 36 +- .../config/rbac/scantype_viewer_role.yaml | 28 +- .../rbac/scheduledscan_editor_role.yaml | 36 +- .../rbac/scheduledscan_viewer_role.yaml | 28 +- .../execution/scans/parse_reconciler.go | 2 +- .../execution/scans/scan_reconciler.go | 2 +- ...ading.securecodebox.io_cascadingrules.yaml | 8537 ++-- ...ion.securecodebox.io_parsedefinitions.yaml | 5335 +-- ....securecodebox.io_scancompletionhooks.yaml | 5385 +-- .../execution.securecodebox.io_scans.yaml | 8374 ++-- .../execution.securecodebox.io_scantypes.yaml | 16747 ++++---- ...ution.securecodebox.io_scheduledscans.yaml | 8609 ++-- operator/internal/telemetry/telemetry.go | 2 +- operator/templates/rbac/auth_proxy_role.yaml | 16 +- .../rbac/auth_proxy_role_binding.yaml | 7 +- .../templates/rbac/auth_proxy_service.yaml | 8 +- .../templates/rbac/leader_election_role.yaml | 62 +- .../rbac/leader_election_role_binding.yaml | 6 +- .../rbac/parsedefinition_editor_role.yaml | 36 +- .../rbac/parsedefinition_viewer_role.yaml | 28 +- operator/templates/rbac/role_binding.yaml | 6 +- operator/templates/rbac/scan_editor_role.yaml | 36 +- operator/templates/rbac/scan_viewer_role.yaml | 28 +- .../templates/rbac/scantype_editor_role.yaml | 36 +- .../templates/rbac/scantype_viewer_role.yaml | 28 +- .../rbac/scheduledscan_editor_role.yaml | 36 +- .../rbac/scheduledscan_viewer_role.yaml | 28 +- operator/templates/rbac/serviceaccount.yaml | 8 +- operator/values.yaml | 2 +- parser-sdk/nodejs/findings-schema.json | 15 +- parser-sdk/nodejs/package.json | 2 +- scanners/amass/parser/parser.test.js | 2 +- scanners/amass/templates/amass-scan-type.yaml | 2 +- .../scanner/acstis-script.py | 161 +- .../angularjs-csti-scanner/scanner/wrapper.sh | 8 +- .../cmseek/cascading-rules/scan-joomla.yaml | 2 +- .../examples/demo-old-joomla/findings.yaml | 55 +- .../cmseek/examples/demo-old-joomla/scan.yaml | 2 +- .../__testFiles__/joomla_with_core_vulns.json | 84 +- .../joomla_without_core_vulns.json | 18 +- .../parser/__testFiles__/not_joomla.json | 14 +- scanners/cmseek/scanner/wrapper.sh | 7 +- .../github-secureCodeBox-scan/findings.yaml | 955 +- .../parser/__testFiles__/empty-findings.json | 3 +- .../scanner/git_repo_scanner/__main__.py | 179 +- .../git_repo_scanner/abstract_scanner.py | 59 +- .../git_repo_scanner/github_scanner.py | 112 +- .../git_repo_scanner/gitlab_scanner.py | 95 +- .../scanner/tests/git_repo_scanner_test.py | 365 +- .../examples/private-repository/scan.yaml | 4 +- .../examples/secureCodeBox/findings.json | 2 +- .../gitleaks/examples/secureCodeBox/scan.yaml | 4 +- .../parser/__testFiles__/test-report.json | 2 +- .../examples/in-cluster/findings.yaml | 151 +- .../integration-tests/kube-hunter.test.js | 2 +- .../kind-1.18-in-cluster-scan.json | 77 +- scanners/kube-hunter/parser/parser.js | 2 +- .../ncrack/cascading-rules/crack-ftp.yaml | 3 +- .../ncrack/cascading-rules/crack-mssql.yaml | 2 +- .../ncrack/cascading-rules/crack-mysql.yaml | 2 +- .../cascading-rules/crack-postgresql.yaml | 2 +- .../ncrack/cascading-rules/crack-rdp.yaml | 2 +- .../ncrack/cascading-rules/crack-smb.yaml | 2 +- .../ncrack/cascading-rules/crack-ssh.yaml | 2 +- .../ncrack/cascading-rules/crack-telnet.yaml | 2 +- .../ncrack/cascading-rules/crack-vnc.yaml | 2 +- .../nikto/examples/demo-bodgeit/findings.yaml | 2 +- .../examples/demo-bodgeit/nikto-results.json | 156 +- .../nikto/examples/demo-bodgeit/scan.yaml | 18 +- .../demo-docs.securecodebox.io/scan.yaml | 16 +- .../demo-juice-shop/nikto-results.json | 1921 +- .../nikto/examples/demo-juice-shop/scan.yaml | 18 +- .../__testFiles__/docs.securecodebox.io.json | 30 +- .../parser/__testFiles__/juice-shop.json | 1921 +- .../__testFiles__/unresolvable-host.json | 15 +- .../nmap/examples/basic-example/findings.yaml | 232 +- .../example-with-parameters/findings.yaml | 76 +- scanners/nmap/parser/parser.js | 2 +- .../cascading-rules/subdomain_http.yaml | 2 +- scanners/nuclei/values.yaml | 4 +- scanners/screenshooter/scanner/wrapper.sh | 2 +- .../vulnerable-flask-app/findings.yaml | 200 +- .../examples/vulnerable-flask-app/scan.yaml | 2 +- .../semgrep-findings.json | 40 +- .../semgrep/integration-tests/testfile.py | 14 +- .../__testFiles__/minimal-metadata.json | 112 +- .../python-injection-multiresult.json | 392 +- .../__testFiles__/python-injection.json | 4 +- scanners/semgrep/parser/package.json | 2 +- scanners/semgrep/values.yaml | 4 +- .../examples/demo-app-ssh/findings.yaml | 232 +- .../demo-app-ssh/ssh-scan-results.json | 35 +- .../ssh-scan/examples/localhost/findings.yaml | 12284 ++---- .../parser/__testFiles__/192.168.42.42.json | 31 +- .../parser/__testFiles__/local-network.json | 12274 ++---- .../parser/__testFiles__/localhost.json | 54 +- .../__testFiles__/securecodebox.io.json | 34 +- scanners/sslyze/cascading-rules/ftps.yaml | 4 +- scanners/sslyze/cascading-rules/https.yaml | 3 +- scanners/sslyze/cascading-rules/ldaps.yaml | 4 +- scanners/sslyze/cascading-rules/mail.yaml | 9 +- .../__testFiles__/expired.badssl.com.json | 9621 +++-- .../parser/__testFiles__/google.com.json | 20122 ++++----- .../mixed-connectivity-result.json | 412 +- .../__testFiles__/revoked.badssl.com.json | 12536 +++--- .../__testFiles__/self-signed.badssl.com.json | 9199 +++-- .../tls-v1-0.badssl.com_1010.json | 12991 +++--- .../__testFiles__/unavailable-host.json | 60 +- .../untrusted-root.badssl.com.json | 9431 +++-- .../__testFiles__/wrong.host.badssl.com.json | 12991 +++--- .../__testFiles__/www.securecodebox.io.json | 12067 +++--- scanners/trivy/examples/filesystem/scan.yaml | 2 +- .../examples/image-juice-shop/findings.yaml | 390 +- .../examples/image-mediawiki/findings.yaml | 33573 ++++++++-------- .../__testFiles__/juice-shop-v10.2.0.json | 292 +- .../__testFiles__/juice-shop-v12.10.2.json | 1934 +- .../__testFiles__/securecodebox-repo.json | 58 +- .../typo3scan/examples/example.com/scan.yaml | 2 +- .../parser/__testFiles__/localhost.json | 858 +- .../localhost_vuln_extensions.json | 898 +- .../examples/example.com/findings.yaml | 49 +- .../parser/__testFiles__/example.com.json | 13 +- .../parser/__testFiles__/no-address.com.json | 3 +- .../__testFiles__/securecodebox.io.json | 57 +- .../parser/__testFiles__/two-domains.json | 35 +- .../wpscan/examples/example.com/findings.yaml | 272 +- .../examples/old-wordpress/findings.yaml | 105 +- .../old-wordpress/wpscan-results.json | 55 +- .../parser/__testFiles__/empty-localhost.json | 3 +- .../parser/__testFiles__/example-latest.json | 370 +- .../parser/__testFiles__/example-old.json | 391 +- .../__testFiles__/no-version-detected.json | 289 +- scanners/wpscan/scanner/wrapper.sh | 9 +- .../demo-bodgeit-scan-authenticated/scan.yaml | 2 +- .../scan.yaml | 1 - .../scan.yaml | 2 +- .../scan.yaml | 1 - .../scanner/docker-compose.demo-apps.yaml | 10 +- .../scanner/docker-compose.test.yaml | 36 +- .../zap-advanced/scanner/docker-compose.yaml | 67 +- .../1_zap-advanced-scan-config.yaml | 74 +- .../1_zap-advanced-scan-type-config.yaml | 2 +- .../2_zap-advanced-scan-type-secret.yaml | 2 +- .../2_zap-advanced-scan-config.yaml | 1 - .../global/1_zap-advanced-scan-config.yaml | 14 +- .../1_zap-advanced-scan-config.yaml | 12 +- .../1_zap-advanced-scan-config.yaml | 18 +- .../1_zap-advanced-scan-config.yaml | 18 +- .../1_zap-advanced-scan-config.yaml | 10 +- .../1_zap-advanced-scan-config.yaml | 12 +- .../tests/test_integration_docker_local.py | 98 +- .../tests/test_integration_zap_local.py | 130 +- .../scanner/tests/test_zap_configuration.py | 66 +- .../scanner/tests/test_zap_context.py | 11 +- .../scanner/tests/test_zap_scanner_active.py | 17 +- .../scanner/tests/test_zap_spider_ajax.py | 15 +- .../scanner/tests/test_zap_spider_http.py | 15 +- .../scanner/zapclient/__init__.py | 4 +- .../scanner/zapclient/__main__.py | 141 +- .../scanner/zapclient/api/__init__.py | 4 +- .../scanner/zapclient/api/zap_api.py | 88 +- .../zapclient/configuration/__init__.py | 2 +- .../configuration/helpers/__init__.py | 2 +- .../zap_configuration_context_users.py | 6 +- .../configuration/zap_configuration.py | 56 +- .../scanner/zapclient/context/__init__.py | 4 +- .../scanner/zapclient/context/zap_context.py | 298 +- .../context/zap_context_authentication.py | 152 +- .../scanner/zapclient/scanner/__init__.py | 2 +- .../zapclient/scanner/zap_abstract_scanner.py | 36 +- .../zapclient/scanner/zap_scanner_active.py | 210 +- .../scanner/zapclient/settings/__init__.py | 4 +- .../zapclient/settings/zap_settings.py | 188 +- .../scanner/zapclient/spider/__init__.py | 4 +- .../zapclient/spider/zap_abstract_spider.py | 77 +- .../zapclient/spider/zap_spider_ajax.py | 127 +- .../zapclient/spider/zap_spider_http.py | 230 +- .../scanner/zapclient/zap_abstract_client.py | 165 +- .../scanner/zapclient/zap_automation.py | 138 +- scanners/zap-advanced/values.yaml | 7 +- .../demo-bodgeit-baseline-scan/findings.yaml | 2722 +- .../demo-bodgeit-full-scan/findings.yaml | 5984 +-- .../examples/demo-bodgeit-full-scan/scan.yaml | 2 +- .../findings.yaml | 2442 +- .../demo-juice-shop-baseline-scan/scan.yaml | 2 +- .../demo-juice-shop-full-scan/findings.yaml | 5010 +-- .../demo-juice-shop-full-scan/scan.yaml | 4 +- .../demo-petstore-api-scan/findings.yaml | 1200 +- .../zap/parser/__testFiles__/juice-shop.xml | 2 +- tests/integration/package.json | 2 +- 309 files changed, 127849 insertions(+), 133093 deletions(-) diff --git a/.codeclimate.yml b/.codeclimate.yml index 6f54571880..14dc48d9cc 100644 --- a/.codeclimate.yml +++ b/.codeclimate.yml @@ -47,7 +47,7 @@ exclude_patterns: - "**/*.test.js" - "**/*.test.ts" - "**/*.d.ts" - # Generated + # Generated - "**/hooks/cascading-scans/scan-helpers.js" - "**/hooks/cascading-scans/hook.js" # Auto Generated by kubernetes java client diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml index e126ed3a5d..8914e74bbe 100644 --- a/.github/release-drafter.yml +++ b/.github/release-drafter.yml @@ -2,34 +2,34 @@ # # SPDX-License-Identifier: Apache-2.0 -name-template: 'v$NEXT_PATCH_VERSION' -tag-template: 'v$NEXT_PATCH_VERSION' +name-template: "v$NEXT_PATCH_VERSION" +tag-template: "v$NEXT_PATCH_VERSION" categories: - - title: 'πŸ’£ Breaking' - label: 'breaking' - - title: 'πŸš€ Features' - label: 'enhancement' - - title: 'πŸš“ Security Scanner' - label: 'scanner' - - title: 'βš“οΈ Hooks' - label: 'hook' - - title: 'πŸ› Bug Fixes' - label: 'bug' - - title: 'πŸ§ͺ Test' - labels: - - 'test' - - 'testing' - - title: 'πŸ“š Documentation' - labels: - - 'docs' - - 'documentation' - - title: 'πŸ”§ Maintenance' - label: 'maintenance' - - title: 'πŸ“Œ Dependencies' - label: 'dependencies' -change-template: '- $TITLE @$AUTHOR (#$NUMBER)' + - title: "πŸ’£ Breaking" + label: "breaking" + - title: "πŸš€ Features" + label: "enhancement" + - title: "πŸš“ Security Scanner" + label: "scanner" + - title: "βš“οΈ Hooks" + label: "hook" + - title: "πŸ› Bug Fixes" + label: "bug" + - title: "πŸ§ͺ Test" + labels: + - "test" + - "testing" + - title: "πŸ“š Documentation" + labels: + - "docs" + - "documentation" + - title: "πŸ”§ Maintenance" + label: "maintenance" + - title: "πŸ“Œ Dependencies" + label: "dependencies" +change-template: "- $TITLE @$AUTHOR (#$NUMBER)" exclude-labels: - - 'skip-changelog' + - "skip-changelog" template: | ## Changes This release contains the following changes πŸŽ‰. Help spread the word or leave a GitHub star if you like it πŸ˜‰ @@ -37,11 +37,11 @@ template: | ![GitHub commits since tagged version](https://img.shields.io/github/commits-since/secureCodeBox/secureCodeBox/$PREVIOUS_TAG) ![GitHub Repo stars](https://img.shields.io/github/stars/secureCodeBox/secureCodeBox?style=social) ![Twitter URL](https://img.shields.io/twitter/url?style=social&url=https%3A%2F%2Fgithub.com%2FsecureCodeBox%2FsecureCodeBox%2Freleases%2Ftag%2Flatest) $CHANGES - + ## Distribution [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/secureCodeBox)](https://artifacthub.io/packages/search?repo=securecodebox) [![Docker Hub](https://img.shields.io/badge/Docker%20Hub-secureCodeBox-blue?style=flat&logo=docker&color=lightblue&labelColor=blue&logoColor=white)](https://hub.docker.com/u/securecodebox) - + ## Contributors Thanks to all our contributors supporting this project πŸ€— $CONTRIBUTORS diff --git a/.github/workflows/helm-docs.yaml b/.github/workflows/helm-docs.yaml index 10733f5d00..dc0b997666 100644 --- a/.github/workflows/helm-docs.yaml +++ b/.github/workflows/helm-docs.yaml @@ -68,4 +68,4 @@ jobs: commit_user_email: securecodebox@iteratec.com # Optional. Used by `git-commit`. # See https://git-scm.com/docs/git-commit#_options - commit_options: '--signoff' + commit_options: "--signoff" diff --git a/.github/workflows/release-tweet.yaml b/.github/workflows/release-tweet.yaml index f7b990f32b..75a669d615 100644 --- a/.github/workflows/release-tweet.yaml +++ b/.github/workflows/release-tweet.yaml @@ -5,7 +5,7 @@ name: "Tweet about release" on: release: - types: [ released ] + types: [released] jobs: build: runs-on: ubuntu-latest diff --git a/.mega-linter.yml b/.mega-linter.yml index d22ae6a30c..dfd44b4f8b 100644 --- a/.mega-linter.yml +++ b/.mega-linter.yml @@ -24,4 +24,4 @@ VALIDATE_ALL_CODEBASE: false IGNORE_GENERATED_FILES: true # disable useless alpaca ascii art that gets printed at the start of the linting -PRINT_ALPACA: false \ No newline at end of file +PRINT_ALPACA: false diff --git a/.templates/new-scanner/parser/__testFiles__/empty.json b/.templates/new-scanner/parser/__testFiles__/empty.json index 0d4f101c7a..fe51488c70 100644 --- a/.templates/new-scanner/parser/__testFiles__/empty.json +++ b/.templates/new-scanner/parser/__testFiles__/empty.json @@ -1,2 +1 @@ -[ -] +[] diff --git a/.templates/new-scanner/parser/__testFiles__/example.com.json b/.templates/new-scanner/parser/__testFiles__/example.com.json index 2a7fbcca4f..f35a00d803 100644 --- a/.templates/new-scanner/parser/__testFiles__/example.com.json +++ b/.templates/new-scanner/parser/__testFiles__/example.com.json @@ -1,3 +1 @@ -[ -{"target":"http://example.com"} -] +[{ "target": "http://example.com" }] diff --git a/.templates/new-scanner/templates/new-scanner-parse-definition.yaml b/.templates/new-scanner/templates/new-scanner-parse-definition.yaml index bcb771f319..690ea3f156 100644 --- a/.templates/new-scanner/templates/new-scanner-parse-definition.yaml +++ b/.templates/new-scanner/templates/new-scanner-parse-definition.yaml @@ -8,13 +8,10 @@ metadata: name: "new-scanner-json" spec: image: "{{ .Values.parser.image.repository }}:{{ .Values.parser.image.tag | default .Chart.Version }}" - imagePullPolicy: {{ .Values.parser.image.pullPolicy }} - ttlSecondsAfterFinished: {{ .Values.parser.ttlSecondsAfterFinished }} - env: - {{- toYaml .Values.parser.env | nindent 4 }} + imagePullPolicy: { { .Values.parser.image.pullPolicy } } + ttlSecondsAfterFinished: { { .Values.parser.ttlSecondsAfterFinished } } + env: { { - toYaml .Values.parser.env | nindent 4 } } scopeLimiterAliases: - {{- toYaml .Values.parser.scopeLimiterAliases | nindent 4 }} - affinity: - {{- toYaml .Values.parser.affinity | nindent 4 }} - tolerations: - {{- toYaml .Values.parser.tolerations | nindent 4 }} + { { - toYaml .Values.parser.scopeLimiterAliases | nindent 4 } } + affinity: { { - toYaml .Values.parser.affinity | nindent 4 } } + tolerations: { { - toYaml .Values.parser.tolerations | nindent 4 } } diff --git a/auto-discovery/kubernetes/.vscode/launch.json b/auto-discovery/kubernetes/.vscode/launch.json index ef03444007..577b93e76e 100644 --- a/auto-discovery/kubernetes/.vscode/launch.json +++ b/auto-discovery/kubernetes/.vscode/launch.json @@ -1,26 +1,26 @@ { - // Use IntelliSense to learn about possible attributes. - // Hover to view descriptions of existing attributes. - // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387 - "version": "0.2.0", - "configurations": [ + // Use IntelliSense to learn about possible attributes. + // Hover to view descriptions of existing attributes. + // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387 + "version": "0.2.0", + "configurations": [ { - "name": "Debug Main", - "type": "go", - "request": "launch", - "mode": "debug", - "program": "main.go", - "args": ["--config", "auto-discovery-config.yaml"] + "name": "Debug Main", + "type": "go", + "request": "launch", + "mode": "debug", + "program": "main.go", + "args": ["--config", "auto-discovery-config.yaml"] }, - { - "name": "Debug Unit Tests", - "type": "go", - "request": "launch", - "mode": "test", - "program": "${workspaceFolder}/controllers", - "args": ["-test.v"], - //"preLaunchTask": "makefileMagic", - "env": {"KUBEBUILDER_ASSETS": "${workspaceFolder}/testbin/bin"} - } - ] -} \ No newline at end of file + { + "name": "Debug Unit Tests", + "type": "go", + "request": "launch", + "mode": "test", + "program": "${workspaceFolder}/controllers", + "args": ["-test.v"], + //"preLaunchTask": "makefileMagic", + "env": { "KUBEBUILDER_ASSETS": "${workspaceFolder}/testbin/bin" } + } + ] +} diff --git a/auto-discovery/kubernetes/.vscode/tasks.json b/auto-discovery/kubernetes/.vscode/tasks.json index 88be450e63..a40e6880f5 100644 --- a/auto-discovery/kubernetes/.vscode/tasks.json +++ b/auto-discovery/kubernetes/.vscode/tasks.json @@ -1,11 +1,14 @@ { - "version": "2.0.0", - "tasks": [ - { - "label": "makefileMagic", - "command": "bash", - "args": ["-c", "source ${workspaceFolder}/testbin/setup-envtest.sh && fetch_envtest_tools ${workspaceFolder}/testbin && setup_envtest_env ${workspaceFolder}/testbin"], - "type": "shell" - }, -] -} \ No newline at end of file + "version": "2.0.0", + "tasks": [ + { + "label": "makefileMagic", + "command": "bash", + "args": [ + "-c", + "source ${workspaceFolder}/testbin/setup-envtest.sh && fetch_envtest_tools ${workspaceFolder}/testbin && setup_envtest_env ${workspaceFolder}/testbin" + ], + "type": "shell" + } + ] +} diff --git a/auto-discovery/kubernetes/config/crd/kustomization.yaml b/auto-discovery/kubernetes/config/crd/kustomization.yaml index 77c8315e22..c1b2237296 100644 --- a/auto-discovery/kubernetes/config/crd/kustomization.yaml +++ b/auto-discovery/kubernetes/config/crd/kustomization.yaml @@ -6,7 +6,7 @@ # since it depends on service name and namespace that are out of this kustomize package. # It should be run by config/default resources: -- bases/config.securecodebox.io_autodiscoveryconfigs.yaml + - bases/config.securecodebox.io_autodiscoveryconfigs.yaml #+kubebuilder:scaffold:crdkustomizeresource patchesStrategicMerge: @@ -22,4 +22,4 @@ patchesStrategicMerge: # the following config is for teaching kustomize how to do kustomization for CRDs. configurations: -- kustomizeconfig.yaml + - kustomizeconfig.yaml diff --git a/auto-discovery/kubernetes/config/crd/kustomizeconfig.yaml b/auto-discovery/kubernetes/config/crd/kustomizeconfig.yaml index b30e04dec3..8dd4fc814a 100644 --- a/auto-discovery/kubernetes/config/crd/kustomizeconfig.yaml +++ b/auto-discovery/kubernetes/config/crd/kustomizeconfig.yaml @@ -4,20 +4,20 @@ # This file is for teaching kustomize how to substitute name and namespace reference in CRD nameReference: -- kind: Service - version: v1 - fieldSpecs: - - kind: CustomResourceDefinition + - kind: Service version: v1 - group: apiextensions.k8s.io - path: spec/conversion/webhook/clientConfig/service/name + fieldSpecs: + - kind: CustomResourceDefinition + version: v1 + group: apiextensions.k8s.io + path: spec/conversion/webhook/clientConfig/service/name namespace: -- kind: CustomResourceDefinition - version: v1 - group: apiextensions.k8s.io - path: spec/conversion/webhook/clientConfig/service/namespace - create: false + - kind: CustomResourceDefinition + version: v1 + group: apiextensions.k8s.io + path: spec/conversion/webhook/clientConfig/service/namespace + create: false varReference: -- path: metadata/annotations + - path: metadata/annotations diff --git a/auto-discovery/kubernetes/config/default/kustomization.yaml b/auto-discovery/kubernetes/config/default/kustomization.yaml index d8baf204ff..7b2c5bd5cf 100644 --- a/auto-discovery/kubernetes/config/default/kustomization.yaml +++ b/auto-discovery/kubernetes/config/default/kustomization.yaml @@ -17,9 +17,9 @@ namePrefix: auto-discovery- # someName: someValue bases: -- ../crd -- ../rbac -- ../manager + - ../crd + - ../rbac + - ../manager # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml #- ../webhook @@ -29,14 +29,14 @@ bases: #- ../prometheus patchesStrategicMerge: -# Protect the /metrics endpoint by putting it behind auth. -# If you want your controller-manager to expose the /metrics -# endpoint w/o any authn/z, please comment the following line. -- manager_auth_proxy_patch.yaml + # Protect the /metrics endpoint by putting it behind auth. + # If you want your controller-manager to expose the /metrics + # endpoint w/o any authn/z, please comment the following line. + - manager_auth_proxy_patch.yaml -# Mount the controller config file for loading manager configurations -# through a ComponentConfig type -- manager_config_patch.yaml + # Mount the controller config file for loading manager configurations + # through a ComponentConfig type + - manager_config_patch.yaml # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml diff --git a/auto-discovery/kubernetes/config/default/manager_auth_proxy_patch.yaml b/auto-discovery/kubernetes/config/default/manager_auth_proxy_patch.yaml index 4bfcd6e0a4..1e9dabf955 100644 --- a/auto-discovery/kubernetes/config/default/manager_auth_proxy_patch.yaml +++ b/auto-discovery/kubernetes/config/default/manager_auth_proxy_patch.yaml @@ -13,13 +13,13 @@ spec: template: spec: containers: - - name: kube-rbac-proxy - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 - args: - - "--secure-listen-address=0.0.0.0:8443" - - "--upstream=http://127.0.0.1:8080/" - - "--logtostderr=true" - - "--v=10" - ports: - - containerPort: 8443 - name: https + - name: kube-rbac-proxy + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 + args: + - "--secure-listen-address=0.0.0.0:8443" + - "--upstream=http://127.0.0.1:8080/" + - "--logtostderr=true" + - "--v=10" + ports: + - containerPort: 8443 + name: https diff --git a/auto-discovery/kubernetes/config/default/manager_config_patch.yaml b/auto-discovery/kubernetes/config/default/manager_config_patch.yaml index b6a879aa46..5e13c8a0e8 100644 --- a/auto-discovery/kubernetes/config/default/manager_config_patch.yaml +++ b/auto-discovery/kubernetes/config/default/manager_config_patch.yaml @@ -11,14 +11,14 @@ spec: template: spec: containers: - - name: manager - args: - - "--config=controller_manager_config.yaml" - volumeMounts: - - name: manager-config - mountPath: /controller_manager_config.yaml - subPath: controller_manager_config.yaml + - name: manager + args: + - "--config=controller_manager_config.yaml" + volumeMounts: + - name: manager-config + mountPath: /controller_manager_config.yaml + subPath: controller_manager_config.yaml volumes: - - name: manager-config - configMap: - name: manager-config + - name: manager-config + configMap: + name: manager-config diff --git a/auto-discovery/kubernetes/config/manager/kustomization.yaml b/auto-discovery/kubernetes/config/manager/kustomization.yaml index c2c33660fb..d455579b11 100644 --- a/auto-discovery/kubernetes/config/manager/kustomization.yaml +++ b/auto-discovery/kubernetes/config/manager/kustomization.yaml @@ -3,12 +3,12 @@ # SPDX-License-Identifier: Apache-2.0 resources: -- manager.yaml + - manager.yaml generatorOptions: disableNameSuffixHash: true configMapGenerator: -- name: manager-config - files: - - controller_manager_config.yaml + - name: manager-config + files: + - controller_manager_config.yaml diff --git a/auto-discovery/kubernetes/config/manager/manager.yaml b/auto-discovery/kubernetes/config/manager/manager.yaml index 960479e97c..8ed5badc44 100644 --- a/auto-discovery/kubernetes/config/manager/manager.yaml +++ b/auto-discovery/kubernetes/config/manager/manager.yaml @@ -29,30 +29,30 @@ spec: securityContext: runAsNonRoot: true containers: - - command: - - /manager - image: controller:latest - name: manager - securityContext: - allowPrivilegeEscalation: false - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - limits: - cpu: 100m - memory: 30Mi - requests: - cpu: 100m - memory: 20Mi + - command: + - /manager + image: controller:latest + name: manager + securityContext: + allowPrivilegeEscalation: false + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 100m + memory: 30Mi + requests: + cpu: 100m + memory: 20Mi serviceAccountName: controller-manager terminationGracePeriodSeconds: 10 diff --git a/auto-discovery/kubernetes/config/prometheus/kustomization.yaml b/auto-discovery/kubernetes/config/prometheus/kustomization.yaml index aaba225dbd..11af4f65da 100644 --- a/auto-discovery/kubernetes/config/prometheus/kustomization.yaml +++ b/auto-discovery/kubernetes/config/prometheus/kustomization.yaml @@ -3,4 +3,4 @@ # SPDX-License-Identifier: Apache-2.0 resources: -- monitor.yaml + - monitor.yaml diff --git a/auto-discovery/kubernetes/config/rbac/auth_proxy_client_clusterrole.yaml b/auto-discovery/kubernetes/config/rbac/auth_proxy_client_clusterrole.yaml index 5b1cbb1598..c206962f74 100644 --- a/auto-discovery/kubernetes/config/rbac/auth_proxy_client_clusterrole.yaml +++ b/auto-discovery/kubernetes/config/rbac/auth_proxy_client_clusterrole.yaml @@ -7,7 +7,7 @@ kind: ClusterRole metadata: name: metrics-reader rules: -- nonResourceURLs: - - "/metrics" - verbs: - - get + - nonResourceURLs: + - "/metrics" + verbs: + - get diff --git a/auto-discovery/kubernetes/config/rbac/auth_proxy_role.yaml b/auto-discovery/kubernetes/config/rbac/auth_proxy_role.yaml index 5ec88dcca4..fda97db057 100644 --- a/auto-discovery/kubernetes/config/rbac/auth_proxy_role.yaml +++ b/auto-discovery/kubernetes/config/rbac/auth_proxy_role.yaml @@ -7,15 +7,15 @@ kind: ClusterRole metadata: name: proxy-role rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create diff --git a/auto-discovery/kubernetes/config/rbac/auth_proxy_role_binding.yaml b/auto-discovery/kubernetes/config/rbac/auth_proxy_role_binding.yaml index 1d52aa5c7c..7a3b7242de 100644 --- a/auto-discovery/kubernetes/config/rbac/auth_proxy_role_binding.yaml +++ b/auto-discovery/kubernetes/config/rbac/auth_proxy_role_binding.yaml @@ -11,6 +11,6 @@ roleRef: kind: ClusterRole name: proxy-role subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system + - kind: ServiceAccount + name: controller-manager + namespace: system diff --git a/auto-discovery/kubernetes/config/rbac/auth_proxy_service.yaml b/auto-discovery/kubernetes/config/rbac/auth_proxy_service.yaml index 019cc18dc9..dbb1a72b43 100644 --- a/auto-discovery/kubernetes/config/rbac/auth_proxy_service.yaml +++ b/auto-discovery/kubernetes/config/rbac/auth_proxy_service.yaml @@ -11,8 +11,8 @@ metadata: namespace: system spec: ports: - - name: https - port: 8443 - targetPort: https + - name: https + port: 8443 + targetPort: https selector: control-plane: controller-manager diff --git a/auto-discovery/kubernetes/config/rbac/autodiscoveryconfig_editor_role.yaml b/auto-discovery/kubernetes/config/rbac/autodiscoveryconfig_editor_role.yaml index cd341a1201..1f46d96e8c 100644 --- a/auto-discovery/kubernetes/config/rbac/autodiscoveryconfig_editor_role.yaml +++ b/auto-discovery/kubernetes/config/rbac/autodiscoveryconfig_editor_role.yaml @@ -8,21 +8,21 @@ kind: ClusterRole metadata: name: autodiscoveryconfig-editor-role rules: -- apiGroups: - - config.securecodebox.io - resources: - - autodiscoveryconfigs - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - config.securecodebox.io - resources: - - autodiscoveryconfigs/status - verbs: - - get + - apiGroups: + - config.securecodebox.io + resources: + - autodiscoveryconfigs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - config.securecodebox.io + resources: + - autodiscoveryconfigs/status + verbs: + - get diff --git a/auto-discovery/kubernetes/config/rbac/autodiscoveryconfig_viewer_role.yaml b/auto-discovery/kubernetes/config/rbac/autodiscoveryconfig_viewer_role.yaml index d9f473ee3e..0d4dc400ec 100644 --- a/auto-discovery/kubernetes/config/rbac/autodiscoveryconfig_viewer_role.yaml +++ b/auto-discovery/kubernetes/config/rbac/autodiscoveryconfig_viewer_role.yaml @@ -8,17 +8,17 @@ kind: ClusterRole metadata: name: autodiscoveryconfig-viewer-role rules: -- apiGroups: - - config.securecodebox.io - resources: - - autodiscoveryconfigs - verbs: - - get - - list - - watch -- apiGroups: - - config.securecodebox.io - resources: - - autodiscoveryconfigs/status - verbs: - - get + - apiGroups: + - config.securecodebox.io + resources: + - autodiscoveryconfigs + verbs: + - get + - list + - watch + - apiGroups: + - config.securecodebox.io + resources: + - autodiscoveryconfigs/status + verbs: + - get diff --git a/auto-discovery/kubernetes/config/rbac/kustomization.yaml b/auto-discovery/kubernetes/config/rbac/kustomization.yaml index dc31a5d2fb..ce0e1a4157 100644 --- a/auto-discovery/kubernetes/config/rbac/kustomization.yaml +++ b/auto-discovery/kubernetes/config/rbac/kustomization.yaml @@ -3,20 +3,20 @@ # SPDX-License-Identifier: Apache-2.0 resources: -# All RBAC will be applied under this service account in -# the deployment namespace. You may comment out this resource -# if your manager will use a service account that exists at -# runtime. Be sure to update RoleBinding and ClusterRoleBinding -# subjects if changing service account names. -- service_account.yaml -- role.yaml -- role_binding.yaml -- leader_election_role.yaml -- leader_election_role_binding.yaml -# Comment the following 4 lines if you want to disable -# the auth proxy (https://github.com/brancz/kube-rbac-proxy) -# which protects your /metrics endpoint. -- auth_proxy_service.yaml -- auth_proxy_role.yaml -- auth_proxy_role_binding.yaml -- auth_proxy_client_clusterrole.yaml + # All RBAC will be applied under this service account in + # the deployment namespace. You may comment out this resource + # if your manager will use a service account that exists at + # runtime. Be sure to update RoleBinding and ClusterRoleBinding + # subjects if changing service account names. + - service_account.yaml + - role.yaml + - role_binding.yaml + - leader_election_role.yaml + - leader_election_role_binding.yaml + # Comment the following 4 lines if you want to disable + # the auth proxy (https://github.com/brancz/kube-rbac-proxy) + # which protects your /metrics endpoint. + - auth_proxy_service.yaml + - auth_proxy_role.yaml + - auth_proxy_role_binding.yaml + - auth_proxy_client_clusterrole.yaml diff --git a/auto-discovery/kubernetes/config/rbac/leader_election_role.yaml b/auto-discovery/kubernetes/config/rbac/leader_election_role.yaml index 6efd65a7d3..35ee462bcc 100644 --- a/auto-discovery/kubernetes/config/rbac/leader_election_role.yaml +++ b/auto-discovery/kubernetes/config/rbac/leader_election_role.yaml @@ -8,34 +8,34 @@ kind: Role metadata: name: leader-election-role rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch diff --git a/auto-discovery/kubernetes/config/rbac/leader_election_role_binding.yaml b/auto-discovery/kubernetes/config/rbac/leader_election_role_binding.yaml index ddd50b6ca2..87d45b3105 100644 --- a/auto-discovery/kubernetes/config/rbac/leader_election_role_binding.yaml +++ b/auto-discovery/kubernetes/config/rbac/leader_election_role_binding.yaml @@ -11,6 +11,6 @@ roleRef: kind: Role name: leader-election-role subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system + - kind: ServiceAccount + name: controller-manager + namespace: system diff --git a/auto-discovery/kubernetes/config/rbac/role_binding.yaml b/auto-discovery/kubernetes/config/rbac/role_binding.yaml index aa7e8255ed..2a3c402cee 100644 --- a/auto-discovery/kubernetes/config/rbac/role_binding.yaml +++ b/auto-discovery/kubernetes/config/rbac/role_binding.yaml @@ -11,6 +11,6 @@ roleRef: kind: ClusterRole name: manager-role subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system + - kind: ServiceAccount + name: controller-manager + namespace: system diff --git a/auto-discovery/kubernetes/controllers/container_scan_controller_test.go b/auto-discovery/kubernetes/controllers/container_scan_controller_test.go index e7e37633a2..d0dafecead 100644 --- a/auto-discovery/kubernetes/controllers/container_scan_controller_test.go +++ b/auto-discovery/kubernetes/controllers/container_scan_controller_test.go @@ -59,7 +59,7 @@ var _ = Describe("ContainerScan controller", func() { []string{"-p", "default"}, } - It("Should create a single scheduledscan for every container with the same imageID in the deplyoment", func() { + It("Should create a single scheduledscan for every container with the same imageID in the deployment", func() { createNamespace(ctx, namespace) fakeDeployment := map[string]string{"bkimminich/juice-shop": "9342db143db5804dee3e64ff789be6ad8dd94f0491b2f50fa67c78be204081e2", diff --git a/auto-discovery/kubernetes/controllers/service_scan_controller.go b/auto-discovery/kubernetes/controllers/service_scan_controller.go index 1b4bebd48a..ba083bf944 100644 --- a/auto-discovery/kubernetes/controllers/service_scan_controller.go +++ b/auto-discovery/kubernetes/controllers/service_scan_controller.go @@ -155,7 +155,7 @@ func (r *ServiceScanReconciler) Reconcile(ctx context.Context, req ctrl.Request) // service was never scanned log.Info("Discovered new unscanned service, scanning it now", "service", service.Name, "namespace", service.Namespace) - // label is added after the initial query as it was added later and isn't garanteed to be on every auto-discovery managed scan. + // label is added after the initial query as it was added later and isn't guaranteed to be on every auto-discovery managed scan. versionedLabels["app.kubernetes.io/managed-by"] = "securecodebox-autodiscovery" versionedLabels = generateScanLabels(versionedLabels, r.Config.ServiceAutoDiscoveryConfig.ScanConfig, templateArgs) @@ -207,7 +207,7 @@ func (r *ServiceScanReconciler) Reconcile(ctx context.Context, req ctrl.Request) // Service was scanned before, but for a different version log.Info("Previously scanned service was updated. Repeating scan now.", "service", service.Name, "scheduledScan", previousScan.Name, "namespace", service.Namespace) - // label is added after the initial query as it was added later and isn't garanteed to be on every auto-discovery managed scan. + // label is added after the initial query as it was added later and isn't guaranteed to be on every auto-discovery managed scan. versionedLabels["app.kubernetes.io/managed-by"] = "securecodebox-autodiscovery" versionedLabels = generateScanLabels(versionedLabels, r.Config.ServiceAutoDiscoveryConfig.ScanConfig, templateArgs) diff --git a/auto-discovery/kubernetes/demo/install-dependencies.sh b/auto-discovery/kubernetes/demo/install-dependencies.sh index 690965706a..930d0d92ec 100755 --- a/auto-discovery/kubernetes/demo/install-dependencies.sh +++ b/auto-discovery/kubernetes/demo/install-dependencies.sh @@ -5,7 +5,7 @@ kubectl apply -f https://raw.githubusercontent.com/fluxcd/helm-operator/1.2.0/deploy/crds.yaml helm repo add fluxcd https://charts.fluxcd.io helm upgrade -i helm-operator fluxcd/helm-operator \ - --set helm.versions=v3 \ - --version 1.2.0 \ - --namespace helm-operator \ - --create-namespace + --set helm.versions=v3 \ + --version 1.2.0 \ + --namespace helm-operator \ + --create-namespace diff --git a/auto-discovery/kubernetes/templates/rbac/leader_election_role_binding.yaml b/auto-discovery/kubernetes/templates/rbac/leader_election_role_binding.yaml index 12743b2060..1f3d426be6 100644 --- a/auto-discovery/kubernetes/templates/rbac/leader_election_role_binding.yaml +++ b/auto-discovery/kubernetes/templates/rbac/leader_election_role_binding.yaml @@ -11,6 +11,6 @@ roleRef: kind: Role name: auto-discovery-leader-election-role subjects: -- kind: ServiceAccount - name: auto-discovery - namespace: {{ .Release.Namespace }} + - kind: ServiceAccount + name: auto-discovery + namespace: { { .Release.Namespace } } diff --git a/auto-discovery/kubernetes/templates/rbac/role_binding.yaml b/auto-discovery/kubernetes/templates/rbac/role_binding.yaml index 901c93acd8..6378f12736 100644 --- a/auto-discovery/kubernetes/templates/rbac/role_binding.yaml +++ b/auto-discovery/kubernetes/templates/rbac/role_binding.yaml @@ -11,6 +11,6 @@ roleRef: kind: ClusterRole name: auto-discovery subjects: -- kind: ServiceAccount - name: auto-discovery - namespace: {{ .Release.Namespace }} + - kind: ServiceAccount + name: auto-discovery + namespace: { { .Release.Namespace } } diff --git a/bin/add-license-header.sh b/bin/add-license-header.sh index 75b613234e..83140d5475 100755 --- a/bin/add-license-header.sh +++ b/bin/add-license-header.sh @@ -35,11 +35,11 @@ else fi for file in $FILES; do - echo "Adding HEADER to file: $file" - docker run --rm --volume $(pwd):/data fsfe/reuse addheader \ - --copyright "iteratec GmbH" \ - --year 2021 \ - --license "Apache-2.0" \ - --skip-unrecognised \ - "$file" + echo "Adding HEADER to file: $file" + docker run --rm --volume $(pwd):/data fsfe/reuse addheader \ + --copyright "iteratec GmbH" \ + --year 2021 \ + --license "Apache-2.0" \ + --skip-unrecognised \ + "$file" done diff --git a/bin/install-minikube.sh b/bin/install-minikube.sh index 49b4b8be76..4588fbcf6b 100755 --- a/bin/install-minikube.sh +++ b/bin/install-minikube.sh @@ -61,11 +61,11 @@ add_apt_key() { add_apt_source() { local src="${1}" local destination="${2}" - echo "${src}" > "/etc/apt/sources.list.d/${destination}.list" + echo "${src}" >"/etc/apt/sources.list.d/${destination}.list" } # Install minikube (https://minikube.sigs.k8s.io/docs/start/) -donwload_and_install_minikube() { +download_and_install_minikube() { curl -sSLo "${MINIKUBE_DEB_PATH}" "https://storage.googleapis.com/minikube/releases/latest/${MINIKUBE_DEB_FILE}" dpkg -i "${MINIKUBE_DEB_PATH}" } @@ -81,7 +81,7 @@ apt-get install -y \ kubectl \ helm -donwload_and_install_minikube +download_and_install_minikube systemctl start docker usermod -a -G docker vagrant diff --git a/bin/install.sh b/bin/install.sh index 6d126d71e1..8dabff9319 100755 --- a/bin/install.sh +++ b/bin/install.sh @@ -28,8 +28,8 @@ COLOR_ERROR="\e[31m" COLOR_RESET="\e[0m" # @see: http://wiki.bash-hackers.org/syntax/shellvars -[ -z "${SCRIPT_DIRECTORY:-}" ] \ - && SCRIPT_DIRECTORY="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )" +[ -z "${SCRIPT_DIRECTORY:-}" ] && + SCRIPT_DIRECTORY="$(cd "$(dirname "${BASH_SOURCE[0]}")" >/dev/null && pwd)" BASE_DIR=$(dirname "${SCRIPT_DIRECTORY}") @@ -57,7 +57,8 @@ function print() { function printHelp() { local help - help=$(cat <<- EOT + help=$( + cat <<-EOT $USAGE The installation is interactive if no arguments are provided. @@ -146,8 +147,8 @@ function installResources() { if [[ $unattended == 'true' ]]; then for resource in "${resources[@]}"; do - helm upgrade --install -n "$namespace" "$resource" secureCodeBox/"$resource" \ - || print "$COLOR_ERROR" "Installation of '$resource' failed" + helm upgrade --install -n "$namespace" "$resource" secureCodeBox/"$resource" || + print "$COLOR_ERROR" "Installation of '$resource' failed" done else @@ -157,8 +158,8 @@ function installResources() { read -r line if [[ $line == *[Yy] ]]; then - helm upgrade --install -n "$namespace" "$resource" secureCodeBox/"$resource" \ - || print "$COLOR_ERROR" "Installation of '$resource' failed" + helm upgrade --install -n "$namespace" "$resource" secureCodeBox/"$resource" || + print "$COLOR_ERROR" "Installation of '$resource' failed" fi done fi @@ -250,43 +251,43 @@ function unattendedInstall() { function parseArguments() { if [[ $# == 0 ]]; then - INSTALL_INTERACTIVE='true' - return + INSTALL_INTERACTIVE='true' + return fi - while (( "$#" )); do - case "$1" in - --scanners) - INSTALL_SCANNERS='true' - shift # Pop current argument from array - ;; - --demo-targets) - INSTALL_DEMO_TARGETS='true' - shift - ;; - --hooks) - INSTALL_HOOKS='true' - shift - ;; - --all) - INSTALL_SCANNERS='true' - INSTALL_DEMO_TARGETS='true' - INSTALL_HOOKS='true' - shift - ;; - -h|--help) - printHelp - exit - ;; - --*) # unsupported flags - print "Error: Unsupported flag $1" >&2 - print "$USAGE" - exit 1 - ;; - *) # preserve positional arguments - shift - ;; - esac + while (("$#")); do + case "$1" in + --scanners) + INSTALL_SCANNERS='true' + shift # Pop current argument from array + ;; + --demo-targets) + INSTALL_DEMO_TARGETS='true' + shift + ;; + --hooks) + INSTALL_HOOKS='true' + shift + ;; + --all) + INSTALL_SCANNERS='true' + INSTALL_DEMO_TARGETS='true' + INSTALL_HOOKS='true' + shift + ;; + -h | --help) + printHelp + exit + ;; + --*) # unsupported flags + print "Error: Unsupported flag $1" >&2 + print "$USAGE" + exit 1 + ;; + *) # preserve positional arguments + shift + ;; + esac done } @@ -315,7 +316,7 @@ helm repo add secureCodeBox https://charts.securecodebox.io createNamespaceAndInstallOperator if [[ -n "${INSTALL_INTERACTIVE}" ]]; then - interactiveInstall + interactiveInstall else - unattendedInstall + unattendedInstall fi diff --git a/bin/minio-port-forward.sh b/bin/minio-port-forward.sh index 8d68b76fee..792e2d2028 100755 --- a/bin/minio-port-forward.sh +++ b/bin/minio-port-forward.sh @@ -36,25 +36,25 @@ function print() { fi } -if [[ "$#" -eq 2 ]]; then - if [[ $1 = "-p" || $1 = "--port" ]]; then - HOST_PORT=$2 - print "Using host port $HOST_PORT" +if [[ "$#" -eq 2 ]]; then + if [[ $1 = "-p" || $1 = "--port" ]]; then + HOST_PORT=$2 + print "Using host port $HOST_PORT" fi else - print "No port with option -p set. Using default host port 9000" + print "No port with option -p set. Using default host port 9000" fi print "$COLOR_EMPHASIS" "Starting minio instance on localhost:9000..\n" print "Your access key: " -ACCESS_KEY=$(kubectl get secret securecodebox-operator-minio -n securecodebox-system -o=jsonpath='{.data.accesskey}' \ -| base64 --decode;) +ACCESS_KEY=$(kubectl get secret securecodebox-operator-minio -n securecodebox-system -o=jsonpath='{.data.accesskey}' | + base64 --decode) print "$COLOR_EMPHASIS" "$ACCESS_KEY" print "Your secret key: " -SECRET_KEY=$(kubectl get secret securecodebox-operator-minio -n securecodebox-system -o=jsonpath='{.data.secretkey}' \ -| base64 --decode;) +SECRET_KEY=$(kubectl get secret securecodebox-operator-minio -n securecodebox-system -o=jsonpath='{.data.secretkey}' | + base64 --decode) print "$COLOR_EMPHASIS" "$SECRET_KEY" kubectl port-forward -n securecodebox-system service/securecodebox-operator-minio "$HOST_PORT":9000 diff --git a/bin/npm-audit-fix-all.sh b/bin/npm-audit-fix-all.sh index cc7125639e..495156adaf 100755 --- a/bin/npm-audit-fix-all.sh +++ b/bin/npm-audit-fix-all.sh @@ -7,10 +7,10 @@ echo "Running 'npm audit fix' in all directories containing a package-lock.json" find . -type f -name package-lock.json -print0 | while IFS= read -r -d '' chart; do -( + ( dir="$(dirname "${chart}")" cd "${dir}" || exit echo "Running 'npm audit fix' in $dir" npm audit fix -) + ) done diff --git a/bin/npm-check-updates.sh b/bin/npm-check-updates.sh index 1b80a56bca..ef024aacaf 100755 --- a/bin/npm-check-updates.sh +++ b/bin/npm-check-updates.sh @@ -5,10 +5,9 @@ # the `package-lock.json` using `npm i` pkgs=$(find . -type f -name package-lock.json) -for pkg in $pkgs -do - dir=$(dirname $pkg); - cd $dir; - ncu -u -t minor; - npm i; +for pkg in $pkgs; do + dir=$(dirname $pkg) + cd $dir + ncu -u -t minor + npm i done diff --git a/bin/uninstall.sh b/bin/uninstall.sh index 6a9b4b6b9a..1611dffa20 100755 --- a/bin/uninstall.sh +++ b/bin/uninstall.sh @@ -14,8 +14,8 @@ set -eu shopt -s extglob # @see: http://wiki.bash-hackers.org/syntax/shellvars -[ -z "${SCRIPT_DIRECTORY:-}" ] \ - && SCRIPT_DIRECTORY="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )" +[ -z "${SCRIPT_DIRECTORY:-}" ] && + SCRIPT_DIRECTORY="$(cd "$(dirname "${BASH_SOURCE[0]}")" >/dev/null && pwd)" BASE_DIR=$(dirname "${SCRIPT_DIRECTORY}") diff --git a/demo-targets/bodgeit/container/docker-compose.yml b/demo-targets/bodgeit/container/docker-compose.yml index 1fd2ea1452..18847da8db 100644 --- a/demo-targets/bodgeit/container/docker-compose.yml +++ b/demo-targets/bodgeit/container/docker-compose.yml @@ -5,7 +5,7 @@ version: "3.8" services: bodgeit: - image: psiinon/bodgeit:latest + image: psiinon/bodgeit:latest ports: - 8080:8080 -# Website will be available under http://localhost:8080/bodgeit \ No newline at end of file +# Website will be available under http://localhost:8080/bodgeit diff --git a/demo-targets/bodgeit/templates/service.yaml b/demo-targets/bodgeit/templates/service.yaml index dcbfc5d7f7..6d75cef260 100644 --- a/demo-targets/bodgeit/templates/service.yaml +++ b/demo-targets/bodgeit/templates/service.yaml @@ -5,17 +5,14 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "bodgeit.fullname" . }} - labels: - {{- include "bodgeit.labels" . | nindent 4 }} - annotations: - {{- include "bodgeit.annotations" . | nindent 4 }} + name: { { include "bodgeit.fullname" . } } + labels: { { - include "bodgeit.labels" . | nindent 4 } } + annotations: { { - include "bodgeit.annotations" . | nindent 4 } } spec: - type: {{ .Values.service.type }} + type: { { .Values.service.type } } ports: - - port: {{ .Values.service.port }} + - port: { { .Values.service.port } } targetPort: http protocol: TCP name: http - selector: - {{- include "bodgeit.selectorLabels" . | nindent 4 }} + selector: { { - include "bodgeit.selectorLabels" . | nindent 4 } } diff --git a/demo-targets/bodgeit/values.yaml b/demo-targets/bodgeit/values.yaml index 36567e522e..daf5cc1ad0 100644 --- a/demo-targets/bodgeit/values.yaml +++ b/demo-targets/bodgeit/values.yaml @@ -29,10 +29,12 @@ labels: {} # -- add annotations to the deployment, service and pods annotations: {} -podSecurityContext: {} +podSecurityContext: + {} # fsGroup: 2000 -securityContext: {} +securityContext: + {} # capabilities: # drop: # - ALL @@ -46,7 +48,8 @@ service: ingress: enabled: false - annotations: {} + annotations: + {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" hosts: @@ -57,7 +60,8 @@ ingress: # hosts: # - chart-example.local -resources: {} +resources: + {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following diff --git a/demo-targets/dummy-ssh/templates/service.yaml b/demo-targets/dummy-ssh/templates/service.yaml index 19336e926e..a935ef9efa 100644 --- a/demo-targets/dummy-ssh/templates/service.yaml +++ b/demo-targets/dummy-ssh/templates/service.yaml @@ -5,17 +5,14 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "dummy-ssh.fullname" . }} - labels: - {{- include "dummy-ssh.labels" . | nindent 4 }} - annotations: - {{- include "dummy-ssh.annotations" . | nindent 4 }} + name: { { include "dummy-ssh.fullname" . } } + labels: { { - include "dummy-ssh.labels" . | nindent 4 } } + annotations: { { - include "dummy-ssh.annotations" . | nindent 4 } } spec: - type: {{ .Values.service.type }} + type: { { .Values.service.type } } ports: - - port: {{ .Values.service.port }} + - port: { { .Values.service.port } } targetPort: ssh protocol: TCP name: ssh - selector: - {{- include "dummy-ssh.selectorLabels" . | nindent 4 }} + selector: { { - include "dummy-ssh.selectorLabels" . | nindent 4 } } diff --git a/demo-targets/dummy-ssh/values.yaml b/demo-targets/dummy-ssh/values.yaml index c268bdbefd..bb890b638f 100644 --- a/demo-targets/dummy-ssh/values.yaml +++ b/demo-targets/dummy-ssh/values.yaml @@ -28,10 +28,12 @@ labels: {} # -- add annotations to the deployment, service and pods annotations: {} -podSecurityContext: {} +podSecurityContext: + {} # fsGroup: 2000 -securityContext: {} +securityContext: + {} # capabilities: # drop: # - ALL @@ -43,7 +45,8 @@ service: type: ClusterIP port: 22 -resources: {} +resources: + {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following diff --git a/demo-targets/http-webhook/container/docker-compose.yml b/demo-targets/http-webhook/container/docker-compose.yml index 4a96a61928..7ba5b45e2f 100644 --- a/demo-targets/http-webhook/container/docker-compose.yml +++ b/demo-targets/http-webhook/container/docker-compose.yml @@ -5,10 +5,10 @@ version: "3.8" services: my-http-listener: - image: mendhak/http-https-echo:18 - environment: - - HTTP_PORT=8888 - - HTTPS_PORT=9999 - ports: - - "8080:8888" - - "8443:9999" \ No newline at end of file + image: mendhak/http-https-echo:18 + environment: + - HTTP_PORT=8888 + - HTTPS_PORT=9999 + ports: + - "8080:8888" + - "8443:9999" diff --git a/demo-targets/http-webhook/templates/service.yaml b/demo-targets/http-webhook/templates/service.yaml index 03df5fd299..bffaa070b1 100644 --- a/demo-targets/http-webhook/templates/service.yaml +++ b/demo-targets/http-webhook/templates/service.yaml @@ -5,17 +5,14 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "http-webhook.fullname" . }} - labels: - {{- include "http-webhook.labels" . | nindent 4 }} - annotations: - {{- include "http-webhook.annotations" . | nindent 4 }} + name: { { include "http-webhook.fullname" . } } + labels: { { - include "http-webhook.labels" . | nindent 4 } } + annotations: { { - include "http-webhook.annotations" . | nindent 4 } } spec: - type: {{ .Values.service.type }} + type: { { .Values.service.type } } ports: - - port: {{ .Values.service.port }} + - port: { { .Values.service.port } } targetPort: http protocol: TCP name: http - selector: - {{- include "http-webhook.selectorLabels" . | nindent 4 }} + selector: { { - include "http-webhook.selectorLabels" . | nindent 4 } } diff --git a/demo-targets/http-webhook/values.yaml b/demo-targets/http-webhook/values.yaml index f794410d4d..031426ef75 100644 --- a/demo-targets/http-webhook/values.yaml +++ b/demo-targets/http-webhook/values.yaml @@ -40,10 +40,12 @@ serviceAccount: # -- deprecated. use `labels` instead. Will be removed in v3. todo(@J12934) remove podAnnotations in v3 podAnnotations: {} -podSecurityContext: {} +podSecurityContext: + {} # fsGroup: 2000 -securityContext: {} +securityContext: + {} # capabilities: # drop: # - ALL @@ -57,7 +59,8 @@ service: ingress: enabled: false - annotations: {} + annotations: + {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" hosts: @@ -68,7 +71,8 @@ ingress: # hosts: # - chart-example.local -resources: {} +resources: + {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following diff --git a/demo-targets/juice-shop/container/docker-compose.yml b/demo-targets/juice-shop/container/docker-compose.yml index 54eeaa8871..7ffd2a7aac 100644 --- a/demo-targets/juice-shop/container/docker-compose.yml +++ b/demo-targets/juice-shop/container/docker-compose.yml @@ -8,4 +8,4 @@ services: image: bkimminich/juice-shop:v12.8.1 ports: - 3000:3000 -# Website will be available under http://localhost:3000/ +# Website will be available under http://localhost:3000/ diff --git a/demo-targets/juice-shop/templates/service.yaml b/demo-targets/juice-shop/templates/service.yaml index 39f43bda09..95cbe17968 100644 --- a/demo-targets/juice-shop/templates/service.yaml +++ b/demo-targets/juice-shop/templates/service.yaml @@ -5,17 +5,14 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "juice-shop.fullname" . }} - labels: - {{- include "juice-shop.labels" . | nindent 4 }} - annotations: - {{- include "juice-shop.annotations" . | nindent 4 }} + name: { { include "juice-shop.fullname" . } } + labels: { { - include "juice-shop.labels" . | nindent 4 } } + annotations: { { - include "juice-shop.annotations" . | nindent 4 } } spec: - type: {{ .Values.service.type }} + type: { { .Values.service.type } } ports: - - port: {{ .Values.service.port }} + - port: { { .Values.service.port } } targetPort: http protocol: TCP name: http - selector: - {{- include "juice-shop.selectorLabels" . | nindent 4 }} + selector: { { - include "juice-shop.selectorLabels" . | nindent 4 } } diff --git a/demo-targets/juice-shop/values.yaml b/demo-targets/juice-shop/values.yaml index 160def6f40..3c3fd2239b 100644 --- a/demo-targets/juice-shop/values.yaml +++ b/demo-targets/juice-shop/values.yaml @@ -24,7 +24,8 @@ fullnameOverride: "" # -- add custom environment variables to the juice-shop container # ref: https://pwning.owasp-juice.shop/part1/customization.html -containerEnv: [] +containerEnv: + [] # - name: NODE_ENV # value: bodgeit @@ -47,10 +48,12 @@ labels: {} # -- add annotations to the deployment, service and pods annotations: {} -podSecurityContext: {} +podSecurityContext: + {} # fsGroup: 2000 -securityContext: {} +securityContext: + {} # capabilities: # drop: # - ALL @@ -64,7 +67,8 @@ service: ingress: enabled: false - annotations: {} + annotations: + {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" hosts: @@ -75,7 +79,8 @@ ingress: # hosts: # - chart-example.local -resources: {} +resources: + {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following diff --git a/demo-targets/old-joomla/templates/service.yaml b/demo-targets/old-joomla/templates/service.yaml index ddbebb0aac..d731931492 100644 --- a/demo-targets/old-joomla/templates/service.yaml +++ b/demo-targets/old-joomla/templates/service.yaml @@ -1,15 +1,13 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "old-joomla.fullname" . }} - labels: - {{- include "old-joomla.labels" . | nindent 4 }} + name: { { include "old-joomla.fullname" . } } + labels: { { - include "old-joomla.labels" . | nindent 4 } } spec: - type: {{ .Values.service.type }} + type: { { .Values.service.type } } ports: - - port: {{ .Values.service.port }} + - port: { { .Values.service.port } } targetPort: http protocol: TCP name: http - selector: - {{- include "old-joomla.selectorLabels" . | nindent 4 }} + selector: { { - include "old-joomla.selectorLabels" . | nindent 4 } } diff --git a/demo-targets/old-joomla/values.yaml b/demo-targets/old-joomla/values.yaml index 131c42fef6..1417c73428 100644 --- a/demo-targets/old-joomla/values.yaml +++ b/demo-targets/old-joomla/values.yaml @@ -27,10 +27,12 @@ labels: {} # -- add annotations to the deployment, service and pods annotations: {} -podSecurityContext: {} +podSecurityContext: + {} # fsGroup: 2000 -securityContext: {} +securityContext: + {} # capabilities: # drop: # - ALL @@ -41,10 +43,11 @@ securityContext: {} service: type: ClusterIP port: 80 - + ingress: enabled: false - annotations: {} + annotations: + {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" hosts: @@ -55,7 +58,8 @@ ingress: # hosts: # - chart-example.local -resources: {} +resources: + {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following diff --git a/demo-targets/old-typo3/templates/service.yaml b/demo-targets/old-typo3/templates/service.yaml index 31cecafcff..177527b8bb 100644 --- a/demo-targets/old-typo3/templates/service.yaml +++ b/demo-targets/old-typo3/templates/service.yaml @@ -1,15 +1,13 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "old-typo3.fullname" . }} - labels: - {{- include "old-typo3.labels" . | nindent 4 }} + name: { { include "old-typo3.fullname" . } } + labels: { { - include "old-typo3.labels" . | nindent 4 } } spec: - type: {{ .Values.service.type }} + type: { { .Values.service.type } } ports: - - port: {{ .Values.service.port }} + - port: { { .Values.service.port } } targetPort: http protocol: TCP name: http - selector: - {{- include "old-typo3.selectorLabels" . | nindent 4 }} + selector: { { - include "old-typo3.selectorLabels" . | nindent 4 } } diff --git a/demo-targets/old-typo3/values.yaml b/demo-targets/old-typo3/values.yaml index a9fd8a4f07..4766177760 100644 --- a/demo-targets/old-typo3/values.yaml +++ b/demo-targets/old-typo3/values.yaml @@ -27,10 +27,12 @@ labels: {} # -- add annotations to the deployment, service and pods annotations: {} -podSecurityContext: {} +podSecurityContext: + {} # fsGroup: 2000 -securityContext: {} +securityContext: + {} # capabilities: # drop: # - ALL @@ -41,10 +43,11 @@ securityContext: {} service: type: ClusterIP port: 80 - + ingress: enabled: false - annotations: {} + annotations: + {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" hosts: @@ -55,7 +58,8 @@ ingress: # hosts: # - chart-example.local -resources: {} +resources: + {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following diff --git a/demo-targets/old-wordpress/templates/service.yaml b/demo-targets/old-wordpress/templates/service.yaml index db43f0a65d..b0a401d0e9 100644 --- a/demo-targets/old-wordpress/templates/service.yaml +++ b/demo-targets/old-wordpress/templates/service.yaml @@ -5,17 +5,14 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "old-wordpress.fullname" . }} - labels: - {{- include "old-wordpress.labels" . | nindent 4 }} - annotations: - {{- include "old-wordpress.annotations" . | nindent 4 }} + name: { { include "old-wordpress.fullname" . } } + labels: { { - include "old-wordpress.labels" . | nindent 4 } } + annotations: { { - include "old-wordpress.annotations" . | nindent 4 } } spec: - type: {{ .Values.service.type }} + type: { { .Values.service.type } } ports: - - port: {{ .Values.service.port }} + - port: { { .Values.service.port } } targetPort: http protocol: TCP name: http - selector: - {{- include "old-wordpress.selectorLabels" . | nindent 4 }} + selector: { { - include "old-wordpress.selectorLabels" . | nindent 4 } } diff --git a/demo-targets/old-wordpress/values.yaml b/demo-targets/old-wordpress/values.yaml index 34883ecb68..3787bfa7f6 100644 --- a/demo-targets/old-wordpress/values.yaml +++ b/demo-targets/old-wordpress/values.yaml @@ -28,10 +28,12 @@ labels: {} # -- add annotations to the deployment, service and pods annotations: {} -podSecurityContext: {} +podSecurityContext: + {} # fsGroup: 2000 -securityContext: {} +securityContext: + {} # capabilities: # drop: # - ALL @@ -43,7 +45,8 @@ service: type: ClusterIP port: 80 -resources: {} +resources: + {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following diff --git a/demo-targets/swagger-petstore/container/docker-compose.yml b/demo-targets/swagger-petstore/container/docker-compose.yml index 6a4c4d9a5d..e32fe55143 100644 --- a/demo-targets/swagger-petstore/container/docker-compose.yml +++ b/demo-targets/swagger-petstore/container/docker-compose.yml @@ -8,4 +8,4 @@ services: image: swaggerapi/petstore3:unstable ports: - 8080:8080 -# Website will be available under http://localhost:8080/ +# Website will be available under http://localhost:8080/ diff --git a/demo-targets/swagger-petstore/templates/service.yaml b/demo-targets/swagger-petstore/templates/service.yaml index d18a4d53e7..856271b420 100644 --- a/demo-targets/swagger-petstore/templates/service.yaml +++ b/demo-targets/swagger-petstore/templates/service.yaml @@ -5,17 +5,14 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "swagger-petstore.fullname" . }} - labels: - {{- include "swagger-petstore.labels" . | nindent 4 }} - annotations: - {{- include "swagger-petstore.annotations" . | nindent 4 }} + name: { { include "swagger-petstore.fullname" . } } + labels: { { - include "swagger-petstore.labels" . | nindent 4 } } + annotations: { { - include "swagger-petstore.annotations" . | nindent 4 } } spec: - type: {{ .Values.service.type }} + type: { { .Values.service.type } } ports: - - port: {{ .Values.service.port }} + - port: { { .Values.service.port } } targetPort: http protocol: TCP name: http - selector: - {{- include "swagger-petstore.selectorLabels" . | nindent 4 }} + selector: { { - include "swagger-petstore.selectorLabels" . | nindent 4 } } diff --git a/demo-targets/swagger-petstore/values.yaml b/demo-targets/swagger-petstore/values.yaml index 59a9a7c206..a82df8e3c6 100644 --- a/demo-targets/swagger-petstore/values.yaml +++ b/demo-targets/swagger-petstore/values.yaml @@ -32,10 +32,12 @@ labels: {} # -- add annotations to the deployment, service and pods annotations: {} -podSecurityContext: {} +podSecurityContext: + {} # fsGroup: 2000 -securityContext: {} +securityContext: + {} # capabilities: # drop: # - ALL @@ -49,7 +51,8 @@ service: ingress: enabled: false - annotations: {} + annotations: + {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" hosts: @@ -60,7 +63,8 @@ ingress: # hosts: # - chart-example.local -resources: {} +resources: + {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following diff --git a/demo-targets/unsafe-https/templates/service.yaml b/demo-targets/unsafe-https/templates/service.yaml index fa08a19c41..f3229f36d3 100644 --- a/demo-targets/unsafe-https/templates/service.yaml +++ b/demo-targets/unsafe-https/templates/service.yaml @@ -5,17 +5,14 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "unsafe-https.fullname" . }} - labels: - {{- include "unsafe-https.labels" . | nindent 4 }} - annotations: - {{- include "unsafe-https.annotations" . | nindent 4 }} + name: { { include "unsafe-https.fullname" . } } + labels: { { - include "unsafe-https.labels" . | nindent 4 } } + annotations: { { - include "unsafe-https.annotations" . | nindent 4 } } spec: - type: {{ .Values.service.type }} + type: { { .Values.service.type } } ports: - - port: {{ .Values.service.port }} + - port: { { .Values.service.port } } targetPort: https protocol: TCP name: https - selector: - {{- include "unsafe-https.selectorLabels" . | nindent 4 }} + selector: { { - include "unsafe-https.selectorLabels" . | nindent 4 } } diff --git a/demo-targets/unsafe-https/values.yaml b/demo-targets/unsafe-https/values.yaml index 7c957d095a..27789b2dad 100644 --- a/demo-targets/unsafe-https/values.yaml +++ b/demo-targets/unsafe-https/values.yaml @@ -28,10 +28,12 @@ labels: {} # -- add annotations to the deployment, service and pods annotations: {} -podSecurityContext: {} +podSecurityContext: + {} # fsGroup: 2000 -securityContext: {} +securityContext: + {} # capabilities: # drop: # - ALL @@ -43,7 +45,8 @@ service: type: ClusterIP port: 443 -resources: {} +resources: + {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following diff --git a/demo-targets/vulnerable-log4j/templates/service.yaml b/demo-targets/vulnerable-log4j/templates/service.yaml index 7b02ebe534..05a0277ef6 100644 --- a/demo-targets/vulnerable-log4j/templates/service.yaml +++ b/demo-targets/vulnerable-log4j/templates/service.yaml @@ -5,17 +5,14 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "vulnerable-log4j.fullname" . }} - labels: - {{- include "vulnerable-log4j.labels" . | nindent 4 }} - annotations: - {{- include "vulnerable-log4j.annotations" . | nindent 4 }} + name: { { include "vulnerable-log4j.fullname" . } } + labels: { { - include "vulnerable-log4j.labels" . | nindent 4 } } + annotations: { { - include "vulnerable-log4j.annotations" . | nindent 4 } } spec: - type: {{ .Values.service.type }} + type: { { .Values.service.type } } ports: - - port: {{ .Values.service.port }} + - port: { { .Values.service.port } } targetPort: http protocol: TCP name: http - selector: - {{- include "vulnerable-log4j.selectorLabels" . | nindent 4 }} + selector: { { - include "vulnerable-log4j.selectorLabels" . | nindent 4 } } diff --git a/demo-targets/vulnerable-log4j/values.yaml b/demo-targets/vulnerable-log4j/values.yaml index 8ffae9f70e..7a29eedfc5 100644 --- a/demo-targets/vulnerable-log4j/values.yaml +++ b/demo-targets/vulnerable-log4j/values.yaml @@ -28,10 +28,12 @@ labels: {} # -- add annotations to the deployment, service and pods annotations: {} -podSecurityContext: {} +podSecurityContext: + {} # fsGroup: 2000 -securityContext: {} +securityContext: + {} # capabilities: # drop: # - ALL @@ -43,7 +45,8 @@ service: type: ClusterIP port: 8080 -resources: {} +resources: + {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following diff --git a/hook-sdk/nodejs/package.json b/hook-sdk/nodejs/package.json index cc8c7fda5e..6dc377ad55 100644 --- a/hook-sdk/nodejs/package.json +++ b/hook-sdk/nodejs/package.json @@ -14,4 +14,4 @@ "axios": "^0.27.2", "ws": "^8.8.0" } -} \ No newline at end of file +} diff --git a/hooks/cascading-scans/Chart.yaml b/hooks/cascading-scans/Chart.yaml index ddc36b6591..fd26717263 100644 --- a/hooks/cascading-scans/Chart.yaml +++ b/hooks/cascading-scans/Chart.yaml @@ -25,4 +25,3 @@ maintainers: email: secureCodeBox@iteratec.com dependencies: [] - diff --git a/hooks/cascading-scans/hook/scope-limiter.ts b/hooks/cascading-scans/hook/scope-limiter.ts index 25ab2526ac..c5141e2a7a 100644 --- a/hooks/cascading-scans/hook/scope-limiter.ts +++ b/hooks/cascading-scans/hook/scope-limiter.ts @@ -133,7 +133,7 @@ export function isInScope( // Split an existing list by comma return function (text, render) { // We are using a regular expression of the comma delimiter instead of a straight comma because - // NodeJS 14.X only replaces the first occurence when using the latter, and the + // NodeJS 14.X only replaces the first occurrence when using the latter, and the // replaceAll function is only available starting with NodeJS 15. // First replace comma with trailing space in case the list is specified as "entry1, entry2". // Then replace any leftover commas without a space, in case the list format is "entry1,entry2". @@ -238,7 +238,7 @@ function operatorIn({scopeAnnotationValue, findingValues}: Operands): boolean { } /** - * The scope annotation value is considered a comma-seperated list and checks if every finding value is in that list. + * The scope annotation value is considered a comma-separated list and checks if every finding value is in that list. * Matching example: * scopeAnnotationValue: "example.com,subdomain.example.com,other.example.com" * findingValues: ["example.com", "subdomain.example.com"] diff --git a/hooks/cascading-scans/templates/role-binding.yaml b/hooks/cascading-scans/templates/role-binding.yaml index c7db62bff0..60102d8dec 100644 --- a/hooks/cascading-scans/templates/role-binding.yaml +++ b/hooks/cascading-scans/templates/role-binding.yaml @@ -8,7 +8,7 @@ metadata: annotations: description: DeclarativeCombinedScansHooks needs to have the rights to create new scans and the usual patch rules to update the scan status name: cascading-scans - namespace: {{ .Release.Namespace }} + namespace: { { .Release.Namespace } } roleRef: apiGroup: rbac.authorization.k8s.io kind: Role diff --git a/hooks/cascading-scans/templates/role.yaml b/hooks/cascading-scans/templates/role.yaml index f3a4b5e346..c8f35d0f4f 100644 --- a/hooks/cascading-scans/templates/role.yaml +++ b/hooks/cascading-scans/templates/role.yaml @@ -8,7 +8,7 @@ metadata: annotations: description: DeclarativeCombinedScansHooks needs to have the rights to create new scans and the usual patch rules to update the scan status name: cascading-scans - namespace: {{ .Release.Namespace }} + namespace: { { .Release.Namespace } } rules: - apiGroups: - execution.securecodebox.io diff --git a/hooks/cascading-scans/templates/service-account.yaml b/hooks/cascading-scans/templates/service-account.yaml index eadb22cfe4..c39acb876e 100644 --- a/hooks/cascading-scans/templates/service-account.yaml +++ b/hooks/cascading-scans/templates/service-account.yaml @@ -8,4 +8,4 @@ metadata: annotations: description: DeclarativeCombinedScansHooks needs to have the rights to create new scans and the usual patch rules to update the scan status name: cascading-scans - namespace: {{ .Release.Namespace }} + namespace: { { .Release.Namespace } } diff --git a/hooks/generic-webhook/values.yaml b/hooks/generic-webhook/values.yaml index 48919bb1d7..7161fd6e20 100644 --- a/hooks/generic-webhook/values.yaml +++ b/hooks/generic-webhook/values.yaml @@ -35,7 +35,7 @@ hook: # hook.tolerations -- Optional tolerations settings that control how the hook job is scheduled (see: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) tolerations: [] - # hook.authentication -- Optional basic authentication credentials + # hook.authentication -- Optional basic authentication credentials authentication: basic: # -- Link a pre-existing generic secret with `usernameKey` and `passwordKey` key / value pairs @@ -43,4 +43,4 @@ hook: # -- Name of the username key in the `userSecret` secret. Use this if you already have a secret with different key / value pairs usernameKey: username # -- Name of the password key in the `userSecret` secret. Use this if you already have a secret with different key / value pairs - passwordKey: password \ No newline at end of file + passwordKey: password diff --git a/hooks/notification/hook/__testfiles__/trello.json b/hooks/notification/hook/__testfiles__/trello.json index a4a79d329b..21d10ae6bc 100644 --- a/hooks/notification/hook/__testfiles__/trello.json +++ b/hooks/notification/hook/__testfiles__/trello.json @@ -1,9 +1,9 @@ { - "key": "my_trello__key", - "token": "my_trello_token", - "idList": "109a221b30b4f8a5a4b679a7", - "name": "Test", - "desc": "TestRawData", - "pos": "top", - "idLabels": "11178a222bf5333c6e444804,1113f2222c3233308d444fc1" -} \ No newline at end of file + "key": "my_trello__key", + "token": "my_trello_token", + "idList": "109a221b30b4f8a5a4b679a7", + "name": "Test", + "desc": "TestRawData", + "pos": "top", + "idLabels": "11178a222bf5333c6e444804,1113f2222c3233308d444fc1" +} diff --git a/hooks/notification/hook/package.json b/hooks/notification/hook/package.json index a680b32a7d..0d22e4f7af 100644 --- a/hooks/notification/hook/package.json +++ b/hooks/notification/hook/package.json @@ -42,4 +42,4 @@ "nunjucks": "^3.2.3", "typescript": "^4.3.5" } -} \ No newline at end of file +} diff --git a/hooks/notification/templates/configmap.yaml b/hooks/notification/templates/configmap.yaml index 878e28b442..226a413f3f 100644 --- a/hooks/notification/templates/configmap.yaml +++ b/hooks/notification/templates/configmap.yaml @@ -7,8 +7,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: "{{ .Release.Name }}-config" - labels: - {{- include "notification-hook.labels" . | nindent 4 }} + labels: { { - include "notification-hook.labels" . | nindent 4 } } data: notification-channel.yaml: | - {{ .Values.notificationChannels | toYaml | nindent 4 }} \ No newline at end of file + {{ .Values.notificationChannels | toYaml | nindent 4 }} diff --git a/hooks/notification/values.yaml b/hooks/notification/values.yaml index 27d51fcf78..e97050942c 100644 --- a/hooks/notification/values.yaml +++ b/hooks/notification/values.yaml @@ -34,7 +34,6 @@ hook: # hook.tolerations -- Optional tolerations settings that control how the hook job is scheduled (see: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) tolerations: [] - notificationChannels: - name: slack type: slack diff --git a/hooks/persistence-azure-monitor/Chart.yaml b/hooks/persistence-azure-monitor/Chart.yaml index 5831e83958..57fc13c31d 100644 --- a/hooks/persistence-azure-monitor/Chart.yaml +++ b/hooks/persistence-azure-monitor/Chart.yaml @@ -26,4 +26,4 @@ maintainers: - name: iteratec GmbH email: secureCodeBox@iteratec.com -dependencies: [] \ No newline at end of file +dependencies: [] diff --git a/hooks/persistence-azure-monitor/hook/hook.js b/hooks/persistence-azure-monitor/hook/hook.js index 91f8fbd5cd..2efae2c212 100644 --- a/hooks/persistence-azure-monitor/hook/hook.js +++ b/hooks/persistence-azure-monitor/hook/hook.js @@ -101,7 +101,7 @@ async function handle({ } const { Error: errorCode, Message: errorMsg } = response.json(); console.error( - `An error occured. Status Code: ${response.status}, status text: ${response.statusText}, Error: ${errorCode}, ErrorMsg: ${errorMsg}` + `An error occurred. Status Code: ${response.status}, status text: ${response.statusText}, Error: ${errorCode}, ErrorMsg: ${errorMsg}` ); } ); diff --git a/hooks/persistence-azure-monitor/hook/package-lock.json b/hooks/persistence-azure-monitor/hook/package-lock.json index 26008f72ee..b1589cd8cd 100644 --- a/hooks/persistence-azure-monitor/hook/package-lock.json +++ b/hooks/persistence-azure-monitor/hook/package-lock.json @@ -1,7045 +1,7045 @@ { - "name": "@securecodebox/hook-persistence-azure-monitor", - "version": "1.0.0", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@securecodebox/hook-persistence-azure-monitor", - "version": "1.0.0", - "license": "Apache-2.0", - "dependencies": { - "node-fetch": "2.6" - }, - "devDependencies": { - "jest": "^27.0.6" - } - }, - "node_modules/@babel/code-frame": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.16.7.tgz", - "integrity": "sha512-iAXqUn8IIeBTNd72xsFlgaXHkMBMt6y4HJp1tIaK465CWLT/fG1aqB7ykr95gHHmlBdGbFeWWfyB4NJJ0nmeIg==", - "dev": true, - "dependencies": { - "@babel/highlight": "^7.16.7" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/compat-data": { - "version": "7.16.4", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.16.4.tgz", - "integrity": "sha512-1o/jo7D+kC9ZjHX5v+EHrdjl3PhxMrLSOTGsOdHJ+KL8HCaEK6ehrVL2RS6oHDZp+L7xLirLrPmQtEng769J/Q==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/core": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.16.7.tgz", - "integrity": "sha512-aeLaqcqThRNZYmbMqtulsetOQZ/5gbR/dWruUCJcpas4Qoyy+QeagfDsPdMrqwsPRDNxJvBlRiZxxX7THO7qtA==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.16.7", - "@babel/generator": "^7.16.7", - "@babel/helper-compilation-targets": "^7.16.7", - "@babel/helper-module-transforms": "^7.16.7", - "@babel/helpers": "^7.16.7", - "@babel/parser": "^7.16.7", - "@babel/template": "^7.16.7", - "@babel/traverse": "^7.16.7", - "@babel/types": "^7.16.7", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.1.2", - "semver": "^6.3.0", - "source-map": "^0.5.0" - }, - "engines": { - "node": ">=6.9.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" - } - }, - "node_modules/@babel/core/node_modules/source-map": { - "version": "0.5.7", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", - "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/@babel/generator": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.16.7.tgz", - "integrity": "sha512-/ST3Sg8MLGY5HVYmrjOgL60ENux/HfO/CsUh7y4MalThufhE/Ff/6EibFDHi4jiDCaWfJKoqbE6oTh21c5hrRg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.16.7", - "jsesc": "^2.5.1", - "source-map": "^0.5.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/generator/node_modules/source-map": { - "version": "0.5.7", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", - "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/@babel/helper-compilation-targets": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.16.7.tgz", - "integrity": "sha512-mGojBwIWcwGD6rfqgRXVlVYmPAv7eOpIemUG3dGnDdCY4Pae70ROij3XmfrH6Fa1h1aiDylpglbZyktfzyo/hA==", - "dev": true, - "dependencies": { - "@babel/compat-data": "^7.16.4", - "@babel/helper-validator-option": "^7.16.7", - "browserslist": "^4.17.5", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/@babel/helper-environment-visitor": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.16.7.tgz", - "integrity": "sha512-SLLb0AAn6PkUeAfKJCCOl9e1R53pQlGAfc4y4XuMRZfqeMYLE0dM1LMhqbGAlGQY0lfw5/ohoYWAe9V1yibRag==", - "dev": true, - "dependencies": { - "@babel/types": "^7.16.7" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-function-name": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.16.7.tgz", - "integrity": "sha512-QfDfEnIUyyBSR3HtrtGECuZ6DAyCkYFp7GHl75vFtTnn6pjKeK0T1DB5lLkFvBea8MdaiUABx3osbgLyInoejA==", - "dev": true, - "dependencies": { - "@babel/helper-get-function-arity": "^7.16.7", - "@babel/template": "^7.16.7", - "@babel/types": "^7.16.7" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-get-function-arity": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-get-function-arity/-/helper-get-function-arity-7.16.7.tgz", - "integrity": "sha512-flc+RLSOBXzNzVhcLu6ujeHUrD6tANAOU5ojrRx/as+tbzf8+stUCj7+IfRRoAbEZqj/ahXEMsjhOhgeZsrnTw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.16.7" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-hoist-variables": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.16.7.tgz", - "integrity": "sha512-m04d/0Op34H5v7pbZw6pSKP7weA6lsMvfiIAMeIvkY/R4xQtBSMFEigu9QTZ2qB/9l22vsxtM8a+Q8CzD255fg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.16.7" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-imports": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.16.7.tgz", - "integrity": "sha512-LVtS6TqjJHFc+nYeITRo6VLXve70xmq7wPhWTqDJusJEgGmkAACWwMiTNrvfoQo6hEhFwAIixNkvB0jPXDL8Wg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.16.7" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.16.7.tgz", - "integrity": "sha512-gaqtLDxJEFCeQbYp9aLAefjhkKdjKcdh6DB7jniIGU3Pz52WAmP268zK0VgPz9hUNkMSYeH976K2/Y6yPadpng==", - "dev": true, - "dependencies": { - "@babel/helper-environment-visitor": "^7.16.7", - "@babel/helper-module-imports": "^7.16.7", - "@babel/helper-simple-access": "^7.16.7", - "@babel/helper-split-export-declaration": "^7.16.7", - "@babel/helper-validator-identifier": "^7.16.7", - "@babel/template": "^7.16.7", - "@babel/traverse": "^7.16.7", - "@babel/types": "^7.16.7" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.16.7.tgz", - "integrity": "sha512-Qg3Nk7ZxpgMrsox6HreY1ZNKdBq7K72tDSliA6dCl5f007jR4ne8iD5UzuNnCJH2xBf2BEEVGr+/OL6Gdp7RxA==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-simple-access": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.16.7.tgz", - "integrity": "sha512-ZIzHVyoeLMvXMN/vok/a4LWRy8G2v205mNP0XOuf9XRLyX5/u9CnVulUtDgUTama3lT+bf/UqucuZjqiGuTS1g==", - "dev": true, - "dependencies": { - "@babel/types": "^7.16.7" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-split-export-declaration": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.16.7.tgz", - "integrity": "sha512-xbWoy/PFoxSWazIToT9Sif+jJTlrMcndIsaOKvTA6u7QEo7ilkRZpjew18/W3c7nm8fXdUDXh02VXTbZ0pGDNw==", - "dev": true, - "dependencies": { - "@babel/types": "^7.16.7" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.16.7.tgz", - "integrity": "sha512-hsEnFemeiW4D08A5gUAZxLBTXpZ39P+a+DGDsHw1yxqyQ/jzFEnxf5uTEGp+3bzAbNOxU1paTgYS4ECU/IgfDw==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helper-validator-option": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.16.7.tgz", - "integrity": "sha512-TRtenOuRUVo9oIQGPC5G9DgK4743cdxvtOw0weQNpZXaS16SCBi5MNjZF8vba3ETURjZpTbVn7Vvcf2eAwFozQ==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/helpers": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.16.7.tgz", - "integrity": "sha512-9ZDoqtfY7AuEOt3cxchfii6C7GDyyMBffktR5B2jvWv8u2+efwvpnVKXMWzNehqy68tKgAfSwfdw/lWpthS2bw==", - "dev": true, - "dependencies": { - "@babel/template": "^7.16.7", - "@babel/traverse": "^7.16.7", - "@babel/types": "^7.16.7" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/highlight": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.16.7.tgz", - "integrity": "sha512-aKpPMfLvGO3Q97V0qhw/V2SWNWlwfJknuwAunU7wZLSfrM4xTBvg7E5opUVi1kJTBKihE38CPg4nBiqX83PWYw==", - "dev": true, - "dependencies": { - "@babel/helper-validator-identifier": "^7.16.7", - "chalk": "^2.0.0", - "js-tokens": "^4.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/highlight/node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "dependencies": { - "color-convert": "^1.9.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "dependencies": { - "color-name": "1.1.3" - } - }, - "node_modules/@babel/highlight/node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=", - "dev": true - }, - "node_modules/@babel/highlight/node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=", - "dev": true, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@babel/highlight/node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/highlight/node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@babel/parser": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.16.7.tgz", - "integrity": "sha512-sR4eaSrnM7BV7QPzGfEX5paG/6wrZM3I0HDzfIAK06ESvo9oy3xBuVBxE3MbQaKNhvg8g/ixjMWo2CGpzpHsDA==", - "dev": true, - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.12.13" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.14.5" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.16.7.tgz", - "integrity": "sha512-YhUIJHHGkqPgEcMYkPCKTyGUdoGKWtopIycQyjJH8OjvRgOYsXsaKehLVPScKJWAULPxMa4N1vCe6szREFlZ7A==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.16.7" - }, - "engines": { - "node": ">=6.9.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0-0" - } - }, - "node_modules/@babel/template": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.16.7.tgz", - "integrity": "sha512-I8j/x8kHUrbYRTUxXrrMbfCa7jxkE7tZre39x3kjr9hvI82cK1FfqLygotcWN5kdPGWcLdWMHpSBavse5tWw3w==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.16.7", - "@babel/parser": "^7.16.7", - "@babel/types": "^7.16.7" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.16.7.tgz", - "integrity": "sha512-8KWJPIb8c2VvY8AJrydh6+fVRo2ODx1wYBU2398xJVq0JomuLBZmVQzLPBblJgHIGYG4znCpUZUZ0Pt2vdmVYQ==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.16.7", - "@babel/generator": "^7.16.7", - "@babel/helper-environment-visitor": "^7.16.7", - "@babel/helper-function-name": "^7.16.7", - "@babel/helper-hoist-variables": "^7.16.7", - "@babel/helper-split-export-declaration": "^7.16.7", - "@babel/parser": "^7.16.7", - "@babel/types": "^7.16.7", - "debug": "^4.1.0", - "globals": "^11.1.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/types": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.16.7.tgz", - "integrity": "sha512-E8HuV7FO9qLpx6OtoGfUQ2cjIYnbFwvZWYBS+87EwtdMvmUPJSwykpovFB+8insbpF0uJcpr8KMUi64XZntZcg==", - "dev": true, - "dependencies": { - "@babel/helper-validator-identifier": "^7.16.7", - "to-fast-properties": "^2.0.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "node_modules/@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "dependencies": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/@jest/console": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-27.4.2.tgz", - "integrity": "sha512-xknHThRsPB/To1FUbi6pCe43y58qFC03zfb6R7fDb/FfC7k2R3i1l+izRBJf8DI46KhYGRaF14Eo9A3qbBoixg==", - "dev": true, - "dependencies": { - "@jest/types": "^27.4.2", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^27.4.2", - "jest-util": "^27.4.2", - "slash": "^3.0.0" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/@jest/core": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-27.4.5.tgz", - "integrity": "sha512-3tm/Pevmi8bDsgvo73nX8p/WPng6KWlCyScW10FPEoN1HU4pwI83tJ3TsFvi1FfzsjwUlMNEPowgb/rPau/LTQ==", - "dev": true, - "dependencies": { - "@jest/console": "^27.4.2", - "@jest/reporters": "^27.4.5", - "@jest/test-result": "^27.4.2", - "@jest/transform": "^27.4.5", - "@jest/types": "^27.4.2", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.8.1", - "exit": "^0.1.2", - "graceful-fs": "^4.2.4", - "jest-changed-files": "^27.4.2", - "jest-config": "^27.4.5", - "jest-haste-map": "^27.4.5", - "jest-message-util": "^27.4.2", - "jest-regex-util": "^27.4.0", - "jest-resolve": "^27.4.5", - "jest-resolve-dependencies": "^27.4.5", - "jest-runner": "^27.4.5", - "jest-runtime": "^27.4.5", - "jest-snapshot": "^27.4.5", - "jest-util": "^27.4.2", - "jest-validate": "^27.4.2", - "jest-watcher": "^27.4.2", - "micromatch": "^4.0.4", - "rimraf": "^3.0.0", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/environment": { - "version": "27.4.4", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-27.4.4.tgz", - "integrity": "sha512-q+niMx7cJgt/t/b6dzLOh4W8Ef/8VyKG7hxASK39jakijJzbFBGpptx3RXz13FFV7OishQ9lTbv+dQ5K3EhfDQ==", - "dev": true, - "dependencies": { - "@jest/fake-timers": "^27.4.2", - "@jest/types": "^27.4.2", - "@types/node": "*", - "jest-mock": "^27.4.2" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/@jest/fake-timers": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-27.4.2.tgz", - "integrity": "sha512-f/Xpzn5YQk5adtqBgvw1V6bF8Nx3hY0OIRRpCvWcfPl0EAjdqWPdhH3t/3XpiWZqtjIEHDyMKP9ajpva1l4Zmg==", - "dev": true, - "dependencies": { - "@jest/types": "^27.4.2", - "@sinonjs/fake-timers": "^8.0.1", - "@types/node": "*", - "jest-message-util": "^27.4.2", - "jest-mock": "^27.4.2", - "jest-util": "^27.4.2" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/@jest/globals": { - "version": "27.4.4", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-27.4.4.tgz", - "integrity": "sha512-bqpqQhW30BOreXM8bA8t8JbOQzsq/WnPTnBl+It3UxAD9J8yxEAaBEylHx1dtBapAr/UBk8GidXbzmqnee8tYQ==", - "dev": true, - "dependencies": { - "@jest/environment": "^27.4.4", - "@jest/types": "^27.4.2", - "expect": "^27.4.2" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/@jest/reporters": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-27.4.5.tgz", - "integrity": "sha512-3orsG4vi8zXuBqEoy2LbnC1kuvkg1KQUgqNxmxpQgIOQEPeV0onvZu+qDQnEoX8qTQErtqn/xzcnbpeTuOLSiA==", - "dev": true, - "dependencies": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^27.4.2", - "@jest/test-result": "^27.4.2", - "@jest/transform": "^27.4.5", - "@jest/types": "^27.4.2", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.2", - "graceful-fs": "^4.2.4", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^4.0.3", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.0.2", - "jest-haste-map": "^27.4.5", - "jest-resolve": "^27.4.5", - "jest-util": "^27.4.2", - "jest-worker": "^27.4.5", - "slash": "^3.0.0", - "source-map": "^0.6.0", - "string-length": "^4.0.1", - "terminal-link": "^2.0.0", - "v8-to-istanbul": "^8.1.0" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/@jest/source-map": { - "version": "27.4.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-27.4.0.tgz", - "integrity": "sha512-Ntjx9jzP26Bvhbm93z/AKcPRj/9wrkI88/gK60glXDx1q+IeI0rf7Lw2c89Ch6ofonB0On/iRDreQuQ6te9pgQ==", - "dev": true, - "dependencies": { - "callsites": "^3.0.0", - "graceful-fs": "^4.2.4", - "source-map": "^0.6.0" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/@jest/test-result": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-27.4.2.tgz", - "integrity": "sha512-kr+bCrra9jfTgxHXHa2UwoQjxvQk3Am6QbpAiJ5x/50LW8llOYrxILkqY0lZRW/hu8FXesnudbql263+EW9iNA==", - "dev": true, - "dependencies": { - "@jest/console": "^27.4.2", - "@jest/types": "^27.4.2", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/@jest/test-sequencer": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-27.4.5.tgz", - "integrity": "sha512-n5woIn/1v+FT+9hniymHPARA9upYUmfi5Pw9ewVwXCDlK4F5/Gkees9v8vdjGdAIJ2MPHLHodiajLpZZanWzEQ==", - "dev": true, - "dependencies": { - "@jest/test-result": "^27.4.2", - "graceful-fs": "^4.2.4", - "jest-haste-map": "^27.4.5", - "jest-runtime": "^27.4.5" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/@jest/transform": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-27.4.5.tgz", - "integrity": "sha512-PuMet2UlZtlGzwc6L+aZmR3I7CEBpqadO03pU40l2RNY2fFJ191b9/ITB44LNOhVtsyykx0OZvj0PCyuLm7Eew==", - "dev": true, - "dependencies": { - "@babel/core": "^7.1.0", - "@jest/types": "^27.4.2", - "babel-plugin-istanbul": "^6.0.0", - "chalk": "^4.0.0", - "convert-source-map": "^1.4.0", - "fast-json-stable-stringify": "^2.0.0", - "graceful-fs": "^4.2.4", - "jest-haste-map": "^27.4.5", - "jest-regex-util": "^27.4.0", - "jest-util": "^27.4.2", - "micromatch": "^4.0.4", - "pirates": "^4.0.1", - "slash": "^3.0.0", - "source-map": "^0.6.1", - "write-file-atomic": "^3.0.0" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/@jest/types": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-27.4.2.tgz", - "integrity": "sha512-j35yw0PMTPpZsUoOBiuHzr1zTYoad1cVIE0ajEjcrJONxxrko/IRGKkXx3os0Nsi4Hu3+5VmDbVfq5WhG/pWAg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^16.0.0", - "chalk": "^4.0.0" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/@sinonjs/commons": { - "version": "1.8.3", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.3.tgz", - "integrity": "sha512-xkNcLAn/wZaX14RPlwizcKicDk9G3F8m2nU3L7Ukm5zBgTwiT0wsoFAHx9Jq56fJA1z/7uKGtCRu16sOUCLIHQ==", - "dev": true, - "dependencies": { - "type-detect": "4.0.8" - } - }, - "node_modules/@sinonjs/fake-timers": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-8.1.0.tgz", - "integrity": "sha512-OAPJUAtgeINhh/TAlUID4QTs53Njm7xzddaVlEs/SXwgtiD1tW22zAB/W1wdqfrpmikgaWQ9Fw6Ws+hsiRm5Vg==", - "dev": true, - "dependencies": { - "@sinonjs/commons": "^1.7.0" - } - }, - "node_modules/@tootallnate/once": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@tootallnate/once/-/once-1.1.2.tgz", - "integrity": "sha512-RbzJvlNzmRq5c3O09UipeuXno4tA1FE6ikOjxZK0tuxVv3412l64l5t1W5pj4+rJq9vpkm/kwiR07aZXnsKPxw==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/@types/babel__core": { - "version": "7.1.18", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.1.18.tgz", - "integrity": "sha512-S7unDjm/C7z2A2R9NzfKCK1I+BAALDtxEmsJBwlB3EzNfb929ykjL++1CK9LO++EIp2fQrC8O+BwjKvz6UeDyQ==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "node_modules/@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "dependencies": { - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "dependencies": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "node_modules/@types/babel__traverse": { - "version": "7.14.2", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.14.2.tgz", - "integrity": "sha512-K2waXdXBi2302XUdcHcR1jCeU0LL4TD9HRs/gk0N2Xvrht+G/BfJa4QObBQZfhMdxiCpV3COl5Nfq4uKTeTnJA==", - "dev": true, - "dependencies": { - "@babel/types": "^7.3.0" - } - }, - "node_modules/@types/graceful-fs": { - "version": "4.1.5", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.5.tgz", - "integrity": "sha512-anKkLmZZ+xm4p8JWBf4hElkM4XR+EZeA2M9BAkkTldmcyDY4mbdIJnRghDJH3Ov5ooY7/UAoENtmdMSkaAd7Cw==", - "dev": true, - "dependencies": { - "@types/node": "*" - } - }, - "node_modules/@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "node_modules/@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "*" - } - }, - "node_modules/@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-report": "*" - } - }, - "node_modules/@types/node": { - "version": "17.0.7", - "resolved": "https://registry.npmjs.org/@types/node/-/node-17.0.7.tgz", - "integrity": "sha512-1QUk+WAUD4t8iR+Oj+UgI8oJa6yyxaB8a8pHaC8uqM6RrS1qbL7bf3Pwl5rHv0psm2CuDErgho6v5N+G+5fwtQ==", - "dev": true - }, - "node_modules/@types/prettier": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.4.2.tgz", - "integrity": "sha512-ekoj4qOQYp7CvjX8ZDBgN86w3MqQhLE1hczEJbEIjgFEumDy+na/4AJAbLXfgEWFNB2pKadM5rPFtuSGMWK7xA==", - "dev": true - }, - "node_modules/@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "node_modules/@types/yargs": { - "version": "16.0.4", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-16.0.4.tgz", - "integrity": "sha512-T8Yc9wt/5LbJyCaLiHPReJa0kApcIgJ7Bn735GjItUfh08Z1pJvu8QZqb9s+mMvKV6WUQRV7K2R46YbjMXTTJw==", - "dev": true, - "dependencies": { - "@types/yargs-parser": "*" - } - }, - "node_modules/@types/yargs-parser": { - "version": "20.2.1", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-20.2.1.tgz", - "integrity": "sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw==", - "dev": true - }, - "node_modules/abab": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/abab/-/abab-2.0.5.tgz", - "integrity": "sha512-9IK9EadsbHo6jLWIpxpR6pL0sazTXV6+SQv25ZB+F7Bj9mJNaOc4nCRabwd5M/JwmUa8idz6Eci6eKfJryPs6Q==", - "dev": true - }, - "node_modules/acorn": { - "version": "8.7.0", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.7.0.tgz", - "integrity": "sha512-V/LGr1APy+PXIwKebEWrkZPwoeoF+w1jiOBUmuxuiUIaOHtob8Qc9BTrYo7VuI5fR8tqsy+buA2WFooR5olqvQ==", - "dev": true, - "bin": { - "acorn": "bin/acorn" - }, - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/acorn-globals": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/acorn-globals/-/acorn-globals-6.0.0.tgz", - "integrity": "sha512-ZQl7LOWaF5ePqqcX4hLuv/bLXYQNfNWw2c0/yX/TsPRKamzHcTGQnlCjHT3TsmkOUVEPS3crCxiPfdzE/Trlhg==", - "dev": true, - "dependencies": { - "acorn": "^7.1.1", - "acorn-walk": "^7.1.1" - } - }, - "node_modules/acorn-globals/node_modules/acorn": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz", - "integrity": "sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A==", - "dev": true, - "bin": { - "acorn": "bin/acorn" - }, - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/acorn-walk": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-7.2.0.tgz", - "integrity": "sha512-OPdCF6GsMIP+Az+aWfAAOEt2/+iVDKE7oy6lJ098aoe59oAmK76qV6Gw60SbZ8jHuG2wH058GF4pLFbYamYrVA==", - "dev": true, - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/agent-base": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz", - "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==", - "dev": true, - "dependencies": { - "debug": "4" - }, - "engines": { - "node": ">= 6.0.0" - } - }, - "node_modules/ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "dependencies": { - "type-fest": "^0.21.3" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/anymatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.2.tgz", - "integrity": "sha512-P43ePfOAIupkguHUycrc4qJ9kz8ZiuOUijaETwX7THt0Y/GNK7v0aa8rY816xWjZ7rJdA5XdMcpVFTKMq+RvWg==", - "dev": true, - "dependencies": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "dependencies": { - "sprintf-js": "~1.0.2" - } - }, - "node_modules/asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", - "dev": true - }, - "node_modules/babel-jest": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-27.4.5.tgz", - "integrity": "sha512-3uuUTjXbgtODmSv/DXO9nZfD52IyC2OYTFaXGRzL0kpykzroaquCrD5+lZNafTvZlnNqZHt5pb0M08qVBZnsnA==", - "dev": true, - "dependencies": { - "@jest/transform": "^27.4.5", - "@jest/types": "^27.4.2", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.0.0", - "babel-preset-jest": "^27.4.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.4", - "slash": "^3.0.0" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.8.0" - } - }, - "node_modules/babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "dependencies": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-istanbul/node_modules/istanbul-lib-instrument": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.1.0.tgz", - "integrity": "sha512-czwUz525rkOFDJxfKK6mYfIs9zBKILyrZQxjz3ABhjQXhbhFsSbo1HW/BFcsDnfJYJWA6thRR5/TUY2qs5W99Q==", - "dev": true, - "dependencies": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-jest-hoist": { - "version": "27.4.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-27.4.0.tgz", - "integrity": "sha512-Jcu7qS4OX5kTWBc45Hz7BMmgXuJqRnhatqpUhnzGC3OBYpOmf2tv6jFNwZpwM7wU7MUuv2r9IPS/ZlYOuburVw==", - "dev": true, - "dependencies": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.0.0", - "@types/babel__traverse": "^7.0.6" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "dependencies": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/babel-preset-jest": { - "version": "27.4.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-27.4.0.tgz", - "integrity": "sha512-NK4jGYpnBvNxcGo7/ZpZJr51jCGT+3bwwpVIDY2oNfTxJJldRtB4VAcYdgp1loDE50ODuTu+yBjpMAswv5tlpg==", - "dev": true, - "dependencies": { - "babel-plugin-jest-hoist": "^27.4.0", - "babel-preset-current-node-syntax": "^1.0.0" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - }, - "peerDependencies": { - "@babel/core": "^7.0.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "dev": true, - "dependencies": { - "fill-range": "^7.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/browser-process-hrtime": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/browser-process-hrtime/-/browser-process-hrtime-1.0.0.tgz", - "integrity": "sha512-9o5UecI3GhkpM6DrXr69PblIuWxPKk9Y0jHBRhdocZ2y7YECBFCsHm79Pr3OyR2AvjhDkabFJaDJMYRazHgsow==", - "dev": true - }, - "node_modules/browserslist": { - "version": "4.19.1", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.19.1.tgz", - "integrity": "sha512-u2tbbG5PdKRTUoctO3NBD8FQ5HdPh1ZXPHzp1rwaa5jTc+RV9/+RlWiAIKmjRPQF+xbGM9Kklj5bZQFa2s/38A==", - "dev": true, - "dependencies": { - "caniuse-lite": "^1.0.30001286", - "electron-to-chromium": "^1.4.17", - "escalade": "^3.1.1", - "node-releases": "^2.0.1", - "picocolors": "^1.0.0" - }, - "bin": { - "browserslist": "cli.js" - }, - "engines": { - "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - } - }, - "node_modules/bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "dependencies": { - "node-int64": "^0.4.0" - } - }, - "node_modules/buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/caniuse-lite": { - "version": "1.0.30001296", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001296.tgz", - "integrity": "sha512-WfrtPEoNSoeATDlf4y3QvkwiELl9GyPLISV5GejTbbQRtQx4LhsXmc9IQ6XCL2d7UxCyEzToEZNMeqR79OUw8Q==", - "dev": true, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/browserslist" - } - }, - "node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/ci-info": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.3.0.tgz", - "integrity": "sha512-riT/3vI5YpVH6/qomlDnJow6TBee2PBKSEpx3O32EGPYbWGIRsIlGRms3Sm74wYE1JMo8RnO04Hb12+v1J5ICw==", - "dev": true - }, - "node_modules/cjs-module-lexer": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.2.tgz", - "integrity": "sha512-cOU9usZw8/dXIXKtwa8pM0OTJQuJkxMN6w30csNRUerHfeQ5R6U3kkU/FtJeIf3M202OHfY2U8ccInBG7/xogA==", - "dev": true - }, - "node_modules/cliui": { - "version": "7.0.4", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-7.0.4.tgz", - "integrity": "sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ==", - "dev": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.0", - "wrap-ansi": "^7.0.0" - } - }, - "node_modules/co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha1-bqa989hTrlTMuOR7+gvz+QMfsYQ=", - "dev": true, - "engines": { - "iojs": ">= 1.0.0", - "node": ">= 0.12.0" - } - }, - "node_modules/collect-v8-coverage": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.1.tgz", - "integrity": "sha512-iBPtljfCNcTKNAto0KEtDfZ3qzjJvqE3aTGZsbhjSBlorqpXJlaWWtPO35D+ZImoC3KWejX64o+yPGxhWSTzfg==", - "dev": true - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "node_modules/combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dev": true, - "dependencies": { - "delayed-stream": "~1.0.0" - }, - "engines": { - "node": ">= 0.8" - } - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", - "dev": true - }, - "node_modules/convert-source-map": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.8.0.tgz", - "integrity": "sha512-+OQdjP49zViI/6i7nIJpA8rAl4sV/JdPfU9nZs3VqOwGIgizICvuN2ru6fMd+4llL0tar18UYJXfZ/TWtmhUjA==", - "dev": true, - "dependencies": { - "safe-buffer": "~5.1.1" - } - }, - "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/cssom": { - "version": "0.4.4", - "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.4.4.tgz", - "integrity": "sha512-p3pvU7r1MyyqbTk+WbNJIgJjG2VmTIaB10rI93LzVPrmDJKkzKYMtxxyAvQXR/NS6otuzveI7+7BBq3SjBS2mw==", - "dev": true - }, - "node_modules/cssstyle": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/cssstyle/-/cssstyle-2.3.0.tgz", - "integrity": "sha512-AZL67abkUzIuvcHqk7c09cezpGNcxUxU4Ioi/05xHk4DQeTkWmGYftIE6ctU6AEt+Gn4n1lDStOtj7FKycP71A==", - "dev": true, - "dependencies": { - "cssom": "~0.3.6" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/cssstyle/node_modules/cssom": { - "version": "0.3.8", - "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.3.8.tgz", - "integrity": "sha512-b0tGHbfegbhPJpxpiBPU2sCkigAqtM9O121le6bbOlgyV+NyGyCmVfJ6QW9eRjz8CpNfWEOYBIMIGRYkLwsIYg==", - "dev": true - }, - "node_modules/data-urls": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/data-urls/-/data-urls-2.0.0.tgz", - "integrity": "sha512-X5eWTSXO/BJmpdIKCRuKUgSCgAN0OwliVK3yPKbwIWU1Tdw5BRajxlzMidvh+gwko9AfQ9zIj52pzF91Q3YAvQ==", - "dev": true, - "dependencies": { - "abab": "^2.0.3", - "whatwg-mimetype": "^2.3.0", - "whatwg-url": "^8.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/debug": { - "version": "4.3.3", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.3.tgz", - "integrity": "sha512-/zxw5+vh1Tfv+4Qn7a5nsbcJKPaSvCDhojn6FEl9vupwK2VCSDtEiEtqr8DFtzYFOdz63LBkxec7DYuc2jon6Q==", - "dev": true, - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/decimal.js": { - "version": "10.3.1", - "resolved": "https://registry.npmjs.org/decimal.js/-/decimal.js-10.3.1.tgz", - "integrity": "sha512-V0pfhfr8suzyPGOx3nmq4aHqabehUZn6Ch9kyFpV79TGDTWFmHqUqXdabR7QHqxzrYolF4+tVmJhUG4OURg5dQ==", - "dev": true - }, - "node_modules/dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha1-JJXduvbrh0q7Dhvp3yLS5aVEMmw=", - "dev": true - }, - "node_modules/deep-is": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz", - "integrity": "sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==", - "dev": true - }, - "node_modules/deepmerge": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.2.2.tgz", - "integrity": "sha512-FJ3UgI4gIl+PHZm53knsuSFpE+nESMr7M4v9QcgB7S63Kj/6WqMiFQJpBBYz1Pt+66bZpP3Q7Lye0Oo9MPKEdg==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", - "dev": true, - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/diff-sequences": { - "version": "27.4.0", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-27.4.0.tgz", - "integrity": "sha512-YqiQzkrsmHMH5uuh8OdQFU9/ZpADnwzml8z0O5HvRNda+5UZsaX/xN+AAxfR2hWq1Y7HZnAzO9J5lJXOuDz2Ww==", - "dev": true, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/domexception": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/domexception/-/domexception-2.0.1.tgz", - "integrity": "sha512-yxJ2mFy/sibVQlu5qHjOkf9J3K6zgmCxgJ94u2EdvDOV09H+32LtRswEcUsmUWN72pVLOEnTSRaIVVzVQgS0dg==", - "dev": true, - "dependencies": { - "webidl-conversions": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/domexception/node_modules/webidl-conversions": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-5.0.0.tgz", - "integrity": "sha512-VlZwKPCkYKxQgeSbH5EyngOmRp7Ww7I9rQLERETtf5ofd9pGeswWiOtogpEO850jziPRarreGxn5QIiTqpb2wA==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/electron-to-chromium": { - "version": "1.4.33", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.33.tgz", - "integrity": "sha512-OVK1Ad3pHnmuXPhEfq85X8vUKr1UPNHryBnbKnyLcAfh8dPwoFjoDhDlP5KpPJIiymvSucZs48UBrE1250IxOw==", - "dev": true - }, - "node_modules/emittery": { - "version": "0.8.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.8.1.tgz", - "integrity": "sha512-uDfvUjVrfGJJhymx/kz6prltenw1u7WrCg1oa94zYY8xxVpLLUu045LAT0dhDZdXG58/EpPL/5kA180fQ/qudg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/emittery?sponsor=1" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "node_modules/escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/escodegen": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escodegen/-/escodegen-2.0.0.tgz", - "integrity": "sha512-mmHKys/C8BFUGI+MAWNcSYoORYLMdPzjrknd2Vc+bUsjN5bXcr8EhrNB+UTqfL1y3I9c4fw2ihgtMPQLBRiQxw==", - "dev": true, - "dependencies": { - "esprima": "^4.0.1", - "estraverse": "^5.2.0", - "esutils": "^2.0.2", - "optionator": "^0.8.1" - }, - "bin": { - "escodegen": "bin/escodegen.js", - "esgenerate": "bin/esgenerate.js" - }, - "engines": { - "node": ">=6.0" - }, - "optionalDependencies": { - "source-map": "~0.6.1" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/estraverse": { - "version": "5.3.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz", - "integrity": "sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==", - "dev": true, - "engines": { - "node": ">=4.0" - } - }, - "node_modules/esutils": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", - "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "dependencies": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sindresorhus/execa?sponsor=1" - } - }, - "node_modules/exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha1-BjJjj42HfMghB9MKD/8aF8uhzQw=", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/expect": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/expect/-/expect-27.4.2.tgz", - "integrity": "sha512-BjAXIDC6ZOW+WBFNg96J22D27Nq5ohn+oGcuP2rtOtcjuxNoV9McpQ60PcQWhdFOSBIQdR72e+4HdnbZTFSTyg==", - "dev": true, - "dependencies": { - "@jest/types": "^27.4.2", - "ansi-styles": "^5.0.0", - "jest-get-type": "^27.4.0", - "jest-matcher-utils": "^27.4.2", - "jest-message-util": "^27.4.2", - "jest-regex-util": "^27.4.0" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/expect/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "node_modules/fast-levenshtein": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", - "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=", - "dev": true - }, - "node_modules/fb-watchman": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.1.tgz", - "integrity": "sha512-DkPJKQeY6kKwmuMretBhr7G6Vodr7bFwDYTXIkfG1gjvNpaxBTQV3PbXg6bR1c1UP4jPOX0jHUbbHANL9vRjVg==", - "dev": true, - "dependencies": { - "bser": "2.1.1" - } - }, - "node_modules/fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "dependencies": { - "to-regex-range": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "dependencies": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/form-data": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-3.0.1.tgz", - "integrity": "sha512-RHkBKtLWUVwd7SqRIvCZMEvAMoGUp0XU+seQiZejj0COz3RI3hWP4sCv3gZWWLjJTd7rGwcsF5eKZGii0r/hbg==", - "dev": true, - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", - "dev": true - }, - "node_modules/fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/glob": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.0.tgz", - "integrity": "sha512-lmLf6gtyrPq8tTjSmrO94wBeQbFR3HbLHbuyD69wuyQkImp2hWqMGB47OX65FBkPffO641IP9jWa1z4ivqG26Q==", - "dev": true, - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.0.4", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.8", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.8.tgz", - "integrity": "sha512-qkIilPUYcNhJpd33n0GBXTB1MMPp14TxEsEs0pTrsSVucApsYzW5V+Q8Qxhik6KU3evy+qkAAowTByymK0avdg==", - "dev": true - }, - "node_modules/has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "dependencies": { - "function-bind": "^1.1.1" - }, - "engines": { - "node": ">= 0.4.0" - } - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/html-encoding-sniffer": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/html-encoding-sniffer/-/html-encoding-sniffer-2.0.1.tgz", - "integrity": "sha512-D5JbOMBIR/TVZkubHT+OyT2705QvogUW4IBn6nHd756OwieSF9aDYFj4dv6HHEVGYbHaLETa3WggZYWWMyy3ZQ==", - "dev": true, - "dependencies": { - "whatwg-encoding": "^1.0.5" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "node_modules/http-proxy-agent": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-4.0.1.tgz", - "integrity": "sha512-k0zdNgqWTGA6aeIRVpvfVob4fL52dTfaehylg0Y4UvSySvOq/Y+BOyPrgpUrA7HylqvU8vIZGsRuXmspskV0Tg==", - "dev": true, - "dependencies": { - "@tootallnate/once": "1", - "agent-base": "6", - "debug": "4" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/https-proxy-agent": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.0.tgz", - "integrity": "sha512-EkYm5BcKUGiduxzSt3Eppko+PiNWNEpa4ySk9vTC6wDsQJW9rHSa+UhGNJoRYp7bz6Ht1eaRIa6QaJqO5rCFbA==", - "dev": true, - "dependencies": { - "agent-base": "6", - "debug": "4" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true, - "engines": { - "node": ">=10.17.0" - } - }, - "node_modules/iconv-lite": { - "version": "0.4.24", - "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", - "integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==", - "dev": true, - "dependencies": { - "safer-buffer": ">= 2.1.2 < 3" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/import-local": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.0.3.tgz", - "integrity": "sha512-bE9iaUY3CXH8Cwfan/abDKAxe1KGT9kyGsBPqf6DMK/z0a2OzAsrukeYNgIH6cH5Xr452jb1TUL8rSfCLjZ9uA==", - "dev": true, - "dependencies": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - }, - "bin": { - "import-local-fixture": "fixtures/cli.js" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=", - "dev": true, - "engines": { - "node": ">=0.8.19" - } - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", - "dev": true, - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "node_modules/is-core-module": { - "version": "2.8.0", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.8.0.tgz", - "integrity": "sha512-vd15qHsaqrRL7dtH6QNuy0ndJmRDrS9HAM1CAiSifNUFv4x1a0CCVsj18hJ1mShxIG6T2i1sO78MkP56r0nYRw==", - "dev": true, - "dependencies": { - "has": "^1.0.3" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/is-potential-custom-element-name": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/is-potential-custom-element-name/-/is-potential-custom-element-name-1.0.1.tgz", - "integrity": "sha512-bCYeRA2rVibKZd+s2625gGnGF/t7DSqDs4dP7CrLA1m7jKWz6pps0LpYLJN8Q64HtmPKJ1hrN3nzPNKFEKOUiQ==", - "dev": true - }, - "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=", - "dev": true - }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=", - "dev": true - }, - "node_modules/istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-instrument": { - "version": "4.0.3", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-4.0.3.tgz", - "integrity": "sha512-BXgQl9kf4WTCPCCpmFGoJkz/+uhvm7h7PFKUYxh7qarQd3ER33vHG//qaE8eN25l07YqZPpHXU9I09l/RD5aGQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.7.5", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.0.0", - "semver": "^6.3.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "dependencies": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "dependencies": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/istanbul-reports": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.3.tgz", - "integrity": "sha512-x9LtDVtfm/t1GFiLl3NffC7hz+I1ragvgX1P/Lg1NlIagifZDKUkuuaAxH/qpwj2IuEfD8G2Bs/UKp+sZ/pKkg==", - "dev": true, - "dependencies": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jest": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest/-/jest-27.4.5.tgz", - "integrity": "sha512-uT5MiVN3Jppt314kidCk47MYIRilJjA/l2mxwiuzzxGUeJIvA8/pDaJOAX5KWvjAo7SCydcW0/4WEtgbLMiJkg==", - "dev": true, - "dependencies": { - "@jest/core": "^27.4.5", - "import-local": "^3.0.2", - "jest-cli": "^27.4.5" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-changed-files": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-27.4.2.tgz", - "integrity": "sha512-/9x8MjekuzUQoPjDHbBiXbNEBauhrPU2ct7m8TfCg69ywt1y/N+yYwGh3gCpnqUS3klYWDU/lSNgv+JhoD2k1A==", - "dev": true, - "dependencies": { - "@jest/types": "^27.4.2", - "execa": "^5.0.0", - "throat": "^6.0.1" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-circus": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-27.4.5.tgz", - "integrity": "sha512-eTNWa9wsvBwPykhMMShheafbwyakcdHZaEYh5iRrQ0PFJxkDP/e3U/FvzGuKWu2WpwUA3C3hPlfpuzvOdTVqnw==", - "dev": true, - "dependencies": { - "@jest/environment": "^27.4.4", - "@jest/test-result": "^27.4.2", - "@jest/types": "^27.4.2", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "expect": "^27.4.2", - "is-generator-fn": "^2.0.0", - "jest-each": "^27.4.2", - "jest-matcher-utils": "^27.4.2", - "jest-message-util": "^27.4.2", - "jest-runtime": "^27.4.5", - "jest-snapshot": "^27.4.5", - "jest-util": "^27.4.2", - "pretty-format": "^27.4.2", - "slash": "^3.0.0", - "stack-utils": "^2.0.3", - "throat": "^6.0.1" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-cli": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-27.4.5.tgz", - "integrity": "sha512-hrky3DSgE0u7sQxaCL7bdebEPHx5QzYmrGuUjaPLmPE8jx5adtvGuOlRspvMoVLTTDOHRnZDoRLYJuA+VCI7Hg==", - "dev": true, - "dependencies": { - "@jest/core": "^27.4.5", - "@jest/test-result": "^27.4.2", - "@jest/types": "^27.4.2", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.4", - "import-local": "^3.0.2", - "jest-config": "^27.4.5", - "jest-util": "^27.4.2", - "jest-validate": "^27.4.2", - "prompts": "^2.0.1", - "yargs": "^16.2.0" - }, - "bin": { - "jest": "bin/jest.js" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - }, - "peerDependencies": { - "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" - }, - "peerDependenciesMeta": { - "node-notifier": { - "optional": true - } - } - }, - "node_modules/jest-config": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-27.4.5.tgz", - "integrity": "sha512-t+STVJtPt+fpqQ8GBw850NtSQbnDOw/UzdPfzDaHQ48/AylQlW7LHj3dH+ndxhC1UxJ0Q3qkq7IH+nM1skwTwA==", - "dev": true, - "dependencies": { - "@babel/core": "^7.1.0", - "@jest/test-sequencer": "^27.4.5", - "@jest/types": "^27.4.2", - "babel-jest": "^27.4.5", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.1", - "graceful-fs": "^4.2.4", - "jest-circus": "^27.4.5", - "jest-environment-jsdom": "^27.4.4", - "jest-environment-node": "^27.4.4", - "jest-get-type": "^27.4.0", - "jest-jasmine2": "^27.4.5", - "jest-regex-util": "^27.4.0", - "jest-resolve": "^27.4.5", - "jest-runner": "^27.4.5", - "jest-util": "^27.4.2", - "jest-validate": "^27.4.2", - "micromatch": "^4.0.4", - "pretty-format": "^27.4.2", - "slash": "^3.0.0" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - }, - "peerDependencies": { - "ts-node": ">=9.0.0" - }, - "peerDependenciesMeta": { - "ts-node": { - "optional": true - } - } - }, - "node_modules/jest-diff": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-27.4.2.tgz", - "integrity": "sha512-ujc9ToyUZDh9KcqvQDkk/gkbf6zSaeEg9AiBxtttXW59H/AcqEYp1ciXAtJp+jXWva5nAf/ePtSsgWwE5mqp4Q==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "diff-sequences": "^27.4.0", - "jest-get-type": "^27.4.0", - "pretty-format": "^27.4.2" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-docblock": { - "version": "27.4.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-27.4.0.tgz", - "integrity": "sha512-7TBazUdCKGV7svZ+gh7C8esAnweJoG+SvcF6Cjqj4l17zA2q1cMwx2JObSioubk317H+cjcHgP+7fTs60paulg==", - "dev": true, - "dependencies": { - "detect-newline": "^3.0.0" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-each": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-27.4.2.tgz", - "integrity": "sha512-53V2MNyW28CTruB3lXaHNk6PkiIFuzdOC9gR3C6j8YE/ACfrPnz+slB0s17AgU1TtxNzLuHyvNlLJ+8QYw9nBg==", - "dev": true, - "dependencies": { - "@jest/types": "^27.4.2", - "chalk": "^4.0.0", - "jest-get-type": "^27.4.0", - "jest-util": "^27.4.2", - "pretty-format": "^27.4.2" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-environment-jsdom": { - "version": "27.4.4", - "resolved": "https://registry.npmjs.org/jest-environment-jsdom/-/jest-environment-jsdom-27.4.4.tgz", - "integrity": "sha512-cYR3ndNfHBqQgFvS1RL7dNqSvD//K56j/q1s2ygNHcfTCAp12zfIromO1w3COmXrxS8hWAh7+CmZmGCIoqGcGA==", - "dev": true, - "dependencies": { - "@jest/environment": "^27.4.4", - "@jest/fake-timers": "^27.4.2", - "@jest/types": "^27.4.2", - "@types/node": "*", - "jest-mock": "^27.4.2", - "jest-util": "^27.4.2", - "jsdom": "^16.6.0" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-environment-node": { - "version": "27.4.4", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-27.4.4.tgz", - "integrity": "sha512-D+v3lbJ2GjQTQR23TK0kY3vFVmSeea05giInI41HHOaJnAwOnmUHTZgUaZL+VxUB43pIzoa7PMwWtCVlIUoVoA==", - "dev": true, - "dependencies": { - "@jest/environment": "^27.4.4", - "@jest/fake-timers": "^27.4.2", - "@jest/types": "^27.4.2", - "@types/node": "*", - "jest-mock": "^27.4.2", - "jest-util": "^27.4.2" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-get-type": { - "version": "27.4.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-27.4.0.tgz", - "integrity": "sha512-tk9o+ld5TWq41DkK14L4wox4s2D9MtTpKaAVzXfr5CUKm5ZK2ExcaFE0qls2W71zE/6R2TxxrK9w2r6svAFDBQ==", - "dev": true, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-haste-map": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-27.4.5.tgz", - "integrity": "sha512-oJm1b5qhhPs78K24EDGifWS0dELYxnoBiDhatT/FThgB9yxqUm5F6li3Pv+Q+apMBmmPNzOBnZ7ZxWMB1Leq1Q==", - "dev": true, - "dependencies": { - "@jest/types": "^27.4.2", - "@types/graceful-fs": "^4.1.2", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "graceful-fs": "^4.2.4", - "jest-regex-util": "^27.4.0", - "jest-serializer": "^27.4.0", - "jest-util": "^27.4.2", - "jest-worker": "^27.4.5", - "micromatch": "^4.0.4", - "walker": "^1.0.7" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - }, - "optionalDependencies": { - "fsevents": "^2.3.2" - } - }, - "node_modules/jest-jasmine2": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-jasmine2/-/jest-jasmine2-27.4.5.tgz", - "integrity": "sha512-oUnvwhJDj2LhOiUB1kdnJjkx8C5PwgUZQb9urF77mELH9DGR4e2GqpWQKBOYXWs5+uTN9BGDqRz3Aeg5Wts7aw==", - "dev": true, - "dependencies": { - "@babel/traverse": "^7.1.0", - "@jest/environment": "^27.4.4", - "@jest/source-map": "^27.4.0", - "@jest/test-result": "^27.4.2", - "@jest/types": "^27.4.2", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "expect": "^27.4.2", - "is-generator-fn": "^2.0.0", - "jest-each": "^27.4.2", - "jest-matcher-utils": "^27.4.2", - "jest-message-util": "^27.4.2", - "jest-runtime": "^27.4.5", - "jest-snapshot": "^27.4.5", - "jest-util": "^27.4.2", - "pretty-format": "^27.4.2", - "throat": "^6.0.1" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-leak-detector": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-27.4.2.tgz", - "integrity": "sha512-ml0KvFYZllzPBJWDei3mDzUhyp/M4ubKebX++fPaudpe8OsxUE+m+P6ciVLboQsrzOCWDjE20/eXew9QMx/VGw==", - "dev": true, - "dependencies": { - "jest-get-type": "^27.4.0", - "pretty-format": "^27.4.2" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-matcher-utils": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-27.4.2.tgz", - "integrity": "sha512-jyP28er3RRtMv+fmYC/PKG8wvAmfGcSNproVTW2Y0P/OY7/hWUOmsPfxN1jOhM+0u2xU984u2yEagGivz9OBGQ==", - "dev": true, - "dependencies": { - "chalk": "^4.0.0", - "jest-diff": "^27.4.2", - "jest-get-type": "^27.4.0", - "pretty-format": "^27.4.2" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-message-util": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-27.4.2.tgz", - "integrity": "sha512-OMRqRNd9E0DkBLZpFtZkAGYOXl6ZpoMtQJWTAREJKDOFa0M6ptB7L67tp+cszMBkvSgKOhNtQp2Vbcz3ZZKo/w==", - "dev": true, - "dependencies": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^27.4.2", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.4", - "micromatch": "^4.0.4", - "pretty-format": "^27.4.2", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-mock": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-27.4.2.tgz", - "integrity": "sha512-PDDPuyhoukk20JrQKeofK12hqtSka7mWH0QQuxSNgrdiPsrnYYLS6wbzu/HDlxZRzji5ylLRULeuI/vmZZDrYA==", - "dev": true, - "dependencies": { - "@jest/types": "^27.4.2", - "@types/node": "*" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-pnp-resolver": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.2.tgz", - "integrity": "sha512-olV41bKSMm8BdnuMsewT4jqlZ8+3TCARAXjZGT9jcoSnrfUnRCqnMoF9XEeoWjbzObpqF9dRhHQj0Xb9QdF6/w==", - "dev": true, - "engines": { - "node": ">=6" - }, - "peerDependencies": { - "jest-resolve": "*" - }, - "peerDependenciesMeta": { - "jest-resolve": { - "optional": true - } - } - }, - "node_modules/jest-regex-util": { - "version": "27.4.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-27.4.0.tgz", - "integrity": "sha512-WeCpMpNnqJYMQoOjm1nTtsgbR4XHAk1u00qDoNBQoykM280+/TmgA5Qh5giC1ecy6a5d4hbSsHzpBtu5yvlbEg==", - "dev": true, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-resolve": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-27.4.5.tgz", - "integrity": "sha512-xU3z1BuOz/hUhVUL+918KqUgK+skqOuUsAi7A+iwoUldK6/+PW+utK8l8cxIWT9AW7IAhGNXjSAh1UYmjULZZw==", - "dev": true, - "dependencies": { - "@jest/types": "^27.4.2", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.4", - "jest-haste-map": "^27.4.5", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^27.4.2", - "jest-validate": "^27.4.2", - "resolve": "^1.20.0", - "resolve.exports": "^1.1.0", - "slash": "^3.0.0" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-resolve-dependencies": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-27.4.5.tgz", - "integrity": "sha512-elEVvkvRK51y037NshtEkEnukMBWvlPzZHiL847OrIljJ8yIsujD2GXRPqDXC4rEVKbcdsy7W0FxoZb4WmEs7w==", - "dev": true, - "dependencies": { - "@jest/types": "^27.4.2", - "jest-regex-util": "^27.4.0", - "jest-snapshot": "^27.4.5" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-runner": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-27.4.5.tgz", - "integrity": "sha512-/irauncTfmY1WkTaRQGRWcyQLzK1g98GYG/8QvIPviHgO1Fqz1JYeEIsSfF+9mc/UTA6S+IIHFgKyvUrtiBIZg==", - "dev": true, - "dependencies": { - "@jest/console": "^27.4.2", - "@jest/environment": "^27.4.4", - "@jest/test-result": "^27.4.2", - "@jest/transform": "^27.4.5", - "@jest/types": "^27.4.2", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.8.1", - "exit": "^0.1.2", - "graceful-fs": "^4.2.4", - "jest-docblock": "^27.4.0", - "jest-environment-jsdom": "^27.4.4", - "jest-environment-node": "^27.4.4", - "jest-haste-map": "^27.4.5", - "jest-leak-detector": "^27.4.2", - "jest-message-util": "^27.4.2", - "jest-resolve": "^27.4.5", - "jest-runtime": "^27.4.5", - "jest-util": "^27.4.2", - "jest-worker": "^27.4.5", - "source-map-support": "^0.5.6", - "throat": "^6.0.1" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-runtime": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-27.4.5.tgz", - "integrity": "sha512-CIYqwuJQXHQtPd/idgrx4zgJ6iCb6uBjQq1RSAGQrw2S8XifDmoM1Ot8NRd80ooAm+ZNdHVwsktIMGlA1F1FAQ==", - "dev": true, - "dependencies": { - "@jest/console": "^27.4.2", - "@jest/environment": "^27.4.4", - "@jest/globals": "^27.4.4", - "@jest/source-map": "^27.4.0", - "@jest/test-result": "^27.4.2", - "@jest/transform": "^27.4.5", - "@jest/types": "^27.4.2", - "@types/yargs": "^16.0.0", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "execa": "^5.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.4", - "jest-haste-map": "^27.4.5", - "jest-message-util": "^27.4.2", - "jest-mock": "^27.4.2", - "jest-regex-util": "^27.4.0", - "jest-resolve": "^27.4.5", - "jest-snapshot": "^27.4.5", - "jest-util": "^27.4.2", - "jest-validate": "^27.4.2", - "slash": "^3.0.0", - "strip-bom": "^4.0.0", - "yargs": "^16.2.0" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-serializer": { - "version": "27.4.0", - "resolved": "https://registry.npmjs.org/jest-serializer/-/jest-serializer-27.4.0.tgz", - "integrity": "sha512-RDhpcn5f1JYTX2pvJAGDcnsNTnsV9bjYPU8xcV+xPwOXnUPOQwf4ZEuiU6G9H1UztH+OapMgu/ckEVwO87PwnQ==", - "dev": true, - "dependencies": { - "@types/node": "*", - "graceful-fs": "^4.2.4" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-snapshot": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-27.4.5.tgz", - "integrity": "sha512-eCi/iM1YJFrJWiT9de4+RpWWWBqsHiYxFG9V9o/n0WXs6GpW4lUt4FAHAgFPTLPqCUVzrMQmSmTZSgQzwqR7IQ==", - "dev": true, - "dependencies": { - "@babel/core": "^7.7.2", - "@babel/generator": "^7.7.2", - "@babel/parser": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/traverse": "^7.7.2", - "@babel/types": "^7.0.0", - "@jest/transform": "^27.4.5", - "@jest/types": "^27.4.2", - "@types/babel__traverse": "^7.0.4", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^27.4.2", - "graceful-fs": "^4.2.4", - "jest-diff": "^27.4.2", - "jest-get-type": "^27.4.0", - "jest-haste-map": "^27.4.5", - "jest-matcher-utils": "^27.4.2", - "jest-message-util": "^27.4.2", - "jest-resolve": "^27.4.5", - "jest-util": "^27.4.2", - "natural-compare": "^1.4.0", - "pretty-format": "^27.4.2", - "semver": "^7.3.2" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-snapshot/node_modules/semver": { - "version": "7.3.5", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.5.tgz", - "integrity": "sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ==", - "dev": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jest-util": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-27.4.2.tgz", - "integrity": "sha512-YuxxpXU6nlMan9qyLuxHaMMOzXAl5aGZWCSzben5DhLHemYQxCc4YK+4L3ZrCutT8GPQ+ui9k5D8rUJoDioMnA==", - "dev": true, - "dependencies": { - "@jest/types": "^27.4.2", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.4", - "picomatch": "^2.2.3" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-validate": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-27.4.2.tgz", - "integrity": "sha512-hWYsSUej+Fs8ZhOm5vhWzwSLmVaPAxRy+Mr+z5MzeaHm9AxUpXdoVMEW4R86y5gOobVfBsMFLk4Rb+QkiEpx1A==", - "dev": true, - "dependencies": { - "@jest/types": "^27.4.2", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^27.4.0", - "leven": "^3.1.0", - "pretty-format": "^27.4.2" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-validate/node_modules/camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/jest-watcher": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-27.4.2.tgz", - "integrity": "sha512-NJvMVyyBeXfDezhWzUOCOYZrUmkSCiatpjpm+nFUid74OZEHk6aMLrZAukIiFDwdbqp6mTM6Ui1w4oc+8EobQg==", - "dev": true, - "dependencies": { - "@jest/test-result": "^27.4.2", - "@jest/types": "^27.4.2", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "jest-util": "^27.4.2", - "string-length": "^4.0.1" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/jest-worker": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-27.4.5.tgz", - "integrity": "sha512-f2s8kEdy15cv9r7q4KkzGXvlY0JTcmCbMHZBfSQDwW77REr45IDWwd0lksDFeVHH2jJ5pqb90T77XscrjeGzzg==", - "dev": true, - "dependencies": { - "@types/node": "*", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "engines": { - "node": ">= 10.13.0" - } - }, - "node_modules/jest-worker/node_modules/supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/supports-color?sponsor=1" - } - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "node_modules/js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "dependencies": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - }, - "bin": { - "js-yaml": "bin/js-yaml.js" - } - }, - "node_modules/jsdom": { - "version": "16.7.0", - "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-16.7.0.tgz", - "integrity": "sha512-u9Smc2G1USStM+s/x1ru5Sxrl6mPYCbByG1U/hUmqaVsm4tbNyS7CicOSRyuGQYZhTu0h84qkZZQ/I+dzizSVw==", - "dev": true, - "dependencies": { - "abab": "^2.0.5", - "acorn": "^8.2.4", - "acorn-globals": "^6.0.0", - "cssom": "^0.4.4", - "cssstyle": "^2.3.0", - "data-urls": "^2.0.0", - "decimal.js": "^10.2.1", - "domexception": "^2.0.1", - "escodegen": "^2.0.0", - "form-data": "^3.0.0", - "html-encoding-sniffer": "^2.0.1", - "http-proxy-agent": "^4.0.1", - "https-proxy-agent": "^5.0.0", - "is-potential-custom-element-name": "^1.0.1", - "nwsapi": "^2.2.0", - "parse5": "6.0.1", - "saxes": "^5.0.1", - "symbol-tree": "^3.2.4", - "tough-cookie": "^4.0.0", - "w3c-hr-time": "^1.0.2", - "w3c-xmlserializer": "^2.0.0", - "webidl-conversions": "^6.1.0", - "whatwg-encoding": "^1.0.5", - "whatwg-mimetype": "^2.3.0", - "whatwg-url": "^8.5.0", - "ws": "^7.4.6", - "xml-name-validator": "^3.0.0" - }, - "engines": { - "node": ">=10" - }, - "peerDependencies": { - "canvas": "^2.5.0" - }, - "peerDependenciesMeta": { - "canvas": { - "optional": true - } - } - }, - "node_modules/jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true, - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/json5": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.0.tgz", - "integrity": "sha512-f+8cldu7X/y7RAJurMEJmdoKXGB/X550w2Nr3tTbezL6RwEE/iMcm+tZnXeoZtKuOq6ft8+CqzEkrIgx1fPoQA==", - "dev": true, - "dependencies": { - "minimist": "^1.2.5" - }, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/levn": { - "version": "0.3.0", - "resolved": "https://registry.npmjs.org/levn/-/levn-0.3.0.tgz", - "integrity": "sha1-OwmSTt+fCDwEkP3UwLxEIeBHZO4=", - "dev": true, - "dependencies": { - "prelude-ls": "~1.1.2", - "type-check": "~0.3.2" - }, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "dependencies": { - "p-locate": "^4.1.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/lodash": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==", - "dev": true - }, - "node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "dependencies": { - "semver": "^6.0.0" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "dependencies": { - "tmpl": "1.0.5" - } - }, - "node_modules/merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "node_modules/micromatch": { - "version": "4.0.4", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.4.tgz", - "integrity": "sha512-pRmzw/XUcwXGpD9aI9q/0XOwLNygjETJ8y0ao0wdqprrzDa4YnxLcz7fQRZr8voh8V10kGhABbNcHVk5wHgWwg==", - "dev": true, - "dependencies": { - "braces": "^3.0.1", - "picomatch": "^2.2.3" - }, - "engines": { - "node": ">=8.6" - } - }, - "node_modules/mime-db": { - "version": "1.51.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.51.0.tgz", - "integrity": "sha512-5y8A56jg7XVQx2mbv1lu49NR4dokRnhZYTtL+KGfaa27uq4pSTXkwQkFJl4pkRMyNFz/EtYDSkiiEHx3F7UN6g==", - "dev": true, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mime-types": { - "version": "2.1.34", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.34.tgz", - "integrity": "sha512-6cP692WwGIs9XXdOO4++N+7qjqv0rqxxVvJ3VHPh/Sc9mVZcQP+ZGhkKiTvWMQRr2tbHkJP/Yn7Y0npb3ZBs4A==", - "dev": true, - "dependencies": { - "mime-db": "1.51.0" - }, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/minimatch": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", - "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/minimist": { - "version": "1.2.6", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", - "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==", - "dev": true - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "node_modules/natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=", - "dev": true - }, - "node_modules/node-fetch": { - "version": "2.6.7", - "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.7.tgz", - "integrity": "sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==", - "dependencies": { - "whatwg-url": "^5.0.0" - }, - "engines": { - "node": "4.x || >=6.0.0" - }, - "peerDependencies": { - "encoding": "^0.1.0" - }, - "peerDependenciesMeta": { - "encoding": { - "optional": true - } - } - }, - "node_modules/node-fetch/node_modules/tr46": { - "version": "0.0.3", - "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", - "integrity": "sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o=" - }, - "node_modules/node-fetch/node_modules/webidl-conversions": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", - "integrity": "sha1-JFNCdeKnvGvnvIZhHMFq4KVlSHE=" - }, - "node_modules/node-fetch/node_modules/whatwg-url": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", - "integrity": "sha1-lmRU6HZUYuN2RNNib2dCzotwll0=", - "dependencies": { - "tr46": "~0.0.3", - "webidl-conversions": "^3.0.0" - } - }, - "node_modules/node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha1-h6kGXNs1XTGC2PlM4RGIuCXGijs=", - "dev": true - }, - "node_modules/node-releases": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.1.tgz", - "integrity": "sha512-CqyzN6z7Q6aMeF/ktcMVTzhAHCEpf8SOarwpzpf8pNBY2k5/oM34UHldUwp8VKI7uxct2HxSRdJjBaZeESzcxA==", - "dev": true - }, - "node_modules/normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "dependencies": { - "path-key": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/nwsapi": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/nwsapi/-/nwsapi-2.2.0.tgz", - "integrity": "sha512-h2AatdwYH+JHiZpv7pt/gSX1XoRGb7L/qSIeuqA6GwYoF9w1vP1cw42TO0aI2pNyshRK5893hNSl+1//vHK7hQ==", - "dev": true - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", - "dev": true, - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/optionator": { - "version": "0.8.3", - "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.8.3.tgz", - "integrity": "sha512-+IW9pACdk3XWmmTXG8m3upGUJst5XRGzxMRjXzAuJ1XnIFNvfhjjIuYkDvysnPQ7qzqVzLt78BCruntqRhWQbA==", - "dev": true, - "dependencies": { - "deep-is": "~0.1.3", - "fast-levenshtein": "~2.0.6", - "levn": "~0.3.0", - "prelude-ls": "~1.1.2", - "type-check": "~0.3.2", - "word-wrap": "~1.2.3" - }, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "dependencies": { - "p-try": "^2.0.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "dependencies": { - "p-limit": "^2.2.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/parse5": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/parse5/-/parse5-6.0.1.tgz", - "integrity": "sha512-Ofn/CTFzRGTTxwpNEs9PP93gXShHcTq255nzRYSKe8AkVpZY7e1fpmTfOyoIvjP5HG7Z2ZM7VS9PPhQGW2pOpw==", - "dev": true - }, - "node_modules/path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "node_modules/picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "node_modules/picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true, - "engines": { - "node": ">=8.6" - }, - "funding": { - "url": "https://github.com/sponsors/jonschlinkert" - } - }, - "node_modules/pirates": { - "version": "4.0.4", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.4.tgz", - "integrity": "sha512-ZIrVPH+A52Dw84R0L3/VS9Op04PuQ2SEoJL6bkshmiTic/HldyW9Tf7oH5mhJZBK7NmDx27vSMrYEXPXclpDKw==", - "dev": true, - "engines": { - "node": ">= 6" - } - }, - "node_modules/pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "dependencies": { - "find-up": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/prelude-ls": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.1.2.tgz", - "integrity": "sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ=", - "dev": true, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/pretty-format": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-27.4.2.tgz", - "integrity": "sha512-p0wNtJ9oLuvgOQDEIZ9zQjZffK7KtyR6Si0jnXULIDwrlNF8Cuir3AZP0hHv0jmKuNN/edOnbMjnzd4uTcmWiw==", - "dev": true, - "dependencies": { - "@jest/types": "^27.4.2", - "ansi-regex": "^5.0.1", - "ansi-styles": "^5.0.0", - "react-is": "^17.0.1" - }, - "engines": { - "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" - } - }, - "node_modules/pretty-format/node_modules/ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "dependencies": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==", - "dev": true - }, - "node_modules/punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/react-is": { - "version": "17.0.2", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-17.0.2.tgz", - "integrity": "sha512-w2GsyukL62IJnlaff/nRegPQR94C/XXamvMWmSHRJ4y7Ts/4ocGRmTHvOs8PSE6pB3dWOrD/nueuU5sduBsQ4w==", - "dev": true - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha1-jGStX9MNqxyXbiNE/+f3kqam30I=", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve": { - "version": "1.21.0", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.21.0.tgz", - "integrity": "sha512-3wCbTpk5WJlyE4mSOtDLhqQmGFi0/TD9VPwmiolnk8U0wRgMEktqCXd3vy5buTO3tljvalNvKrjHEfrd2WpEKA==", - "dev": true, - "dependencies": { - "is-core-module": "^2.8.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - }, - "bin": { - "resolve": "bin/resolve" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "dependencies": { - "resolve-from": "^5.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/resolve.exports": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-1.1.0.tgz", - "integrity": "sha512-J1l+Zxxp4XK3LUDZ9m60LRJF/mAe4z6a4xyabPHk7pvK5t35dACV32iIjJDFeWZFfZlO29w6SZ67knR0tHzJtQ==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/rimraf": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", - "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", - "dev": true, - "dependencies": { - "glob": "^7.1.3" - }, - "bin": { - "rimraf": "bin.js" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==", - "dev": true - }, - "node_modules/safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", - "dev": true - }, - "node_modules/saxes": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/saxes/-/saxes-5.0.1.tgz", - "integrity": "sha512-5LBh1Tls8c9xgGjw3QrMwETmTMVk0oFgvrFSvWx62llR2hcEInrKNZ2GZCCuuy2lvWrdl5jhbpeqc5hRYKFOcw==", - "dev": true, - "dependencies": { - "xmlchars": "^2.2.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/semver": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", - "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==", - "dev": true, - "bin": { - "semver": "bin/semver.js" - } - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/signal-exit": { - "version": "3.0.6", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.6.tgz", - "integrity": "sha512-sDl4qMFpijcGw22U5w63KmD3cZJfBuFlVNbVMKje2keoKML7X2UzWbc4XrmEbDwg0NXJc3yv4/ox7b+JWb57kQ==", - "dev": true - }, - "node_modules/sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "node_modules/slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/source-map-support": { - "version": "0.5.21", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.21.tgz", - "integrity": "sha512-uBHU3L3czsIyYXKX88fdrGovxdSCoTGDRZ6SYXtSRxLZUzHg5P/66Ht6uoUlHu9EZod+inXhKo3qQgwXUT/y1w==", - "dev": true, - "dependencies": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=", - "dev": true - }, - "node_modules/stack-utils": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.5.tgz", - "integrity": "sha512-xrQcmYhOsn/1kX+Vraq+7j4oE2j/6BFscZ0etmYg81xuM8Gq0022Pxb8+IqgOFUIaxHs0KaSb7T1+OegiNrNFA==", - "dev": true, - "dependencies": { - "escape-string-regexp": "^2.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "dependencies": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-hyperlinks": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/supports-hyperlinks/-/supports-hyperlinks-2.2.0.tgz", - "integrity": "sha512-6sXEzV5+I5j8Bmq9/vUphGRM/RJNT9SCURJLjwfOg51heRtguGWDzcaBlgAzKhQa0EVNpPEKzQuBwZ8S8WaCeQ==", - "dev": true, - "dependencies": { - "has-flag": "^4.0.0", - "supports-color": "^7.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/symbol-tree": { - "version": "3.2.4", - "resolved": "https://registry.npmjs.org/symbol-tree/-/symbol-tree-3.2.4.tgz", - "integrity": "sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw==", - "dev": true - }, - "node_modules/terminal-link": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/terminal-link/-/terminal-link-2.1.1.tgz", - "integrity": "sha512-un0FmiRUQNr5PJqy9kP7c40F5BOfpGlYTrxonDChEZB7pzZxRNp/bt+ymiy9/npwXya9KH99nJ/GXFIiUkYGFQ==", - "dev": true, - "dependencies": { - "ansi-escapes": "^4.2.1", - "supports-hyperlinks": "^2.0.0" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "dependencies": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/throat": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/throat/-/throat-6.0.1.tgz", - "integrity": "sha512-8hmiGIJMDlwjg7dlJ4yKGLK8EsYqKgPWbG3b4wjJddKNwc7N7Dpn08Df4szr/sZdMVeOstrdYSsqzX6BYbcB+w==", - "dev": true - }, - "node_modules/tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "node_modules/to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "dependencies": { - "is-number": "^7.0.0" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/tough-cookie": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-4.0.0.tgz", - "integrity": "sha512-tHdtEpQCMrc1YLrMaqXXcj6AxhYi/xgit6mZu1+EDWUn+qhUf8wMQoFIy9NXuq23zAwtcB0t/MjACGR18pcRbg==", - "dev": true, - "dependencies": { - "psl": "^1.1.33", - "punycode": "^2.1.1", - "universalify": "^0.1.2" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/tr46": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/tr46/-/tr46-2.1.0.tgz", - "integrity": "sha512-15Ih7phfcdP5YxqiB+iDtLoaTz4Nd35+IiAv0kQ5FNKHzXgdWqPoTIqEDDJmXceQt4JZk6lVPT8lnDlPpGDppw==", - "dev": true, - "dependencies": { - "punycode": "^2.1.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/type-check": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.3.2.tgz", - "integrity": "sha1-WITKtRLPHTVeP7eE8wgEsrUg23I=", - "dev": true, - "dependencies": { - "prelude-ls": "~1.1.2" - }, - "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/typedarray-to-buffer": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/typedarray-to-buffer/-/typedarray-to-buffer-3.1.5.tgz", - "integrity": "sha512-zdu8XMNEDepKKR+XYOXAVPtWui0ly0NtohUscw+UmaHiAWT8hrV1rr//H6V+0DvJ3OQ19S979M0laLfX8rm82Q==", - "dev": true, - "dependencies": { - "is-typedarray": "^1.0.0" - } - }, - "node_modules/universalify": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz", - "integrity": "sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg==", - "dev": true, - "engines": { - "node": ">= 4.0.0" - } - }, - "node_modules/v8-to-istanbul": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-8.1.0.tgz", - "integrity": "sha512-/PRhfd8aTNp9Ggr62HPzXg2XasNFGy5PBt0Rp04du7/8GNNSgxFL6WBTkgMKSL9bFjH+8kKEG3f37FmxiTqUUA==", - "dev": true, - "dependencies": { - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0", - "source-map": "^0.7.3" - }, - "engines": { - "node": ">=10.12.0" - } - }, - "node_modules/v8-to-istanbul/node_modules/source-map": { - "version": "0.7.3", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.7.3.tgz", - "integrity": "sha512-CkCj6giN3S+n9qrYiBTX5gystlENnRW5jZeNLHpe6aue+SrHcG5VYwujhW9s4dY31mEGsxBDrHR6oI69fTXsaQ==", - "dev": true, - "engines": { - "node": ">= 8" - } - }, - "node_modules/w3c-hr-time": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/w3c-hr-time/-/w3c-hr-time-1.0.2.tgz", - "integrity": "sha512-z8P5DvDNjKDoFIHK7q8r8lackT6l+jo/Ye3HOle7l9nICP9lf1Ci25fy9vHd0JOWewkIFzXIEig3TdKT7JQ5fQ==", - "dev": true, - "dependencies": { - "browser-process-hrtime": "^1.0.0" - } - }, - "node_modules/w3c-xmlserializer": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/w3c-xmlserializer/-/w3c-xmlserializer-2.0.0.tgz", - "integrity": "sha512-4tzD0mF8iSiMiNs30BiLO3EpfGLZUT2MSX/G+o7ZywDzliWQ3OPtTZ0PTC3B3ca1UAf4cJMHB+2Bf56EriJuRA==", - "dev": true, - "dependencies": { - "xml-name-validator": "^3.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "dependencies": { - "makeerror": "1.0.12" - } - }, - "node_modules/webidl-conversions": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-6.1.0.tgz", - "integrity": "sha512-qBIvFLGiBpLjfwmYAaHPXsn+ho5xZnGvyGvsarywGNc8VyQJUMHJ8OBKGGrPER0okBeMDaan4mNBlgBROxuI8w==", - "dev": true, - "engines": { - "node": ">=10.4" - } - }, - "node_modules/whatwg-encoding": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/whatwg-encoding/-/whatwg-encoding-1.0.5.tgz", - "integrity": "sha512-b5lim54JOPN9HtzvK9HFXvBma/rnfFeqsic0hSpjtDbVxR3dJKLc+KB4V6GgiGOvl7CY/KNh8rxSo9DKQrnUEw==", - "dev": true, - "dependencies": { - "iconv-lite": "0.4.24" - } - }, - "node_modules/whatwg-mimetype": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/whatwg-mimetype/-/whatwg-mimetype-2.3.0.tgz", - "integrity": "sha512-M4yMwr6mAnQz76TbJm914+gPpB/nCwvZbJU28cUD6dR004SAxDLOOSUaB1JDRqLtaOV/vi0IC5lEAGFgrjGv/g==", - "dev": true - }, - "node_modules/whatwg-url": { - "version": "8.7.0", - "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-8.7.0.tgz", - "integrity": "sha512-gAojqb/m9Q8a5IV96E3fHJM70AzCkgt4uXYX2O7EmuyOnLrViCQlsEBmF9UQIu3/aeAIp2U17rtbpZWNntQqdg==", - "dev": true, - "dependencies": { - "lodash": "^4.7.0", - "tr46": "^2.1.0", - "webidl-conversions": "^6.1.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/word-wrap": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz", - "integrity": "sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", - "dev": true - }, - "node_modules/write-file-atomic": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-3.0.3.tgz", - "integrity": "sha512-AvHcyZ5JnSfq3ioSyjrBkH9yW4m7Ayk8/9My/DD9onKeu/94fwrMocemO2QAJFAlnnDN+ZDS+ZjAR5ua1/PV/Q==", - "dev": true, - "dependencies": { - "imurmurhash": "^0.1.4", - "is-typedarray": "^1.0.0", - "signal-exit": "^3.0.2", - "typedarray-to-buffer": "^3.1.5" - } - }, - "node_modules/ws": { - "version": "7.5.6", - "resolved": "https://registry.npmjs.org/ws/-/ws-7.5.6.tgz", - "integrity": "sha512-6GLgCqo2cy2A2rjCNFlxQS6ZljG/coZfZXclldI8FB/1G3CCI36Zd8xy2HrFVACi8tfk5XrgLQEk+P0Tnz9UcA==", - "dev": true, - "engines": { - "node": ">=8.3.0" - }, - "peerDependencies": { - "bufferutil": "^4.0.1", - "utf-8-validate": "^5.0.2" - }, - "peerDependenciesMeta": { - "bufferutil": { - "optional": true - }, - "utf-8-validate": { - "optional": true - } - } - }, - "node_modules/xml-name-validator": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/xml-name-validator/-/xml-name-validator-3.0.0.tgz", - "integrity": "sha512-A5CUptxDsvxKJEU3yO6DuWBSJz/qizqzJKOMIfUJHETbBw/sFaDxgd6fxm1ewUaM0jZ444Fc5vC5ROYurg/4Pw==", - "dev": true - }, - "node_modules/xmlchars": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/xmlchars/-/xmlchars-2.2.0.tgz", - "integrity": "sha512-JZnDKK8B0RCDw84FNdDAIpZK+JuJw+s7Lz8nksI7SIuU3UXJJslUthsi+uWBUYOwPFwW7W7PRLRfUKpxjtjFCw==", - "dev": true - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "node_modules/yargs": { - "version": "16.2.0", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-16.2.0.tgz", - "integrity": "sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw==", - "dev": true, - "dependencies": { - "cliui": "^7.0.2", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.0", - "y18n": "^5.0.5", - "yargs-parser": "^20.2.2" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/yargs-parser": { - "version": "20.2.9", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-20.2.9.tgz", - "integrity": "sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w==", - "dev": true, - "engines": { - "node": ">=10" - } + "name": "@securecodebox/hook-persistence-azure-monitor", + "version": "1.0.0", + "lockfileVersion": 2, + "requires": true, + "packages": { + "": { + "name": "@securecodebox/hook-persistence-azure-monitor", + "version": "1.0.0", + "license": "Apache-2.0", + "dependencies": { + "node-fetch": "2.6" + }, + "devDependencies": { + "jest": "^27.0.6" + } + }, + "node_modules/@babel/code-frame": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.16.7.tgz", + "integrity": "sha512-iAXqUn8IIeBTNd72xsFlgaXHkMBMt6y4HJp1tIaK465CWLT/fG1aqB7ykr95gHHmlBdGbFeWWfyB4NJJ0nmeIg==", + "dev": true, + "dependencies": { + "@babel/highlight": "^7.16.7" + }, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/compat-data": { + "version": "7.16.4", + "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.16.4.tgz", + "integrity": "sha512-1o/jo7D+kC9ZjHX5v+EHrdjl3PhxMrLSOTGsOdHJ+KL8HCaEK6ehrVL2RS6oHDZp+L7xLirLrPmQtEng769J/Q==", + "dev": true, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/core": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.16.7.tgz", + "integrity": "sha512-aeLaqcqThRNZYmbMqtulsetOQZ/5gbR/dWruUCJcpas4Qoyy+QeagfDsPdMrqwsPRDNxJvBlRiZxxX7THO7qtA==", + "dev": true, + "dependencies": { + "@babel/code-frame": "^7.16.7", + "@babel/generator": "^7.16.7", + "@babel/helper-compilation-targets": "^7.16.7", + "@babel/helper-module-transforms": "^7.16.7", + "@babel/helpers": "^7.16.7", + "@babel/parser": "^7.16.7", + "@babel/template": "^7.16.7", + "@babel/traverse": "^7.16.7", + "@babel/types": "^7.16.7", + "convert-source-map": "^1.7.0", + "debug": "^4.1.0", + "gensync": "^1.0.0-beta.2", + "json5": "^2.1.2", + "semver": "^6.3.0", + "source-map": "^0.5.0" + }, + "engines": { + "node": ">=6.9.0" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/babel" + } + }, + "node_modules/@babel/core/node_modules/source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "dev": true, + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/@babel/generator": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.16.7.tgz", + "integrity": "sha512-/ST3Sg8MLGY5HVYmrjOgL60ENux/HfO/CsUh7y4MalThufhE/Ff/6EibFDHi4jiDCaWfJKoqbE6oTh21c5hrRg==", + "dev": true, + "dependencies": { + "@babel/types": "^7.16.7", + "jsesc": "^2.5.1", + "source-map": "^0.5.0" + }, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/generator/node_modules/source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "dev": true, + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/@babel/helper-compilation-targets": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.16.7.tgz", + "integrity": "sha512-mGojBwIWcwGD6rfqgRXVlVYmPAv7eOpIemUG3dGnDdCY4Pae70ROij3XmfrH6Fa1h1aiDylpglbZyktfzyo/hA==", + "dev": true, + "dependencies": { + "@babel/compat-data": "^7.16.4", + "@babel/helper-validator-option": "^7.16.7", + "browserslist": "^4.17.5", + "semver": "^6.3.0" + }, + "engines": { + "node": ">=6.9.0" + }, + "peerDependencies": { + "@babel/core": "^7.0.0" + } + }, + "node_modules/@babel/helper-environment-visitor": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.16.7.tgz", + "integrity": "sha512-SLLb0AAn6PkUeAfKJCCOl9e1R53pQlGAfc4y4XuMRZfqeMYLE0dM1LMhqbGAlGQY0lfw5/ohoYWAe9V1yibRag==", + "dev": true, + "dependencies": { + "@babel/types": "^7.16.7" + }, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/helper-function-name": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.16.7.tgz", + "integrity": "sha512-QfDfEnIUyyBSR3HtrtGECuZ6DAyCkYFp7GHl75vFtTnn6pjKeK0T1DB5lLkFvBea8MdaiUABx3osbgLyInoejA==", + "dev": true, + "dependencies": { + "@babel/helper-get-function-arity": "^7.16.7", + "@babel/template": "^7.16.7", + "@babel/types": "^7.16.7" + }, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/helper-get-function-arity": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-get-function-arity/-/helper-get-function-arity-7.16.7.tgz", + "integrity": "sha512-flc+RLSOBXzNzVhcLu6ujeHUrD6tANAOU5ojrRx/as+tbzf8+stUCj7+IfRRoAbEZqj/ahXEMsjhOhgeZsrnTw==", + "dev": true, + "dependencies": { + "@babel/types": "^7.16.7" + }, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/helper-hoist-variables": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.16.7.tgz", + "integrity": "sha512-m04d/0Op34H5v7pbZw6pSKP7weA6lsMvfiIAMeIvkY/R4xQtBSMFEigu9QTZ2qB/9l22vsxtM8a+Q8CzD255fg==", + "dev": true, + "dependencies": { + "@babel/types": "^7.16.7" + }, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/helper-module-imports": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.16.7.tgz", + "integrity": "sha512-LVtS6TqjJHFc+nYeITRo6VLXve70xmq7wPhWTqDJusJEgGmkAACWwMiTNrvfoQo6hEhFwAIixNkvB0jPXDL8Wg==", + "dev": true, + "dependencies": { + "@babel/types": "^7.16.7" + }, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/helper-module-transforms": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.16.7.tgz", + "integrity": "sha512-gaqtLDxJEFCeQbYp9aLAefjhkKdjKcdh6DB7jniIGU3Pz52WAmP268zK0VgPz9hUNkMSYeH976K2/Y6yPadpng==", + "dev": true, + "dependencies": { + "@babel/helper-environment-visitor": "^7.16.7", + "@babel/helper-module-imports": "^7.16.7", + "@babel/helper-simple-access": "^7.16.7", + "@babel/helper-split-export-declaration": "^7.16.7", + "@babel/helper-validator-identifier": "^7.16.7", + "@babel/template": "^7.16.7", + "@babel/traverse": "^7.16.7", + "@babel/types": "^7.16.7" + }, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/helper-plugin-utils": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.16.7.tgz", + "integrity": "sha512-Qg3Nk7ZxpgMrsox6HreY1ZNKdBq7K72tDSliA6dCl5f007jR4ne8iD5UzuNnCJH2xBf2BEEVGr+/OL6Gdp7RxA==", + "dev": true, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/helper-simple-access": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.16.7.tgz", + "integrity": "sha512-ZIzHVyoeLMvXMN/vok/a4LWRy8G2v205mNP0XOuf9XRLyX5/u9CnVulUtDgUTama3lT+bf/UqucuZjqiGuTS1g==", + "dev": true, + "dependencies": { + "@babel/types": "^7.16.7" + }, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/helper-split-export-declaration": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.16.7.tgz", + "integrity": "sha512-xbWoy/PFoxSWazIToT9Sif+jJTlrMcndIsaOKvTA6u7QEo7ilkRZpjew18/W3c7nm8fXdUDXh02VXTbZ0pGDNw==", + "dev": true, + "dependencies": { + "@babel/types": "^7.16.7" + }, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/helper-validator-identifier": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.16.7.tgz", + "integrity": "sha512-hsEnFemeiW4D08A5gUAZxLBTXpZ39P+a+DGDsHw1yxqyQ/jzFEnxf5uTEGp+3bzAbNOxU1paTgYS4ECU/IgfDw==", + "dev": true, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/helper-validator-option": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.16.7.tgz", + "integrity": "sha512-TRtenOuRUVo9oIQGPC5G9DgK4743cdxvtOw0weQNpZXaS16SCBi5MNjZF8vba3ETURjZpTbVn7Vvcf2eAwFozQ==", + "dev": true, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/helpers": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.16.7.tgz", + "integrity": "sha512-9ZDoqtfY7AuEOt3cxchfii6C7GDyyMBffktR5B2jvWv8u2+efwvpnVKXMWzNehqy68tKgAfSwfdw/lWpthS2bw==", + "dev": true, + "dependencies": { + "@babel/template": "^7.16.7", + "@babel/traverse": "^7.16.7", + "@babel/types": "^7.16.7" + }, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/highlight": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.16.7.tgz", + "integrity": "sha512-aKpPMfLvGO3Q97V0qhw/V2SWNWlwfJknuwAunU7wZLSfrM4xTBvg7E5opUVi1kJTBKihE38CPg4nBiqX83PWYw==", + "dev": true, + "dependencies": { + "@babel/helper-validator-identifier": "^7.16.7", + "chalk": "^2.0.0", + "js-tokens": "^4.0.0" + }, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/highlight/node_modules/ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "dev": true, + "dependencies": { + "color-convert": "^1.9.0" + }, + "engines": { + "node": ">=4" + } + }, + "node_modules/@babel/highlight/node_modules/chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "dev": true, + "dependencies": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + }, + "engines": { + "node": ">=4" + } + }, + "node_modules/@babel/highlight/node_modules/color-convert": { + "version": "1.9.3", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "dev": true, + "dependencies": { + "color-name": "1.1.3" + } + }, + "node_modules/@babel/highlight/node_modules/color-name": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=", + "dev": true + }, + "node_modules/@babel/highlight/node_modules/escape-string-regexp": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=", + "dev": true, + "engines": { + "node": ">=0.8.0" + } + }, + "node_modules/@babel/highlight/node_modules/has-flag": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", + "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", + "dev": true, + "engines": { + "node": ">=4" + } + }, + "node_modules/@babel/highlight/node_modules/supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "dev": true, + "dependencies": { + "has-flag": "^3.0.0" + }, + "engines": { + "node": ">=4" + } + }, + "node_modules/@babel/parser": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.16.7.tgz", + "integrity": "sha512-sR4eaSrnM7BV7QPzGfEX5paG/6wrZM3I0HDzfIAK06ESvo9oy3xBuVBxE3MbQaKNhvg8g/ixjMWo2CGpzpHsDA==", + "dev": true, + "bin": { + "parser": "bin/babel-parser.js" + }, + "engines": { + "node": ">=6.0.0" + } + }, + "node_modules/@babel/plugin-syntax-async-generators": { + "version": "7.8.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", + "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", + "dev": true, + "dependencies": { + "@babel/helper-plugin-utils": "^7.8.0" + }, + "peerDependencies": { + "@babel/core": "^7.0.0-0" + } + }, + "node_modules/@babel/plugin-syntax-bigint": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", + "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", + "dev": true, + "dependencies": { + "@babel/helper-plugin-utils": "^7.8.0" + }, + "peerDependencies": { + "@babel/core": "^7.0.0-0" + } + }, + "node_modules/@babel/plugin-syntax-class-properties": { + "version": "7.12.13", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", + "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", + "dev": true, + "dependencies": { + "@babel/helper-plugin-utils": "^7.12.13" + }, + "peerDependencies": { + "@babel/core": "^7.0.0-0" + } + }, + "node_modules/@babel/plugin-syntax-import-meta": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", + "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", + "dev": true, + "dependencies": { + "@babel/helper-plugin-utils": "^7.10.4" + }, + "peerDependencies": { + "@babel/core": "^7.0.0-0" + } + }, + "node_modules/@babel/plugin-syntax-json-strings": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", + "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", + "dev": true, + "dependencies": { + "@babel/helper-plugin-utils": "^7.8.0" + }, + "peerDependencies": { + "@babel/core": "^7.0.0-0" + } + }, + "node_modules/@babel/plugin-syntax-logical-assignment-operators": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", + "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", + "dev": true, + "dependencies": { + "@babel/helper-plugin-utils": "^7.10.4" + }, + "peerDependencies": { + "@babel/core": "^7.0.0-0" + } + }, + "node_modules/@babel/plugin-syntax-nullish-coalescing-operator": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", + "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", + "dev": true, + "dependencies": { + "@babel/helper-plugin-utils": "^7.8.0" + }, + "peerDependencies": { + "@babel/core": "^7.0.0-0" + } + }, + "node_modules/@babel/plugin-syntax-numeric-separator": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", + "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", + "dev": true, + "dependencies": { + "@babel/helper-plugin-utils": "^7.10.4" + }, + "peerDependencies": { + "@babel/core": "^7.0.0-0" + } + }, + "node_modules/@babel/plugin-syntax-object-rest-spread": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", + "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", + "dev": true, + "dependencies": { + "@babel/helper-plugin-utils": "^7.8.0" + }, + "peerDependencies": { + "@babel/core": "^7.0.0-0" + } + }, + "node_modules/@babel/plugin-syntax-optional-catch-binding": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", + "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", + "dev": true, + "dependencies": { + "@babel/helper-plugin-utils": "^7.8.0" + }, + "peerDependencies": { + "@babel/core": "^7.0.0-0" + } + }, + "node_modules/@babel/plugin-syntax-optional-chaining": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", + "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", + "dev": true, + "dependencies": { + "@babel/helper-plugin-utils": "^7.8.0" + }, + "peerDependencies": { + "@babel/core": "^7.0.0-0" + } + }, + "node_modules/@babel/plugin-syntax-top-level-await": { + "version": "7.14.5", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", + "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", + "dev": true, + "dependencies": { + "@babel/helper-plugin-utils": "^7.14.5" + }, + "engines": { + "node": ">=6.9.0" + }, + "peerDependencies": { + "@babel/core": "^7.0.0-0" + } + }, + "node_modules/@babel/plugin-syntax-typescript": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.16.7.tgz", + "integrity": "sha512-YhUIJHHGkqPgEcMYkPCKTyGUdoGKWtopIycQyjJH8OjvRgOYsXsaKehLVPScKJWAULPxMa4N1vCe6szREFlZ7A==", + "dev": true, + "dependencies": { + "@babel/helper-plugin-utils": "^7.16.7" + }, + "engines": { + "node": ">=6.9.0" + }, + "peerDependencies": { + "@babel/core": "^7.0.0-0" + } + }, + "node_modules/@babel/template": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.16.7.tgz", + "integrity": "sha512-I8j/x8kHUrbYRTUxXrrMbfCa7jxkE7tZre39x3kjr9hvI82cK1FfqLygotcWN5kdPGWcLdWMHpSBavse5tWw3w==", + "dev": true, + "dependencies": { + "@babel/code-frame": "^7.16.7", + "@babel/parser": "^7.16.7", + "@babel/types": "^7.16.7" + }, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/traverse": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.16.7.tgz", + "integrity": "sha512-8KWJPIb8c2VvY8AJrydh6+fVRo2ODx1wYBU2398xJVq0JomuLBZmVQzLPBblJgHIGYG4znCpUZUZ0Pt2vdmVYQ==", + "dev": true, + "dependencies": { + "@babel/code-frame": "^7.16.7", + "@babel/generator": "^7.16.7", + "@babel/helper-environment-visitor": "^7.16.7", + "@babel/helper-function-name": "^7.16.7", + "@babel/helper-hoist-variables": "^7.16.7", + "@babel/helper-split-export-declaration": "^7.16.7", + "@babel/parser": "^7.16.7", + "@babel/types": "^7.16.7", + "debug": "^4.1.0", + "globals": "^11.1.0" + }, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/types": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.16.7.tgz", + "integrity": "sha512-E8HuV7FO9qLpx6OtoGfUQ2cjIYnbFwvZWYBS+87EwtdMvmUPJSwykpovFB+8insbpF0uJcpr8KMUi64XZntZcg==", + "dev": true, + "dependencies": { + "@babel/helper-validator-identifier": "^7.16.7", + "to-fast-properties": "^2.0.0" + }, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@bcoe/v8-coverage": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", + "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", + "dev": true + }, + "node_modules/@istanbuljs/load-nyc-config": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", + "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", + "dev": true, + "dependencies": { + "camelcase": "^5.3.1", + "find-up": "^4.1.0", + "get-package-type": "^0.1.0", + "js-yaml": "^3.13.1", + "resolve-from": "^5.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/@istanbuljs/schema": { + "version": "0.1.3", + "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", + "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", + "dev": true, + "engines": { + "node": ">=8" + } + }, + "node_modules/@jest/console": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/@jest/console/-/console-27.4.2.tgz", + "integrity": "sha512-xknHThRsPB/To1FUbi6pCe43y58qFC03zfb6R7fDb/FfC7k2R3i1l+izRBJf8DI46KhYGRaF14Eo9A3qbBoixg==", + "dev": true, + "dependencies": { + "@jest/types": "^27.4.2", + "@types/node": "*", + "chalk": "^4.0.0", + "jest-message-util": "^27.4.2", + "jest-util": "^27.4.2", + "slash": "^3.0.0" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/@jest/core": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/@jest/core/-/core-27.4.5.tgz", + "integrity": "sha512-3tm/Pevmi8bDsgvo73nX8p/WPng6KWlCyScW10FPEoN1HU4pwI83tJ3TsFvi1FfzsjwUlMNEPowgb/rPau/LTQ==", + "dev": true, + "dependencies": { + "@jest/console": "^27.4.2", + "@jest/reporters": "^27.4.5", + "@jest/test-result": "^27.4.2", + "@jest/transform": "^27.4.5", + "@jest/types": "^27.4.2", + "@types/node": "*", + "ansi-escapes": "^4.2.1", + "chalk": "^4.0.0", + "emittery": "^0.8.1", + "exit": "^0.1.2", + "graceful-fs": "^4.2.4", + "jest-changed-files": "^27.4.2", + "jest-config": "^27.4.5", + "jest-haste-map": "^27.4.5", + "jest-message-util": "^27.4.2", + "jest-regex-util": "^27.4.0", + "jest-resolve": "^27.4.5", + "jest-resolve-dependencies": "^27.4.5", + "jest-runner": "^27.4.5", + "jest-runtime": "^27.4.5", + "jest-snapshot": "^27.4.5", + "jest-util": "^27.4.2", + "jest-validate": "^27.4.2", + "jest-watcher": "^27.4.2", + "micromatch": "^4.0.4", + "rimraf": "^3.0.0", + "slash": "^3.0.0", + "strip-ansi": "^6.0.0" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + }, + "peerDependencies": { + "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" + }, + "peerDependenciesMeta": { + "node-notifier": { + "optional": true + } + } + }, + "node_modules/@jest/environment": { + "version": "27.4.4", + "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-27.4.4.tgz", + "integrity": "sha512-q+niMx7cJgt/t/b6dzLOh4W8Ef/8VyKG7hxASK39jakijJzbFBGpptx3RXz13FFV7OishQ9lTbv+dQ5K3EhfDQ==", + "dev": true, + "dependencies": { + "@jest/fake-timers": "^27.4.2", + "@jest/types": "^27.4.2", + "@types/node": "*", + "jest-mock": "^27.4.2" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/@jest/fake-timers": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-27.4.2.tgz", + "integrity": "sha512-f/Xpzn5YQk5adtqBgvw1V6bF8Nx3hY0OIRRpCvWcfPl0EAjdqWPdhH3t/3XpiWZqtjIEHDyMKP9ajpva1l4Zmg==", + "dev": true, + "dependencies": { + "@jest/types": "^27.4.2", + "@sinonjs/fake-timers": "^8.0.1", + "@types/node": "*", + "jest-message-util": "^27.4.2", + "jest-mock": "^27.4.2", + "jest-util": "^27.4.2" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/@jest/globals": { + "version": "27.4.4", + "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-27.4.4.tgz", + "integrity": "sha512-bqpqQhW30BOreXM8bA8t8JbOQzsq/WnPTnBl+It3UxAD9J8yxEAaBEylHx1dtBapAr/UBk8GidXbzmqnee8tYQ==", + "dev": true, + "dependencies": { + "@jest/environment": "^27.4.4", + "@jest/types": "^27.4.2", + "expect": "^27.4.2" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/@jest/reporters": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-27.4.5.tgz", + "integrity": "sha512-3orsG4vi8zXuBqEoy2LbnC1kuvkg1KQUgqNxmxpQgIOQEPeV0onvZu+qDQnEoX8qTQErtqn/xzcnbpeTuOLSiA==", + "dev": true, + "dependencies": { + "@bcoe/v8-coverage": "^0.2.3", + "@jest/console": "^27.4.2", + "@jest/test-result": "^27.4.2", + "@jest/transform": "^27.4.5", + "@jest/types": "^27.4.2", + "@types/node": "*", + "chalk": "^4.0.0", + "collect-v8-coverage": "^1.0.0", + "exit": "^0.1.2", + "glob": "^7.1.2", + "graceful-fs": "^4.2.4", + "istanbul-lib-coverage": "^3.0.0", + "istanbul-lib-instrument": "^4.0.3", + "istanbul-lib-report": "^3.0.0", + "istanbul-lib-source-maps": "^4.0.0", + "istanbul-reports": "^3.0.2", + "jest-haste-map": "^27.4.5", + "jest-resolve": "^27.4.5", + "jest-util": "^27.4.2", + "jest-worker": "^27.4.5", + "slash": "^3.0.0", + "source-map": "^0.6.0", + "string-length": "^4.0.1", + "terminal-link": "^2.0.0", + "v8-to-istanbul": "^8.1.0" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + }, + "peerDependencies": { + "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" + }, + "peerDependenciesMeta": { + "node-notifier": { + "optional": true + } + } + }, + "node_modules/@jest/source-map": { + "version": "27.4.0", + "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-27.4.0.tgz", + "integrity": "sha512-Ntjx9jzP26Bvhbm93z/AKcPRj/9wrkI88/gK60glXDx1q+IeI0rf7Lw2c89Ch6ofonB0On/iRDreQuQ6te9pgQ==", + "dev": true, + "dependencies": { + "callsites": "^3.0.0", + "graceful-fs": "^4.2.4", + "source-map": "^0.6.0" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/@jest/test-result": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-27.4.2.tgz", + "integrity": "sha512-kr+bCrra9jfTgxHXHa2UwoQjxvQk3Am6QbpAiJ5x/50LW8llOYrxILkqY0lZRW/hu8FXesnudbql263+EW9iNA==", + "dev": true, + "dependencies": { + "@jest/console": "^27.4.2", + "@jest/types": "^27.4.2", + "@types/istanbul-lib-coverage": "^2.0.0", + "collect-v8-coverage": "^1.0.0" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/@jest/test-sequencer": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-27.4.5.tgz", + "integrity": "sha512-n5woIn/1v+FT+9hniymHPARA9upYUmfi5Pw9ewVwXCDlK4F5/Gkees9v8vdjGdAIJ2MPHLHodiajLpZZanWzEQ==", + "dev": true, + "dependencies": { + "@jest/test-result": "^27.4.2", + "graceful-fs": "^4.2.4", + "jest-haste-map": "^27.4.5", + "jest-runtime": "^27.4.5" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/@jest/transform": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-27.4.5.tgz", + "integrity": "sha512-PuMet2UlZtlGzwc6L+aZmR3I7CEBpqadO03pU40l2RNY2fFJ191b9/ITB44LNOhVtsyykx0OZvj0PCyuLm7Eew==", + "dev": true, + "dependencies": { + "@babel/core": "^7.1.0", + "@jest/types": "^27.4.2", + "babel-plugin-istanbul": "^6.0.0", + "chalk": "^4.0.0", + "convert-source-map": "^1.4.0", + "fast-json-stable-stringify": "^2.0.0", + "graceful-fs": "^4.2.4", + "jest-haste-map": "^27.4.5", + "jest-regex-util": "^27.4.0", + "jest-util": "^27.4.2", + "micromatch": "^4.0.4", + "pirates": "^4.0.1", + "slash": "^3.0.0", + "source-map": "^0.6.1", + "write-file-atomic": "^3.0.0" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/@jest/types": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/@jest/types/-/types-27.4.2.tgz", + "integrity": "sha512-j35yw0PMTPpZsUoOBiuHzr1zTYoad1cVIE0ajEjcrJONxxrko/IRGKkXx3os0Nsi4Hu3+5VmDbVfq5WhG/pWAg==", + "dev": true, + "dependencies": { + "@types/istanbul-lib-coverage": "^2.0.0", + "@types/istanbul-reports": "^3.0.0", + "@types/node": "*", + "@types/yargs": "^16.0.0", + "chalk": "^4.0.0" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/@sinonjs/commons": { + "version": "1.8.3", + "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.3.tgz", + "integrity": "sha512-xkNcLAn/wZaX14RPlwizcKicDk9G3F8m2nU3L7Ukm5zBgTwiT0wsoFAHx9Jq56fJA1z/7uKGtCRu16sOUCLIHQ==", + "dev": true, + "dependencies": { + "type-detect": "4.0.8" + } + }, + "node_modules/@sinonjs/fake-timers": { + "version": "8.1.0", + "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-8.1.0.tgz", + "integrity": "sha512-OAPJUAtgeINhh/TAlUID4QTs53Njm7xzddaVlEs/SXwgtiD1tW22zAB/W1wdqfrpmikgaWQ9Fw6Ws+hsiRm5Vg==", + "dev": true, + "dependencies": { + "@sinonjs/commons": "^1.7.0" + } + }, + "node_modules/@tootallnate/once": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/@tootallnate/once/-/once-1.1.2.tgz", + "integrity": "sha512-RbzJvlNzmRq5c3O09UipeuXno4tA1FE6ikOjxZK0tuxVv3412l64l5t1W5pj4+rJq9vpkm/kwiR07aZXnsKPxw==", + "dev": true, + "engines": { + "node": ">= 6" + } + }, + "node_modules/@types/babel__core": { + "version": "7.1.18", + "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.1.18.tgz", + "integrity": "sha512-S7unDjm/C7z2A2R9NzfKCK1I+BAALDtxEmsJBwlB3EzNfb929ykjL++1CK9LO++EIp2fQrC8O+BwjKvz6UeDyQ==", + "dev": true, + "dependencies": { + "@babel/parser": "^7.1.0", + "@babel/types": "^7.0.0", + "@types/babel__generator": "*", + "@types/babel__template": "*", + "@types/babel__traverse": "*" + } + }, + "node_modules/@types/babel__generator": { + "version": "7.6.4", + "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", + "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", + "dev": true, + "dependencies": { + "@babel/types": "^7.0.0" + } + }, + "node_modules/@types/babel__template": { + "version": "7.4.1", + "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", + "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", + "dev": true, + "dependencies": { + "@babel/parser": "^7.1.0", + "@babel/types": "^7.0.0" + } + }, + "node_modules/@types/babel__traverse": { + "version": "7.14.2", + "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.14.2.tgz", + "integrity": "sha512-K2waXdXBi2302XUdcHcR1jCeU0LL4TD9HRs/gk0N2Xvrht+G/BfJa4QObBQZfhMdxiCpV3COl5Nfq4uKTeTnJA==", + "dev": true, + "dependencies": { + "@babel/types": "^7.3.0" + } + }, + "node_modules/@types/graceful-fs": { + "version": "4.1.5", + "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.5.tgz", + "integrity": "sha512-anKkLmZZ+xm4p8JWBf4hElkM4XR+EZeA2M9BAkkTldmcyDY4mbdIJnRghDJH3Ov5ooY7/UAoENtmdMSkaAd7Cw==", + "dev": true, + "dependencies": { + "@types/node": "*" + } + }, + "node_modules/@types/istanbul-lib-coverage": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", + "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", + "dev": true + }, + "node_modules/@types/istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", + "dev": true, + "dependencies": { + "@types/istanbul-lib-coverage": "*" + } + }, + "node_modules/@types/istanbul-reports": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", + "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", + "dev": true, + "dependencies": { + "@types/istanbul-lib-report": "*" + } + }, + "node_modules/@types/node": { + "version": "17.0.7", + "resolved": "https://registry.npmjs.org/@types/node/-/node-17.0.7.tgz", + "integrity": "sha512-1QUk+WAUD4t8iR+Oj+UgI8oJa6yyxaB8a8pHaC8uqM6RrS1qbL7bf3Pwl5rHv0psm2CuDErgho6v5N+G+5fwtQ==", + "dev": true + }, + "node_modules/@types/prettier": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.4.2.tgz", + "integrity": "sha512-ekoj4qOQYp7CvjX8ZDBgN86w3MqQhLE1hczEJbEIjgFEumDy+na/4AJAbLXfgEWFNB2pKadM5rPFtuSGMWK7xA==", + "dev": true + }, + "node_modules/@types/stack-utils": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", + "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", + "dev": true + }, + "node_modules/@types/yargs": { + "version": "16.0.4", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-16.0.4.tgz", + "integrity": "sha512-T8Yc9wt/5LbJyCaLiHPReJa0kApcIgJ7Bn735GjItUfh08Z1pJvu8QZqb9s+mMvKV6WUQRV7K2R46YbjMXTTJw==", + "dev": true, + "dependencies": { + "@types/yargs-parser": "*" + } + }, + "node_modules/@types/yargs-parser": { + "version": "20.2.1", + "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-20.2.1.tgz", + "integrity": "sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw==", + "dev": true + }, + "node_modules/abab": { + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/abab/-/abab-2.0.5.tgz", + "integrity": "sha512-9IK9EadsbHo6jLWIpxpR6pL0sazTXV6+SQv25ZB+F7Bj9mJNaOc4nCRabwd5M/JwmUa8idz6Eci6eKfJryPs6Q==", + "dev": true + }, + "node_modules/acorn": { + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.7.0.tgz", + "integrity": "sha512-V/LGr1APy+PXIwKebEWrkZPwoeoF+w1jiOBUmuxuiUIaOHtob8Qc9BTrYo7VuI5fR8tqsy+buA2WFooR5olqvQ==", + "dev": true, + "bin": { + "acorn": "bin/acorn" + }, + "engines": { + "node": ">=0.4.0" + } + }, + "node_modules/acorn-globals": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/acorn-globals/-/acorn-globals-6.0.0.tgz", + "integrity": "sha512-ZQl7LOWaF5ePqqcX4hLuv/bLXYQNfNWw2c0/yX/TsPRKamzHcTGQnlCjHT3TsmkOUVEPS3crCxiPfdzE/Trlhg==", + "dev": true, + "dependencies": { + "acorn": "^7.1.1", + "acorn-walk": "^7.1.1" + } + }, + "node_modules/acorn-globals/node_modules/acorn": { + "version": "7.4.1", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz", + "integrity": "sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A==", + "dev": true, + "bin": { + "acorn": "bin/acorn" + }, + "engines": { + "node": ">=0.4.0" + } + }, + "node_modules/acorn-walk": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-7.2.0.tgz", + "integrity": "sha512-OPdCF6GsMIP+Az+aWfAAOEt2/+iVDKE7oy6lJ098aoe59oAmK76qV6Gw60SbZ8jHuG2wH058GF4pLFbYamYrVA==", + "dev": true, + "engines": { + "node": ">=0.4.0" + } + }, + "node_modules/agent-base": { + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz", + "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==", + "dev": true, + "dependencies": { + "debug": "4" + }, + "engines": { + "node": ">= 6.0.0" + } + }, + "node_modules/ansi-escapes": { + "version": "4.3.2", + "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", + "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", + "dev": true, + "dependencies": { + "type-fest": "^0.21.3" + }, + "engines": { + "node": ">=8" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/ansi-regex": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", + "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "dev": true, + "engines": { + "node": ">=8" + } + }, + "node_modules/ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", + "dev": true, + "dependencies": { + "color-convert": "^2.0.1" + }, + "engines": { + "node": ">=8" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" + } + }, + "node_modules/anymatch": { + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.2.tgz", + "integrity": "sha512-P43ePfOAIupkguHUycrc4qJ9kz8ZiuOUijaETwX7THt0Y/GNK7v0aa8rY816xWjZ7rJdA5XdMcpVFTKMq+RvWg==", + "dev": true, + "dependencies": { + "normalize-path": "^3.0.0", + "picomatch": "^2.0.4" + }, + "engines": { + "node": ">= 8" + } + }, + "node_modules/argparse": { + "version": "1.0.10", + "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", + "dev": true, + "dependencies": { + "sprintf-js": "~1.0.2" + } + }, + "node_modules/asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", + "dev": true + }, + "node_modules/babel-jest": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-27.4.5.tgz", + "integrity": "sha512-3uuUTjXbgtODmSv/DXO9nZfD52IyC2OYTFaXGRzL0kpykzroaquCrD5+lZNafTvZlnNqZHt5pb0M08qVBZnsnA==", + "dev": true, + "dependencies": { + "@jest/transform": "^27.4.5", + "@jest/types": "^27.4.2", + "@types/babel__core": "^7.1.14", + "babel-plugin-istanbul": "^6.0.0", + "babel-preset-jest": "^27.4.0", + "chalk": "^4.0.0", + "graceful-fs": "^4.2.4", + "slash": "^3.0.0" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + }, + "peerDependencies": { + "@babel/core": "^7.8.0" + } + }, + "node_modules/babel-plugin-istanbul": { + "version": "6.1.1", + "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", + "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", + "dev": true, + "dependencies": { + "@babel/helper-plugin-utils": "^7.0.0", + "@istanbuljs/load-nyc-config": "^1.0.0", + "@istanbuljs/schema": "^0.1.2", + "istanbul-lib-instrument": "^5.0.4", + "test-exclude": "^6.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/babel-plugin-istanbul/node_modules/istanbul-lib-instrument": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.1.0.tgz", + "integrity": "sha512-czwUz525rkOFDJxfKK6mYfIs9zBKILyrZQxjz3ABhjQXhbhFsSbo1HW/BFcsDnfJYJWA6thRR5/TUY2qs5W99Q==", + "dev": true, + "dependencies": { + "@babel/core": "^7.12.3", + "@babel/parser": "^7.14.7", + "@istanbuljs/schema": "^0.1.2", + "istanbul-lib-coverage": "^3.2.0", + "semver": "^6.3.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/babel-plugin-jest-hoist": { + "version": "27.4.0", + "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-27.4.0.tgz", + "integrity": "sha512-Jcu7qS4OX5kTWBc45Hz7BMmgXuJqRnhatqpUhnzGC3OBYpOmf2tv6jFNwZpwM7wU7MUuv2r9IPS/ZlYOuburVw==", + "dev": true, + "dependencies": { + "@babel/template": "^7.3.3", + "@babel/types": "^7.3.3", + "@types/babel__core": "^7.0.0", + "@types/babel__traverse": "^7.0.6" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/babel-preset-current-node-syntax": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", + "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", + "dev": true, + "dependencies": { + "@babel/plugin-syntax-async-generators": "^7.8.4", + "@babel/plugin-syntax-bigint": "^7.8.3", + "@babel/plugin-syntax-class-properties": "^7.8.3", + "@babel/plugin-syntax-import-meta": "^7.8.3", + "@babel/plugin-syntax-json-strings": "^7.8.3", + "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", + "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", + "@babel/plugin-syntax-numeric-separator": "^7.8.3", + "@babel/plugin-syntax-object-rest-spread": "^7.8.3", + "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", + "@babel/plugin-syntax-optional-chaining": "^7.8.3", + "@babel/plugin-syntax-top-level-await": "^7.8.3" + }, + "peerDependencies": { + "@babel/core": "^7.0.0" + } + }, + "node_modules/babel-preset-jest": { + "version": "27.4.0", + "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-27.4.0.tgz", + "integrity": "sha512-NK4jGYpnBvNxcGo7/ZpZJr51jCGT+3bwwpVIDY2oNfTxJJldRtB4VAcYdgp1loDE50ODuTu+yBjpMAswv5tlpg==", + "dev": true, + "dependencies": { + "babel-plugin-jest-hoist": "^27.4.0", + "babel-preset-current-node-syntax": "^1.0.0" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + }, + "peerDependencies": { + "@babel/core": "^7.0.0" + } + }, + "node_modules/balanced-match": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", + "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", + "dev": true + }, + "node_modules/brace-expansion": { + "version": "1.1.11", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "dev": true, + "dependencies": { + "balanced-match": "^1.0.0", + "concat-map": "0.0.1" + } + }, + "node_modules/braces": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", + "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "dev": true, + "dependencies": { + "fill-range": "^7.0.1" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/browser-process-hrtime": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/browser-process-hrtime/-/browser-process-hrtime-1.0.0.tgz", + "integrity": "sha512-9o5UecI3GhkpM6DrXr69PblIuWxPKk9Y0jHBRhdocZ2y7YECBFCsHm79Pr3OyR2AvjhDkabFJaDJMYRazHgsow==", + "dev": true + }, + "node_modules/browserslist": { + "version": "4.19.1", + "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.19.1.tgz", + "integrity": "sha512-u2tbbG5PdKRTUoctO3NBD8FQ5HdPh1ZXPHzp1rwaa5jTc+RV9/+RlWiAIKmjRPQF+xbGM9Kklj5bZQFa2s/38A==", + "dev": true, + "dependencies": { + "caniuse-lite": "^1.0.30001286", + "electron-to-chromium": "^1.4.17", + "escalade": "^3.1.1", + "node-releases": "^2.0.1", + "picocolors": "^1.0.0" + }, + "bin": { + "browserslist": "cli.js" + }, + "engines": { + "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/browserslist" + } + }, + "node_modules/bser": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", + "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", + "dev": true, + "dependencies": { + "node-int64": "^0.4.0" + } + }, + "node_modules/buffer-from": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", + "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", + "dev": true + }, + "node_modules/callsites": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", + "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", + "dev": true, + "engines": { + "node": ">=6" + } + }, + "node_modules/camelcase": { + "version": "5.3.1", + "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", + "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", + "dev": true, + "engines": { + "node": ">=6" + } + }, + "node_modules/caniuse-lite": { + "version": "1.0.30001296", + "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001296.tgz", + "integrity": "sha512-WfrtPEoNSoeATDlf4y3QvkwiELl9GyPLISV5GejTbbQRtQx4LhsXmc9IQ6XCL2d7UxCyEzToEZNMeqR79OUw8Q==", + "dev": true, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/browserslist" + } + }, + "node_modules/chalk": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", + "dev": true, + "dependencies": { + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/chalk?sponsor=1" + } + }, + "node_modules/char-regex": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", + "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", + "dev": true, + "engines": { + "node": ">=10" + } + }, + "node_modules/ci-info": { + "version": "3.3.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.3.0.tgz", + "integrity": "sha512-riT/3vI5YpVH6/qomlDnJow6TBee2PBKSEpx3O32EGPYbWGIRsIlGRms3Sm74wYE1JMo8RnO04Hb12+v1J5ICw==", + "dev": true + }, + "node_modules/cjs-module-lexer": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.2.tgz", + "integrity": "sha512-cOU9usZw8/dXIXKtwa8pM0OTJQuJkxMN6w30csNRUerHfeQ5R6U3kkU/FtJeIf3M202OHfY2U8ccInBG7/xogA==", + "dev": true + }, + "node_modules/cliui": { + "version": "7.0.4", + "resolved": "https://registry.npmjs.org/cliui/-/cliui-7.0.4.tgz", + "integrity": "sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ==", + "dev": true, + "dependencies": { + "string-width": "^4.2.0", + "strip-ansi": "^6.0.0", + "wrap-ansi": "^7.0.0" + } + }, + "node_modules/co": { + "version": "4.6.0", + "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", + "integrity": "sha1-bqa989hTrlTMuOR7+gvz+QMfsYQ=", + "dev": true, + "engines": { + "iojs": ">= 1.0.0", + "node": ">= 0.12.0" + } + }, + "node_modules/collect-v8-coverage": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.1.tgz", + "integrity": "sha512-iBPtljfCNcTKNAto0KEtDfZ3qzjJvqE3aTGZsbhjSBlorqpXJlaWWtPO35D+ZImoC3KWejX64o+yPGxhWSTzfg==", + "dev": true + }, + "node_modules/color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "dev": true, + "dependencies": { + "color-name": "~1.1.4" + }, + "engines": { + "node": ">=7.0.0" + } + }, + "node_modules/color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true + }, + "node_modules/combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "dev": true, + "dependencies": { + "delayed-stream": "~1.0.0" + }, + "engines": { + "node": ">= 0.8" + } + }, + "node_modules/concat-map": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", + "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", + "dev": true + }, + "node_modules/convert-source-map": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.8.0.tgz", + "integrity": "sha512-+OQdjP49zViI/6i7nIJpA8rAl4sV/JdPfU9nZs3VqOwGIgizICvuN2ru6fMd+4llL0tar18UYJXfZ/TWtmhUjA==", + "dev": true, + "dependencies": { + "safe-buffer": "~5.1.1" + } + }, + "node_modules/cross-spawn": { + "version": "7.0.3", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", + "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "dev": true, + "dependencies": { + "path-key": "^3.1.0", + "shebang-command": "^2.0.0", + "which": "^2.0.1" + }, + "engines": { + "node": ">= 8" + } + }, + "node_modules/cssom": { + "version": "0.4.4", + "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.4.4.tgz", + "integrity": "sha512-p3pvU7r1MyyqbTk+WbNJIgJjG2VmTIaB10rI93LzVPrmDJKkzKYMtxxyAvQXR/NS6otuzveI7+7BBq3SjBS2mw==", + "dev": true + }, + "node_modules/cssstyle": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/cssstyle/-/cssstyle-2.3.0.tgz", + "integrity": "sha512-AZL67abkUzIuvcHqk7c09cezpGNcxUxU4Ioi/05xHk4DQeTkWmGYftIE6ctU6AEt+Gn4n1lDStOtj7FKycP71A==", + "dev": true, + "dependencies": { + "cssom": "~0.3.6" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/cssstyle/node_modules/cssom": { + "version": "0.3.8", + "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.3.8.tgz", + "integrity": "sha512-b0tGHbfegbhPJpxpiBPU2sCkigAqtM9O121le6bbOlgyV+NyGyCmVfJ6QW9eRjz8CpNfWEOYBIMIGRYkLwsIYg==", + "dev": true + }, + "node_modules/data-urls": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/data-urls/-/data-urls-2.0.0.tgz", + "integrity": "sha512-X5eWTSXO/BJmpdIKCRuKUgSCgAN0OwliVK3yPKbwIWU1Tdw5BRajxlzMidvh+gwko9AfQ9zIj52pzF91Q3YAvQ==", + "dev": true, + "dependencies": { + "abab": "^2.0.3", + "whatwg-mimetype": "^2.3.0", + "whatwg-url": "^8.0.0" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/debug": { + "version": "4.3.3", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.3.tgz", + "integrity": "sha512-/zxw5+vh1Tfv+4Qn7a5nsbcJKPaSvCDhojn6FEl9vupwK2VCSDtEiEtqr8DFtzYFOdz63LBkxec7DYuc2jon6Q==", + "dev": true, + "dependencies": { + "ms": "2.1.2" + }, + "engines": { + "node": ">=6.0" + }, + "peerDependenciesMeta": { + "supports-color": { + "optional": true + } + } + }, + "node_modules/decimal.js": { + "version": "10.3.1", + "resolved": "https://registry.npmjs.org/decimal.js/-/decimal.js-10.3.1.tgz", + "integrity": "sha512-V0pfhfr8suzyPGOx3nmq4aHqabehUZn6Ch9kyFpV79TGDTWFmHqUqXdabR7QHqxzrYolF4+tVmJhUG4OURg5dQ==", + "dev": true + }, + "node_modules/dedent": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", + "integrity": "sha1-JJXduvbrh0q7Dhvp3yLS5aVEMmw=", + "dev": true + }, + "node_modules/deep-is": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz", + "integrity": "sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==", + "dev": true + }, + "node_modules/deepmerge": { + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.2.2.tgz", + "integrity": "sha512-FJ3UgI4gIl+PHZm53knsuSFpE+nESMr7M4v9QcgB7S63Kj/6WqMiFQJpBBYz1Pt+66bZpP3Q7Lye0Oo9MPKEdg==", + "dev": true, + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", + "dev": true, + "engines": { + "node": ">=0.4.0" + } + }, + "node_modules/detect-newline": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", + "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", + "dev": true, + "engines": { + "node": ">=8" + } + }, + "node_modules/diff-sequences": { + "version": "27.4.0", + "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-27.4.0.tgz", + "integrity": "sha512-YqiQzkrsmHMH5uuh8OdQFU9/ZpADnwzml8z0O5HvRNda+5UZsaX/xN+AAxfR2hWq1Y7HZnAzO9J5lJXOuDz2Ww==", + "dev": true, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/domexception": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/domexception/-/domexception-2.0.1.tgz", + "integrity": "sha512-yxJ2mFy/sibVQlu5qHjOkf9J3K6zgmCxgJ94u2EdvDOV09H+32LtRswEcUsmUWN72pVLOEnTSRaIVVzVQgS0dg==", + "dev": true, + "dependencies": { + "webidl-conversions": "^5.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/domexception/node_modules/webidl-conversions": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-5.0.0.tgz", + "integrity": "sha512-VlZwKPCkYKxQgeSbH5EyngOmRp7Ww7I9rQLERETtf5ofd9pGeswWiOtogpEO850jziPRarreGxn5QIiTqpb2wA==", + "dev": true, + "engines": { + "node": ">=8" + } + }, + "node_modules/electron-to-chromium": { + "version": "1.4.33", + "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.33.tgz", + "integrity": "sha512-OVK1Ad3pHnmuXPhEfq85X8vUKr1UPNHryBnbKnyLcAfh8dPwoFjoDhDlP5KpPJIiymvSucZs48UBrE1250IxOw==", + "dev": true + }, + "node_modules/emittery": { + "version": "0.8.1", + "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.8.1.tgz", + "integrity": "sha512-uDfvUjVrfGJJhymx/kz6prltenw1u7WrCg1oa94zYY8xxVpLLUu045LAT0dhDZdXG58/EpPL/5kA180fQ/qudg==", + "dev": true, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sindresorhus/emittery?sponsor=1" + } + }, + "node_modules/emoji-regex": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", + "dev": true + }, + "node_modules/escalade": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", + "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", + "dev": true, + "engines": { + "node": ">=6" + } + }, + "node_modules/escape-string-regexp": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", + "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", + "dev": true, + "engines": { + "node": ">=8" + } + }, + "node_modules/escodegen": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/escodegen/-/escodegen-2.0.0.tgz", + "integrity": "sha512-mmHKys/C8BFUGI+MAWNcSYoORYLMdPzjrknd2Vc+bUsjN5bXcr8EhrNB+UTqfL1y3I9c4fw2ihgtMPQLBRiQxw==", + "dev": true, + "dependencies": { + "esprima": "^4.0.1", + "estraverse": "^5.2.0", + "esutils": "^2.0.2", + "optionator": "^0.8.1" + }, + "bin": { + "escodegen": "bin/escodegen.js", + "esgenerate": "bin/esgenerate.js" + }, + "engines": { + "node": ">=6.0" + }, + "optionalDependencies": { + "source-map": "~0.6.1" + } + }, + "node_modules/esprima": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", + "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", + "dev": true, + "bin": { + "esparse": "bin/esparse.js", + "esvalidate": "bin/esvalidate.js" + }, + "engines": { + "node": ">=4" + } + }, + "node_modules/estraverse": { + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz", + "integrity": "sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==", + "dev": true, + "engines": { + "node": ">=4.0" + } + }, + "node_modules/esutils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", + "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", + "dev": true, + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/execa": { + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", + "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", + "dev": true, + "dependencies": { + "cross-spawn": "^7.0.3", + "get-stream": "^6.0.0", + "human-signals": "^2.1.0", + "is-stream": "^2.0.0", + "merge-stream": "^2.0.0", + "npm-run-path": "^4.0.1", + "onetime": "^5.1.2", + "signal-exit": "^3.0.3", + "strip-final-newline": "^2.0.0" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sindresorhus/execa?sponsor=1" + } + }, + "node_modules/exit": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", + "integrity": "sha1-BjJjj42HfMghB9MKD/8aF8uhzQw=", + "dev": true, + "engines": { + "node": ">= 0.8.0" + } + }, + "node_modules/expect": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/expect/-/expect-27.4.2.tgz", + "integrity": "sha512-BjAXIDC6ZOW+WBFNg96J22D27Nq5ohn+oGcuP2rtOtcjuxNoV9McpQ60PcQWhdFOSBIQdR72e+4HdnbZTFSTyg==", + "dev": true, + "dependencies": { + "@jest/types": "^27.4.2", + "ansi-styles": "^5.0.0", + "jest-get-type": "^27.4.0", + "jest-matcher-utils": "^27.4.2", + "jest-message-util": "^27.4.2", + "jest-regex-util": "^27.4.0" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/expect/node_modules/ansi-styles": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", + "dev": true, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" + } + }, + "node_modules/fast-json-stable-stringify": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", + "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", + "dev": true + }, + "node_modules/fast-levenshtein": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", + "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=", + "dev": true + }, + "node_modules/fb-watchman": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.1.tgz", + "integrity": "sha512-DkPJKQeY6kKwmuMretBhr7G6Vodr7bFwDYTXIkfG1gjvNpaxBTQV3PbXg6bR1c1UP4jPOX0jHUbbHANL9vRjVg==", + "dev": true, + "dependencies": { + "bser": "2.1.1" + } + }, + "node_modules/fill-range": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", + "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", + "dev": true, + "dependencies": { + "to-regex-range": "^5.0.1" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/find-up": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", + "dev": true, + "dependencies": { + "locate-path": "^5.0.0", + "path-exists": "^4.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/form-data": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-3.0.1.tgz", + "integrity": "sha512-RHkBKtLWUVwd7SqRIvCZMEvAMoGUp0XU+seQiZejj0COz3RI3hWP4sCv3gZWWLjJTd7rGwcsF5eKZGii0r/hbg==", + "dev": true, + "dependencies": { + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "mime-types": "^2.1.12" + }, + "engines": { + "node": ">= 6" + } + }, + "node_modules/fs.realpath": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", + "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", + "dev": true + }, + "node_modules/fsevents": { + "version": "2.3.2", + "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", + "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", + "dev": true, + "hasInstallScript": true, + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": "^8.16.0 || ^10.6.0 || >=11.0.0" + } + }, + "node_modules/function-bind": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", + "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", + "dev": true + }, + "node_modules/gensync": { + "version": "1.0.0-beta.2", + "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", + "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", + "dev": true, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/get-caller-file": { + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", + "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", + "dev": true, + "engines": { + "node": "6.* || 8.* || >= 10.*" + } + }, + "node_modules/get-package-type": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", + "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", + "dev": true, + "engines": { + "node": ">=8.0.0" + } + }, + "node_modules/get-stream": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", + "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", + "dev": true, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/glob": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.0.tgz", + "integrity": "sha512-lmLf6gtyrPq8tTjSmrO94wBeQbFR3HbLHbuyD69wuyQkImp2hWqMGB47OX65FBkPffO641IP9jWa1z4ivqG26Q==", + "dev": true, + "dependencies": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^3.0.4", + "once": "^1.3.0", + "path-is-absolute": "^1.0.0" + }, + "engines": { + "node": "*" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" + } + }, + "node_modules/globals": { + "version": "11.12.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", + "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", + "dev": true, + "engines": { + "node": ">=4" + } + }, + "node_modules/graceful-fs": { + "version": "4.2.8", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.8.tgz", + "integrity": "sha512-qkIilPUYcNhJpd33n0GBXTB1MMPp14TxEsEs0pTrsSVucApsYzW5V+Q8Qxhik6KU3evy+qkAAowTByymK0avdg==", + "dev": true + }, + "node_modules/has": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", + "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", + "dev": true, + "dependencies": { + "function-bind": "^1.1.1" + }, + "engines": { + "node": ">= 0.4.0" + } + }, + "node_modules/has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", + "dev": true, + "engines": { + "node": ">=8" + } + }, + "node_modules/html-encoding-sniffer": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/html-encoding-sniffer/-/html-encoding-sniffer-2.0.1.tgz", + "integrity": "sha512-D5JbOMBIR/TVZkubHT+OyT2705QvogUW4IBn6nHd756OwieSF9aDYFj4dv6HHEVGYbHaLETa3WggZYWWMyy3ZQ==", + "dev": true, + "dependencies": { + "whatwg-encoding": "^1.0.5" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/html-escaper": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", + "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", + "dev": true + }, + "node_modules/http-proxy-agent": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-4.0.1.tgz", + "integrity": "sha512-k0zdNgqWTGA6aeIRVpvfVob4fL52dTfaehylg0Y4UvSySvOq/Y+BOyPrgpUrA7HylqvU8vIZGsRuXmspskV0Tg==", + "dev": true, + "dependencies": { + "@tootallnate/once": "1", + "agent-base": "6", + "debug": "4" + }, + "engines": { + "node": ">= 6" + } + }, + "node_modules/https-proxy-agent": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.0.tgz", + "integrity": "sha512-EkYm5BcKUGiduxzSt3Eppko+PiNWNEpa4ySk9vTC6wDsQJW9rHSa+UhGNJoRYp7bz6Ht1eaRIa6QaJqO5rCFbA==", + "dev": true, + "dependencies": { + "agent-base": "6", + "debug": "4" + }, + "engines": { + "node": ">= 6" + } + }, + "node_modules/human-signals": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", + "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", + "dev": true, + "engines": { + "node": ">=10.17.0" + } + }, + "node_modules/iconv-lite": { + "version": "0.4.24", + "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", + "integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==", + "dev": true, + "dependencies": { + "safer-buffer": ">= 2.1.2 < 3" + }, + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/import-local": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.0.3.tgz", + "integrity": "sha512-bE9iaUY3CXH8Cwfan/abDKAxe1KGT9kyGsBPqf6DMK/z0a2OzAsrukeYNgIH6cH5Xr452jb1TUL8rSfCLjZ9uA==", + "dev": true, + "dependencies": { + "pkg-dir": "^4.2.0", + "resolve-cwd": "^3.0.0" + }, + "bin": { + "import-local-fixture": "fixtures/cli.js" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/imurmurhash": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", + "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=", + "dev": true, + "engines": { + "node": ">=0.8.19" + } + }, + "node_modules/inflight": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", + "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", + "dev": true, + "dependencies": { + "once": "^1.3.0", + "wrappy": "1" + } + }, + "node_modules/inherits": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", + "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", + "dev": true + }, + "node_modules/is-core-module": { + "version": "2.8.0", + "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.8.0.tgz", + "integrity": "sha512-vd15qHsaqrRL7dtH6QNuy0ndJmRDrS9HAM1CAiSifNUFv4x1a0CCVsj18hJ1mShxIG6T2i1sO78MkP56r0nYRw==", + "dev": true, + "dependencies": { + "has": "^1.0.3" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/is-fullwidth-code-point": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", + "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", + "dev": true, + "engines": { + "node": ">=8" + } + }, + "node_modules/is-generator-fn": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", + "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", + "dev": true, + "engines": { + "node": ">=6" + } + }, + "node_modules/is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", + "dev": true, + "engines": { + "node": ">=0.12.0" + } + }, + "node_modules/is-potential-custom-element-name": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-potential-custom-element-name/-/is-potential-custom-element-name-1.0.1.tgz", + "integrity": "sha512-bCYeRA2rVibKZd+s2625gGnGF/t7DSqDs4dP7CrLA1m7jKWz6pps0LpYLJN8Q64HtmPKJ1hrN3nzPNKFEKOUiQ==", + "dev": true + }, + "node_modules/is-stream": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", + "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", + "dev": true, + "engines": { + "node": ">=8" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/is-typedarray": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", + "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=", + "dev": true + }, + "node_modules/isexe": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", + "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=", + "dev": true + }, + "node_modules/istanbul-lib-coverage": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", + "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", + "dev": true, + "engines": { + "node": ">=8" + } + }, + "node_modules/istanbul-lib-instrument": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-4.0.3.tgz", + "integrity": "sha512-BXgQl9kf4WTCPCCpmFGoJkz/+uhvm7h7PFKUYxh7qarQd3ER33vHG//qaE8eN25l07YqZPpHXU9I09l/RD5aGQ==", + "dev": true, + "dependencies": { + "@babel/core": "^7.7.5", + "@istanbuljs/schema": "^0.1.2", + "istanbul-lib-coverage": "^3.0.0", + "semver": "^6.3.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", + "dev": true, + "dependencies": { + "istanbul-lib-coverage": "^3.0.0", + "make-dir": "^3.0.0", + "supports-color": "^7.1.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/istanbul-lib-source-maps": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", + "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", + "dev": true, + "dependencies": { + "debug": "^4.1.1", + "istanbul-lib-coverage": "^3.0.0", + "source-map": "^0.6.1" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/istanbul-reports": { + "version": "3.1.3", + "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.3.tgz", + "integrity": "sha512-x9LtDVtfm/t1GFiLl3NffC7hz+I1ragvgX1P/Lg1NlIagifZDKUkuuaAxH/qpwj2IuEfD8G2Bs/UKp+sZ/pKkg==", + "dev": true, + "dependencies": { + "html-escaper": "^2.0.0", + "istanbul-lib-report": "^3.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/jest": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest/-/jest-27.4.5.tgz", + "integrity": "sha512-uT5MiVN3Jppt314kidCk47MYIRilJjA/l2mxwiuzzxGUeJIvA8/pDaJOAX5KWvjAo7SCydcW0/4WEtgbLMiJkg==", + "dev": true, + "dependencies": { + "@jest/core": "^27.4.5", + "import-local": "^3.0.2", + "jest-cli": "^27.4.5" + }, + "bin": { + "jest": "bin/jest.js" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + }, + "peerDependencies": { + "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" + }, + "peerDependenciesMeta": { + "node-notifier": { + "optional": true + } + } + }, + "node_modules/jest-changed-files": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-27.4.2.tgz", + "integrity": "sha512-/9x8MjekuzUQoPjDHbBiXbNEBauhrPU2ct7m8TfCg69ywt1y/N+yYwGh3gCpnqUS3klYWDU/lSNgv+JhoD2k1A==", + "dev": true, + "dependencies": { + "@jest/types": "^27.4.2", + "execa": "^5.0.0", + "throat": "^6.0.1" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-circus": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-27.4.5.tgz", + "integrity": "sha512-eTNWa9wsvBwPykhMMShheafbwyakcdHZaEYh5iRrQ0PFJxkDP/e3U/FvzGuKWu2WpwUA3C3hPlfpuzvOdTVqnw==", + "dev": true, + "dependencies": { + "@jest/environment": "^27.4.4", + "@jest/test-result": "^27.4.2", + "@jest/types": "^27.4.2", + "@types/node": "*", + "chalk": "^4.0.0", + "co": "^4.6.0", + "dedent": "^0.7.0", + "expect": "^27.4.2", + "is-generator-fn": "^2.0.0", + "jest-each": "^27.4.2", + "jest-matcher-utils": "^27.4.2", + "jest-message-util": "^27.4.2", + "jest-runtime": "^27.4.5", + "jest-snapshot": "^27.4.5", + "jest-util": "^27.4.2", + "pretty-format": "^27.4.2", + "slash": "^3.0.0", + "stack-utils": "^2.0.3", + "throat": "^6.0.1" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-cli": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-27.4.5.tgz", + "integrity": "sha512-hrky3DSgE0u7sQxaCL7bdebEPHx5QzYmrGuUjaPLmPE8jx5adtvGuOlRspvMoVLTTDOHRnZDoRLYJuA+VCI7Hg==", + "dev": true, + "dependencies": { + "@jest/core": "^27.4.5", + "@jest/test-result": "^27.4.2", + "@jest/types": "^27.4.2", + "chalk": "^4.0.0", + "exit": "^0.1.2", + "graceful-fs": "^4.2.4", + "import-local": "^3.0.2", + "jest-config": "^27.4.5", + "jest-util": "^27.4.2", + "jest-validate": "^27.4.2", + "prompts": "^2.0.1", + "yargs": "^16.2.0" + }, + "bin": { + "jest": "bin/jest.js" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + }, + "peerDependencies": { + "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0" + }, + "peerDependenciesMeta": { + "node-notifier": { + "optional": true + } + } + }, + "node_modules/jest-config": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-27.4.5.tgz", + "integrity": "sha512-t+STVJtPt+fpqQ8GBw850NtSQbnDOw/UzdPfzDaHQ48/AylQlW7LHj3dH+ndxhC1UxJ0Q3qkq7IH+nM1skwTwA==", + "dev": true, + "dependencies": { + "@babel/core": "^7.1.0", + "@jest/test-sequencer": "^27.4.5", + "@jest/types": "^27.4.2", + "babel-jest": "^27.4.5", + "chalk": "^4.0.0", + "ci-info": "^3.2.0", + "deepmerge": "^4.2.2", + "glob": "^7.1.1", + "graceful-fs": "^4.2.4", + "jest-circus": "^27.4.5", + "jest-environment-jsdom": "^27.4.4", + "jest-environment-node": "^27.4.4", + "jest-get-type": "^27.4.0", + "jest-jasmine2": "^27.4.5", + "jest-regex-util": "^27.4.0", + "jest-resolve": "^27.4.5", + "jest-runner": "^27.4.5", + "jest-util": "^27.4.2", + "jest-validate": "^27.4.2", + "micromatch": "^4.0.4", + "pretty-format": "^27.4.2", + "slash": "^3.0.0" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + }, + "peerDependencies": { + "ts-node": ">=9.0.0" + }, + "peerDependenciesMeta": { + "ts-node": { + "optional": true + } + } + }, + "node_modules/jest-diff": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-27.4.2.tgz", + "integrity": "sha512-ujc9ToyUZDh9KcqvQDkk/gkbf6zSaeEg9AiBxtttXW59H/AcqEYp1ciXAtJp+jXWva5nAf/ePtSsgWwE5mqp4Q==", + "dev": true, + "dependencies": { + "chalk": "^4.0.0", + "diff-sequences": "^27.4.0", + "jest-get-type": "^27.4.0", + "pretty-format": "^27.4.2" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-docblock": { + "version": "27.4.0", + "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-27.4.0.tgz", + "integrity": "sha512-7TBazUdCKGV7svZ+gh7C8esAnweJoG+SvcF6Cjqj4l17zA2q1cMwx2JObSioubk317H+cjcHgP+7fTs60paulg==", + "dev": true, + "dependencies": { + "detect-newline": "^3.0.0" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-each": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-27.4.2.tgz", + "integrity": "sha512-53V2MNyW28CTruB3lXaHNk6PkiIFuzdOC9gR3C6j8YE/ACfrPnz+slB0s17AgU1TtxNzLuHyvNlLJ+8QYw9nBg==", + "dev": true, + "dependencies": { + "@jest/types": "^27.4.2", + "chalk": "^4.0.0", + "jest-get-type": "^27.4.0", + "jest-util": "^27.4.2", + "pretty-format": "^27.4.2" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-environment-jsdom": { + "version": "27.4.4", + "resolved": "https://registry.npmjs.org/jest-environment-jsdom/-/jest-environment-jsdom-27.4.4.tgz", + "integrity": "sha512-cYR3ndNfHBqQgFvS1RL7dNqSvD//K56j/q1s2ygNHcfTCAp12zfIromO1w3COmXrxS8hWAh7+CmZmGCIoqGcGA==", + "dev": true, + "dependencies": { + "@jest/environment": "^27.4.4", + "@jest/fake-timers": "^27.4.2", + "@jest/types": "^27.4.2", + "@types/node": "*", + "jest-mock": "^27.4.2", + "jest-util": "^27.4.2", + "jsdom": "^16.6.0" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-environment-node": { + "version": "27.4.4", + "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-27.4.4.tgz", + "integrity": "sha512-D+v3lbJ2GjQTQR23TK0kY3vFVmSeea05giInI41HHOaJnAwOnmUHTZgUaZL+VxUB43pIzoa7PMwWtCVlIUoVoA==", + "dev": true, + "dependencies": { + "@jest/environment": "^27.4.4", + "@jest/fake-timers": "^27.4.2", + "@jest/types": "^27.4.2", + "@types/node": "*", + "jest-mock": "^27.4.2", + "jest-util": "^27.4.2" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-get-type": { + "version": "27.4.0", + "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-27.4.0.tgz", + "integrity": "sha512-tk9o+ld5TWq41DkK14L4wox4s2D9MtTpKaAVzXfr5CUKm5ZK2ExcaFE0qls2W71zE/6R2TxxrK9w2r6svAFDBQ==", + "dev": true, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-haste-map": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-27.4.5.tgz", + "integrity": "sha512-oJm1b5qhhPs78K24EDGifWS0dELYxnoBiDhatT/FThgB9yxqUm5F6li3Pv+Q+apMBmmPNzOBnZ7ZxWMB1Leq1Q==", + "dev": true, + "dependencies": { + "@jest/types": "^27.4.2", + "@types/graceful-fs": "^4.1.2", + "@types/node": "*", + "anymatch": "^3.0.3", + "fb-watchman": "^2.0.0", + "graceful-fs": "^4.2.4", + "jest-regex-util": "^27.4.0", + "jest-serializer": "^27.4.0", + "jest-util": "^27.4.2", + "jest-worker": "^27.4.5", + "micromatch": "^4.0.4", + "walker": "^1.0.7" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + }, + "optionalDependencies": { + "fsevents": "^2.3.2" + } + }, + "node_modules/jest-jasmine2": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-jasmine2/-/jest-jasmine2-27.4.5.tgz", + "integrity": "sha512-oUnvwhJDj2LhOiUB1kdnJjkx8C5PwgUZQb9urF77mELH9DGR4e2GqpWQKBOYXWs5+uTN9BGDqRz3Aeg5Wts7aw==", + "dev": true, + "dependencies": { + "@babel/traverse": "^7.1.0", + "@jest/environment": "^27.4.4", + "@jest/source-map": "^27.4.0", + "@jest/test-result": "^27.4.2", + "@jest/types": "^27.4.2", + "@types/node": "*", + "chalk": "^4.0.0", + "co": "^4.6.0", + "expect": "^27.4.2", + "is-generator-fn": "^2.0.0", + "jest-each": "^27.4.2", + "jest-matcher-utils": "^27.4.2", + "jest-message-util": "^27.4.2", + "jest-runtime": "^27.4.5", + "jest-snapshot": "^27.4.5", + "jest-util": "^27.4.2", + "pretty-format": "^27.4.2", + "throat": "^6.0.1" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-leak-detector": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-27.4.2.tgz", + "integrity": "sha512-ml0KvFYZllzPBJWDei3mDzUhyp/M4ubKebX++fPaudpe8OsxUE+m+P6ciVLboQsrzOCWDjE20/eXew9QMx/VGw==", + "dev": true, + "dependencies": { + "jest-get-type": "^27.4.0", + "pretty-format": "^27.4.2" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-matcher-utils": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-27.4.2.tgz", + "integrity": "sha512-jyP28er3RRtMv+fmYC/PKG8wvAmfGcSNproVTW2Y0P/OY7/hWUOmsPfxN1jOhM+0u2xU984u2yEagGivz9OBGQ==", + "dev": true, + "dependencies": { + "chalk": "^4.0.0", + "jest-diff": "^27.4.2", + "jest-get-type": "^27.4.0", + "pretty-format": "^27.4.2" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-message-util": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-27.4.2.tgz", + "integrity": "sha512-OMRqRNd9E0DkBLZpFtZkAGYOXl6ZpoMtQJWTAREJKDOFa0M6ptB7L67tp+cszMBkvSgKOhNtQp2Vbcz3ZZKo/w==", + "dev": true, + "dependencies": { + "@babel/code-frame": "^7.12.13", + "@jest/types": "^27.4.2", + "@types/stack-utils": "^2.0.0", + "chalk": "^4.0.0", + "graceful-fs": "^4.2.4", + "micromatch": "^4.0.4", + "pretty-format": "^27.4.2", + "slash": "^3.0.0", + "stack-utils": "^2.0.3" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-mock": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-27.4.2.tgz", + "integrity": "sha512-PDDPuyhoukk20JrQKeofK12hqtSka7mWH0QQuxSNgrdiPsrnYYLS6wbzu/HDlxZRzji5ylLRULeuI/vmZZDrYA==", + "dev": true, + "dependencies": { + "@jest/types": "^27.4.2", + "@types/node": "*" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-pnp-resolver": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.2.tgz", + "integrity": "sha512-olV41bKSMm8BdnuMsewT4jqlZ8+3TCARAXjZGT9jcoSnrfUnRCqnMoF9XEeoWjbzObpqF9dRhHQj0Xb9QdF6/w==", + "dev": true, + "engines": { + "node": ">=6" + }, + "peerDependencies": { + "jest-resolve": "*" + }, + "peerDependenciesMeta": { + "jest-resolve": { + "optional": true + } + } + }, + "node_modules/jest-regex-util": { + "version": "27.4.0", + "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-27.4.0.tgz", + "integrity": "sha512-WeCpMpNnqJYMQoOjm1nTtsgbR4XHAk1u00qDoNBQoykM280+/TmgA5Qh5giC1ecy6a5d4hbSsHzpBtu5yvlbEg==", + "dev": true, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-resolve": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-27.4.5.tgz", + "integrity": "sha512-xU3z1BuOz/hUhVUL+918KqUgK+skqOuUsAi7A+iwoUldK6/+PW+utK8l8cxIWT9AW7IAhGNXjSAh1UYmjULZZw==", + "dev": true, + "dependencies": { + "@jest/types": "^27.4.2", + "chalk": "^4.0.0", + "graceful-fs": "^4.2.4", + "jest-haste-map": "^27.4.5", + "jest-pnp-resolver": "^1.2.2", + "jest-util": "^27.4.2", + "jest-validate": "^27.4.2", + "resolve": "^1.20.0", + "resolve.exports": "^1.1.0", + "slash": "^3.0.0" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-resolve-dependencies": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-27.4.5.tgz", + "integrity": "sha512-elEVvkvRK51y037NshtEkEnukMBWvlPzZHiL847OrIljJ8yIsujD2GXRPqDXC4rEVKbcdsy7W0FxoZb4WmEs7w==", + "dev": true, + "dependencies": { + "@jest/types": "^27.4.2", + "jest-regex-util": "^27.4.0", + "jest-snapshot": "^27.4.5" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-runner": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-27.4.5.tgz", + "integrity": "sha512-/irauncTfmY1WkTaRQGRWcyQLzK1g98GYG/8QvIPviHgO1Fqz1JYeEIsSfF+9mc/UTA6S+IIHFgKyvUrtiBIZg==", + "dev": true, + "dependencies": { + "@jest/console": "^27.4.2", + "@jest/environment": "^27.4.4", + "@jest/test-result": "^27.4.2", + "@jest/transform": "^27.4.5", + "@jest/types": "^27.4.2", + "@types/node": "*", + "chalk": "^4.0.0", + "emittery": "^0.8.1", + "exit": "^0.1.2", + "graceful-fs": "^4.2.4", + "jest-docblock": "^27.4.0", + "jest-environment-jsdom": "^27.4.4", + "jest-environment-node": "^27.4.4", + "jest-haste-map": "^27.4.5", + "jest-leak-detector": "^27.4.2", + "jest-message-util": "^27.4.2", + "jest-resolve": "^27.4.5", + "jest-runtime": "^27.4.5", + "jest-util": "^27.4.2", + "jest-worker": "^27.4.5", + "source-map-support": "^0.5.6", + "throat": "^6.0.1" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-runtime": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-27.4.5.tgz", + "integrity": "sha512-CIYqwuJQXHQtPd/idgrx4zgJ6iCb6uBjQq1RSAGQrw2S8XifDmoM1Ot8NRd80ooAm+ZNdHVwsktIMGlA1F1FAQ==", + "dev": true, + "dependencies": { + "@jest/console": "^27.4.2", + "@jest/environment": "^27.4.4", + "@jest/globals": "^27.4.4", + "@jest/source-map": "^27.4.0", + "@jest/test-result": "^27.4.2", + "@jest/transform": "^27.4.5", + "@jest/types": "^27.4.2", + "@types/yargs": "^16.0.0", + "chalk": "^4.0.0", + "cjs-module-lexer": "^1.0.0", + "collect-v8-coverage": "^1.0.0", + "execa": "^5.0.0", + "exit": "^0.1.2", + "glob": "^7.1.3", + "graceful-fs": "^4.2.4", + "jest-haste-map": "^27.4.5", + "jest-message-util": "^27.4.2", + "jest-mock": "^27.4.2", + "jest-regex-util": "^27.4.0", + "jest-resolve": "^27.4.5", + "jest-snapshot": "^27.4.5", + "jest-util": "^27.4.2", + "jest-validate": "^27.4.2", + "slash": "^3.0.0", + "strip-bom": "^4.0.0", + "yargs": "^16.2.0" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-serializer": { + "version": "27.4.0", + "resolved": "https://registry.npmjs.org/jest-serializer/-/jest-serializer-27.4.0.tgz", + "integrity": "sha512-RDhpcn5f1JYTX2pvJAGDcnsNTnsV9bjYPU8xcV+xPwOXnUPOQwf4ZEuiU6G9H1UztH+OapMgu/ckEVwO87PwnQ==", + "dev": true, + "dependencies": { + "@types/node": "*", + "graceful-fs": "^4.2.4" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-snapshot": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-27.4.5.tgz", + "integrity": "sha512-eCi/iM1YJFrJWiT9de4+RpWWWBqsHiYxFG9V9o/n0WXs6GpW4lUt4FAHAgFPTLPqCUVzrMQmSmTZSgQzwqR7IQ==", + "dev": true, + "dependencies": { + "@babel/core": "^7.7.2", + "@babel/generator": "^7.7.2", + "@babel/parser": "^7.7.2", + "@babel/plugin-syntax-typescript": "^7.7.2", + "@babel/traverse": "^7.7.2", + "@babel/types": "^7.0.0", + "@jest/transform": "^27.4.5", + "@jest/types": "^27.4.2", + "@types/babel__traverse": "^7.0.4", + "@types/prettier": "^2.1.5", + "babel-preset-current-node-syntax": "^1.0.0", + "chalk": "^4.0.0", + "expect": "^27.4.2", + "graceful-fs": "^4.2.4", + "jest-diff": "^27.4.2", + "jest-get-type": "^27.4.0", + "jest-haste-map": "^27.4.5", + "jest-matcher-utils": "^27.4.2", + "jest-message-util": "^27.4.2", + "jest-resolve": "^27.4.5", + "jest-util": "^27.4.2", + "natural-compare": "^1.4.0", + "pretty-format": "^27.4.2", + "semver": "^7.3.2" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-snapshot/node_modules/semver": { + "version": "7.3.5", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.5.tgz", + "integrity": "sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ==", + "dev": true, + "dependencies": { + "lru-cache": "^6.0.0" + }, + "bin": { + "semver": "bin/semver.js" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/jest-util": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-27.4.2.tgz", + "integrity": "sha512-YuxxpXU6nlMan9qyLuxHaMMOzXAl5aGZWCSzben5DhLHemYQxCc4YK+4L3ZrCutT8GPQ+ui9k5D8rUJoDioMnA==", + "dev": true, + "dependencies": { + "@jest/types": "^27.4.2", + "@types/node": "*", + "chalk": "^4.0.0", + "ci-info": "^3.2.0", + "graceful-fs": "^4.2.4", + "picomatch": "^2.2.3" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-validate": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-27.4.2.tgz", + "integrity": "sha512-hWYsSUej+Fs8ZhOm5vhWzwSLmVaPAxRy+Mr+z5MzeaHm9AxUpXdoVMEW4R86y5gOobVfBsMFLk4Rb+QkiEpx1A==", + "dev": true, + "dependencies": { + "@jest/types": "^27.4.2", + "camelcase": "^6.2.0", + "chalk": "^4.0.0", + "jest-get-type": "^27.4.0", + "leven": "^3.1.0", + "pretty-format": "^27.4.2" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-validate/node_modules/camelcase": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", + "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", + "dev": true, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/jest-watcher": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-27.4.2.tgz", + "integrity": "sha512-NJvMVyyBeXfDezhWzUOCOYZrUmkSCiatpjpm+nFUid74OZEHk6aMLrZAukIiFDwdbqp6mTM6Ui1w4oc+8EobQg==", + "dev": true, + "dependencies": { + "@jest/test-result": "^27.4.2", + "@jest/types": "^27.4.2", + "@types/node": "*", + "ansi-escapes": "^4.2.1", + "chalk": "^4.0.0", + "jest-util": "^27.4.2", + "string-length": "^4.0.1" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/jest-worker": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-27.4.5.tgz", + "integrity": "sha512-f2s8kEdy15cv9r7q4KkzGXvlY0JTcmCbMHZBfSQDwW77REr45IDWwd0lksDFeVHH2jJ5pqb90T77XscrjeGzzg==", + "dev": true, + "dependencies": { + "@types/node": "*", + "merge-stream": "^2.0.0", + "supports-color": "^8.0.0" + }, + "engines": { + "node": ">= 10.13.0" + } + }, + "node_modules/jest-worker/node_modules/supports-color": { + "version": "8.1.1", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", + "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", + "dev": true, + "dependencies": { + "has-flag": "^4.0.0" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/supports-color?sponsor=1" + } + }, + "node_modules/js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", + "dev": true + }, + "node_modules/js-yaml": { + "version": "3.14.1", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", + "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", + "dev": true, + "dependencies": { + "argparse": "^1.0.7", + "esprima": "^4.0.0" + }, + "bin": { + "js-yaml": "bin/js-yaml.js" + } + }, + "node_modules/jsdom": { + "version": "16.7.0", + "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-16.7.0.tgz", + "integrity": "sha512-u9Smc2G1USStM+s/x1ru5Sxrl6mPYCbByG1U/hUmqaVsm4tbNyS7CicOSRyuGQYZhTu0h84qkZZQ/I+dzizSVw==", + "dev": true, + "dependencies": { + "abab": "^2.0.5", + "acorn": "^8.2.4", + "acorn-globals": "^6.0.0", + "cssom": "^0.4.4", + "cssstyle": "^2.3.0", + "data-urls": "^2.0.0", + "decimal.js": "^10.2.1", + "domexception": "^2.0.1", + "escodegen": "^2.0.0", + "form-data": "^3.0.0", + "html-encoding-sniffer": "^2.0.1", + "http-proxy-agent": "^4.0.1", + "https-proxy-agent": "^5.0.0", + "is-potential-custom-element-name": "^1.0.1", + "nwsapi": "^2.2.0", + "parse5": "6.0.1", + "saxes": "^5.0.1", + "symbol-tree": "^3.2.4", + "tough-cookie": "^4.0.0", + "w3c-hr-time": "^1.0.2", + "w3c-xmlserializer": "^2.0.0", + "webidl-conversions": "^6.1.0", + "whatwg-encoding": "^1.0.5", + "whatwg-mimetype": "^2.3.0", + "whatwg-url": "^8.5.0", + "ws": "^7.4.6", + "xml-name-validator": "^3.0.0" + }, + "engines": { + "node": ">=10" + }, + "peerDependencies": { + "canvas": "^2.5.0" + }, + "peerDependenciesMeta": { + "canvas": { + "optional": true } + } }, - "dependencies": { - "@babel/code-frame": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.16.7.tgz", - "integrity": "sha512-iAXqUn8IIeBTNd72xsFlgaXHkMBMt6y4HJp1tIaK465CWLT/fG1aqB7ykr95gHHmlBdGbFeWWfyB4NJJ0nmeIg==", - "dev": true, - "requires": { - "@babel/highlight": "^7.16.7" - } - }, - "@babel/compat-data": { - "version": "7.16.4", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.16.4.tgz", - "integrity": "sha512-1o/jo7D+kC9ZjHX5v+EHrdjl3PhxMrLSOTGsOdHJ+KL8HCaEK6ehrVL2RS6oHDZp+L7xLirLrPmQtEng769J/Q==", - "dev": true - }, - "@babel/core": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.16.7.tgz", - "integrity": "sha512-aeLaqcqThRNZYmbMqtulsetOQZ/5gbR/dWruUCJcpas4Qoyy+QeagfDsPdMrqwsPRDNxJvBlRiZxxX7THO7qtA==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.16.7", - "@babel/generator": "^7.16.7", - "@babel/helper-compilation-targets": "^7.16.7", - "@babel/helper-module-transforms": "^7.16.7", - "@babel/helpers": "^7.16.7", - "@babel/parser": "^7.16.7", - "@babel/template": "^7.16.7", - "@babel/traverse": "^7.16.7", - "@babel/types": "^7.16.7", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.2", - "json5": "^2.1.2", - "semver": "^6.3.0", - "source-map": "^0.5.0" - }, - "dependencies": { - "source-map": { - "version": "0.5.7", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", - "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", - "dev": true - } - } - }, - "@babel/generator": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.16.7.tgz", - "integrity": "sha512-/ST3Sg8MLGY5HVYmrjOgL60ENux/HfO/CsUh7y4MalThufhE/Ff/6EibFDHi4jiDCaWfJKoqbE6oTh21c5hrRg==", - "dev": true, - "requires": { - "@babel/types": "^7.16.7", - "jsesc": "^2.5.1", - "source-map": "^0.5.0" - }, - "dependencies": { - "source-map": { - "version": "0.5.7", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", - "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", - "dev": true - } - } - }, - "@babel/helper-compilation-targets": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.16.7.tgz", - "integrity": "sha512-mGojBwIWcwGD6rfqgRXVlVYmPAv7eOpIemUG3dGnDdCY4Pae70ROij3XmfrH6Fa1h1aiDylpglbZyktfzyo/hA==", - "dev": true, - "requires": { - "@babel/compat-data": "^7.16.4", - "@babel/helper-validator-option": "^7.16.7", - "browserslist": "^4.17.5", - "semver": "^6.3.0" - } - }, - "@babel/helper-environment-visitor": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.16.7.tgz", - "integrity": "sha512-SLLb0AAn6PkUeAfKJCCOl9e1R53pQlGAfc4y4XuMRZfqeMYLE0dM1LMhqbGAlGQY0lfw5/ohoYWAe9V1yibRag==", - "dev": true, - "requires": { - "@babel/types": "^7.16.7" - } - }, - "@babel/helper-function-name": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.16.7.tgz", - "integrity": "sha512-QfDfEnIUyyBSR3HtrtGECuZ6DAyCkYFp7GHl75vFtTnn6pjKeK0T1DB5lLkFvBea8MdaiUABx3osbgLyInoejA==", - "dev": true, - "requires": { - "@babel/helper-get-function-arity": "^7.16.7", - "@babel/template": "^7.16.7", - "@babel/types": "^7.16.7" - } - }, - "@babel/helper-get-function-arity": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-get-function-arity/-/helper-get-function-arity-7.16.7.tgz", - "integrity": "sha512-flc+RLSOBXzNzVhcLu6ujeHUrD6tANAOU5ojrRx/as+tbzf8+stUCj7+IfRRoAbEZqj/ahXEMsjhOhgeZsrnTw==", - "dev": true, - "requires": { - "@babel/types": "^7.16.7" - } - }, - "@babel/helper-hoist-variables": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.16.7.tgz", - "integrity": "sha512-m04d/0Op34H5v7pbZw6pSKP7weA6lsMvfiIAMeIvkY/R4xQtBSMFEigu9QTZ2qB/9l22vsxtM8a+Q8CzD255fg==", - "dev": true, - "requires": { - "@babel/types": "^7.16.7" - } - }, - "@babel/helper-module-imports": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.16.7.tgz", - "integrity": "sha512-LVtS6TqjJHFc+nYeITRo6VLXve70xmq7wPhWTqDJusJEgGmkAACWwMiTNrvfoQo6hEhFwAIixNkvB0jPXDL8Wg==", - "dev": true, - "requires": { - "@babel/types": "^7.16.7" - } - }, - "@babel/helper-module-transforms": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.16.7.tgz", - "integrity": "sha512-gaqtLDxJEFCeQbYp9aLAefjhkKdjKcdh6DB7jniIGU3Pz52WAmP268zK0VgPz9hUNkMSYeH976K2/Y6yPadpng==", - "dev": true, - "requires": { - "@babel/helper-environment-visitor": "^7.16.7", - "@babel/helper-module-imports": "^7.16.7", - "@babel/helper-simple-access": "^7.16.7", - "@babel/helper-split-export-declaration": "^7.16.7", - "@babel/helper-validator-identifier": "^7.16.7", - "@babel/template": "^7.16.7", - "@babel/traverse": "^7.16.7", - "@babel/types": "^7.16.7" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.16.7.tgz", - "integrity": "sha512-Qg3Nk7ZxpgMrsox6HreY1ZNKdBq7K72tDSliA6dCl5f007jR4ne8iD5UzuNnCJH2xBf2BEEVGr+/OL6Gdp7RxA==", - "dev": true - }, - "@babel/helper-simple-access": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.16.7.tgz", - "integrity": "sha512-ZIzHVyoeLMvXMN/vok/a4LWRy8G2v205mNP0XOuf9XRLyX5/u9CnVulUtDgUTama3lT+bf/UqucuZjqiGuTS1g==", - "dev": true, - "requires": { - "@babel/types": "^7.16.7" - } - }, - "@babel/helper-split-export-declaration": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.16.7.tgz", - "integrity": "sha512-xbWoy/PFoxSWazIToT9Sif+jJTlrMcndIsaOKvTA6u7QEo7ilkRZpjew18/W3c7nm8fXdUDXh02VXTbZ0pGDNw==", - "dev": true, - "requires": { - "@babel/types": "^7.16.7" - } - }, - "@babel/helper-validator-identifier": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.16.7.tgz", - "integrity": "sha512-hsEnFemeiW4D08A5gUAZxLBTXpZ39P+a+DGDsHw1yxqyQ/jzFEnxf5uTEGp+3bzAbNOxU1paTgYS4ECU/IgfDw==", - "dev": true - }, - "@babel/helper-validator-option": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.16.7.tgz", - "integrity": "sha512-TRtenOuRUVo9oIQGPC5G9DgK4743cdxvtOw0weQNpZXaS16SCBi5MNjZF8vba3ETURjZpTbVn7Vvcf2eAwFozQ==", - "dev": true - }, - "@babel/helpers": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.16.7.tgz", - "integrity": "sha512-9ZDoqtfY7AuEOt3cxchfii6C7GDyyMBffktR5B2jvWv8u2+efwvpnVKXMWzNehqy68tKgAfSwfdw/lWpthS2bw==", - "dev": true, - "requires": { - "@babel/template": "^7.16.7", - "@babel/traverse": "^7.16.7", - "@babel/types": "^7.16.7" - } - }, - "@babel/highlight": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.16.7.tgz", - "integrity": "sha512-aKpPMfLvGO3Q97V0qhw/V2SWNWlwfJknuwAunU7wZLSfrM4xTBvg7E5opUVi1kJTBKihE38CPg4nBiqX83PWYw==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.16.7", - "chalk": "^2.0.0", - "js-tokens": "^4.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=", - "dev": true - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/parser": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.16.7.tgz", - "integrity": "sha512-sR4eaSrnM7BV7QPzGfEX5paG/6wrZM3I0HDzfIAK06ESvo9oy3xBuVBxE3MbQaKNhvg8g/ixjMWo2CGpzpHsDA==", - "dev": true - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.12.13", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", - "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.12.13" - } - }, - "@babel/plugin-syntax-import-meta": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", - "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", - "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", - "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-top-level-await": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", - "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.14.5" - } - }, - "@babel/plugin-syntax-typescript": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.16.7.tgz", - "integrity": "sha512-YhUIJHHGkqPgEcMYkPCKTyGUdoGKWtopIycQyjJH8OjvRgOYsXsaKehLVPScKJWAULPxMa4N1vCe6szREFlZ7A==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.16.7" - } - }, - "@babel/template": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.16.7.tgz", - "integrity": "sha512-I8j/x8kHUrbYRTUxXrrMbfCa7jxkE7tZre39x3kjr9hvI82cK1FfqLygotcWN5kdPGWcLdWMHpSBavse5tWw3w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.16.7", - "@babel/parser": "^7.16.7", - "@babel/types": "^7.16.7" - } - }, - "@babel/traverse": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.16.7.tgz", - "integrity": "sha512-8KWJPIb8c2VvY8AJrydh6+fVRo2ODx1wYBU2398xJVq0JomuLBZmVQzLPBblJgHIGYG4znCpUZUZ0Pt2vdmVYQ==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.16.7", - "@babel/generator": "^7.16.7", - "@babel/helper-environment-visitor": "^7.16.7", - "@babel/helper-function-name": "^7.16.7", - "@babel/helper-hoist-variables": "^7.16.7", - "@babel/helper-split-export-declaration": "^7.16.7", - "@babel/parser": "^7.16.7", - "@babel/types": "^7.16.7", - "debug": "^4.1.0", - "globals": "^11.1.0" - } - }, - "@babel/types": { - "version": "7.16.7", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.16.7.tgz", - "integrity": "sha512-E8HuV7FO9qLpx6OtoGfUQ2cjIYnbFwvZWYBS+87EwtdMvmUPJSwykpovFB+8insbpF0uJcpr8KMUi64XZntZcg==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.16.7", - "to-fast-properties": "^2.0.0" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - } - }, - "@istanbuljs/schema": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", - "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", - "dev": true - }, - "@jest/console": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-27.4.2.tgz", - "integrity": "sha512-xknHThRsPB/To1FUbi6pCe43y58qFC03zfb6R7fDb/FfC7k2R3i1l+izRBJf8DI46KhYGRaF14Eo9A3qbBoixg==", - "dev": true, - "requires": { - "@jest/types": "^27.4.2", - "@types/node": "*", - "chalk": "^4.0.0", - "jest-message-util": "^27.4.2", - "jest-util": "^27.4.2", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-27.4.5.tgz", - "integrity": "sha512-3tm/Pevmi8bDsgvo73nX8p/WPng6KWlCyScW10FPEoN1HU4pwI83tJ3TsFvi1FfzsjwUlMNEPowgb/rPau/LTQ==", - "dev": true, - "requires": { - "@jest/console": "^27.4.2", - "@jest/reporters": "^27.4.5", - "@jest/test-result": "^27.4.2", - "@jest/transform": "^27.4.5", - "@jest/types": "^27.4.2", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "emittery": "^0.8.1", - "exit": "^0.1.2", - "graceful-fs": "^4.2.4", - "jest-changed-files": "^27.4.2", - "jest-config": "^27.4.5", - "jest-haste-map": "^27.4.5", - "jest-message-util": "^27.4.2", - "jest-regex-util": "^27.4.0", - "jest-resolve": "^27.4.5", - "jest-resolve-dependencies": "^27.4.5", - "jest-runner": "^27.4.5", - "jest-runtime": "^27.4.5", - "jest-snapshot": "^27.4.5", - "jest-util": "^27.4.2", - "jest-validate": "^27.4.2", - "jest-watcher": "^27.4.2", - "micromatch": "^4.0.4", - "rimraf": "^3.0.0", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "27.4.4", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-27.4.4.tgz", - "integrity": "sha512-q+niMx7cJgt/t/b6dzLOh4W8Ef/8VyKG7hxASK39jakijJzbFBGpptx3RXz13FFV7OishQ9lTbv+dQ5K3EhfDQ==", - "dev": true, - "requires": { - "@jest/fake-timers": "^27.4.2", - "@jest/types": "^27.4.2", - "@types/node": "*", - "jest-mock": "^27.4.2" - } - }, - "@jest/fake-timers": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-27.4.2.tgz", - "integrity": "sha512-f/Xpzn5YQk5adtqBgvw1V6bF8Nx3hY0OIRRpCvWcfPl0EAjdqWPdhH3t/3XpiWZqtjIEHDyMKP9ajpva1l4Zmg==", - "dev": true, - "requires": { - "@jest/types": "^27.4.2", - "@sinonjs/fake-timers": "^8.0.1", - "@types/node": "*", - "jest-message-util": "^27.4.2", - "jest-mock": "^27.4.2", - "jest-util": "^27.4.2" - } - }, - "@jest/globals": { - "version": "27.4.4", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-27.4.4.tgz", - "integrity": "sha512-bqpqQhW30BOreXM8bA8t8JbOQzsq/WnPTnBl+It3UxAD9J8yxEAaBEylHx1dtBapAr/UBk8GidXbzmqnee8tYQ==", - "dev": true, - "requires": { - "@jest/environment": "^27.4.4", - "@jest/types": "^27.4.2", - "expect": "^27.4.2" - } - }, - "@jest/reporters": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-27.4.5.tgz", - "integrity": "sha512-3orsG4vi8zXuBqEoy2LbnC1kuvkg1KQUgqNxmxpQgIOQEPeV0onvZu+qDQnEoX8qTQErtqn/xzcnbpeTuOLSiA==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^27.4.2", - "@jest/test-result": "^27.4.2", - "@jest/transform": "^27.4.5", - "@jest/types": "^27.4.2", - "@types/node": "*", - "chalk": "^4.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.2", - "graceful-fs": "^4.2.4", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^4.0.3", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.0.2", - "jest-haste-map": "^27.4.5", - "jest-resolve": "^27.4.5", - "jest-util": "^27.4.2", - "jest-worker": "^27.4.5", - "slash": "^3.0.0", - "source-map": "^0.6.0", - "string-length": "^4.0.1", - "terminal-link": "^2.0.0", - "v8-to-istanbul": "^8.1.0" - } - }, - "@jest/source-map": { - "version": "27.4.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-27.4.0.tgz", - "integrity": "sha512-Ntjx9jzP26Bvhbm93z/AKcPRj/9wrkI88/gK60glXDx1q+IeI0rf7Lw2c89Ch6ofonB0On/iRDreQuQ6te9pgQ==", - "dev": true, - "requires": { - "callsites": "^3.0.0", - "graceful-fs": "^4.2.4", - "source-map": "^0.6.0" - } - }, - "@jest/test-result": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-27.4.2.tgz", - "integrity": "sha512-kr+bCrra9jfTgxHXHa2UwoQjxvQk3Am6QbpAiJ5x/50LW8llOYrxILkqY0lZRW/hu8FXesnudbql263+EW9iNA==", - "dev": true, - "requires": { - "@jest/console": "^27.4.2", - "@jest/types": "^27.4.2", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-27.4.5.tgz", - "integrity": "sha512-n5woIn/1v+FT+9hniymHPARA9upYUmfi5Pw9ewVwXCDlK4F5/Gkees9v8vdjGdAIJ2MPHLHodiajLpZZanWzEQ==", - "dev": true, - "requires": { - "@jest/test-result": "^27.4.2", - "graceful-fs": "^4.2.4", - "jest-haste-map": "^27.4.5", - "jest-runtime": "^27.4.5" - } - }, - "@jest/transform": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-27.4.5.tgz", - "integrity": "sha512-PuMet2UlZtlGzwc6L+aZmR3I7CEBpqadO03pU40l2RNY2fFJ191b9/ITB44LNOhVtsyykx0OZvj0PCyuLm7Eew==", - "dev": true, - "requires": { - "@babel/core": "^7.1.0", - "@jest/types": "^27.4.2", - "babel-plugin-istanbul": "^6.0.0", - "chalk": "^4.0.0", - "convert-source-map": "^1.4.0", - "fast-json-stable-stringify": "^2.0.0", - "graceful-fs": "^4.2.4", - "jest-haste-map": "^27.4.5", - "jest-regex-util": "^27.4.0", - "jest-util": "^27.4.2", - "micromatch": "^4.0.4", - "pirates": "^4.0.1", - "slash": "^3.0.0", - "source-map": "^0.6.1", - "write-file-atomic": "^3.0.0" - } - }, - "@jest/types": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-27.4.2.tgz", - "integrity": "sha512-j35yw0PMTPpZsUoOBiuHzr1zTYoad1cVIE0ajEjcrJONxxrko/IRGKkXx3os0Nsi4Hu3+5VmDbVfq5WhG/pWAg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^3.0.0", - "@types/node": "*", - "@types/yargs": "^16.0.0", - "chalk": "^4.0.0" - } - }, - "@sinonjs/commons": { - "version": "1.8.3", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.3.tgz", - "integrity": "sha512-xkNcLAn/wZaX14RPlwizcKicDk9G3F8m2nU3L7Ukm5zBgTwiT0wsoFAHx9Jq56fJA1z/7uKGtCRu16sOUCLIHQ==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@sinonjs/fake-timers": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-8.1.0.tgz", - "integrity": "sha512-OAPJUAtgeINhh/TAlUID4QTs53Njm7xzddaVlEs/SXwgtiD1tW22zAB/W1wdqfrpmikgaWQ9Fw6Ws+hsiRm5Vg==", - "dev": true, - "requires": { - "@sinonjs/commons": "^1.7.0" - } - }, - "@tootallnate/once": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@tootallnate/once/-/once-1.1.2.tgz", - "integrity": "sha512-RbzJvlNzmRq5c3O09UipeuXno4tA1FE6ikOjxZK0tuxVv3412l64l5t1W5pj4+rJq9vpkm/kwiR07aZXnsKPxw==", - "dev": true - }, - "@types/babel__core": { - "version": "7.1.18", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.1.18.tgz", - "integrity": "sha512-S7unDjm/C7z2A2R9NzfKCK1I+BAALDtxEmsJBwlB3EzNfb929ykjL++1CK9LO++EIp2fQrC8O+BwjKvz6UeDyQ==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.4", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", - "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", - "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.14.2", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.14.2.tgz", - "integrity": "sha512-K2waXdXBi2302XUdcHcR1jCeU0LL4TD9HRs/gk0N2Xvrht+G/BfJa4QObBQZfhMdxiCpV3COl5Nfq4uKTeTnJA==", - "dev": true, - "requires": { - "@babel/types": "^7.3.0" - } - }, - "@types/graceful-fs": { - "version": "4.1.5", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.5.tgz", - "integrity": "sha512-anKkLmZZ+xm4p8JWBf4hElkM4XR+EZeA2M9BAkkTldmcyDY4mbdIJnRghDJH3Ov5ooY7/UAoENtmdMSkaAd7Cw==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", - "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", - "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", - "dev": true, - "requires": { - "@types/istanbul-lib-report": "*" - } - }, - "@types/node": { - "version": "17.0.7", - "resolved": "https://registry.npmjs.org/@types/node/-/node-17.0.7.tgz", - "integrity": "sha512-1QUk+WAUD4t8iR+Oj+UgI8oJa6yyxaB8a8pHaC8uqM6RrS1qbL7bf3Pwl5rHv0psm2CuDErgho6v5N+G+5fwtQ==", - "dev": true - }, - "@types/prettier": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.4.2.tgz", - "integrity": "sha512-ekoj4qOQYp7CvjX8ZDBgN86w3MqQhLE1hczEJbEIjgFEumDy+na/4AJAbLXfgEWFNB2pKadM5rPFtuSGMWK7xA==", - "dev": true - }, - "@types/stack-utils": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", - "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", - "dev": true - }, - "@types/yargs": { - "version": "16.0.4", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-16.0.4.tgz", - "integrity": "sha512-T8Yc9wt/5LbJyCaLiHPReJa0kApcIgJ7Bn735GjItUfh08Z1pJvu8QZqb9s+mMvKV6WUQRV7K2R46YbjMXTTJw==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "20.2.1", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-20.2.1.tgz", - "integrity": "sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw==", - "dev": true - }, - "abab": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/abab/-/abab-2.0.5.tgz", - "integrity": "sha512-9IK9EadsbHo6jLWIpxpR6pL0sazTXV6+SQv25ZB+F7Bj9mJNaOc4nCRabwd5M/JwmUa8idz6Eci6eKfJryPs6Q==", - "dev": true - }, - "acorn": { - "version": "8.7.0", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.7.0.tgz", - "integrity": "sha512-V/LGr1APy+PXIwKebEWrkZPwoeoF+w1jiOBUmuxuiUIaOHtob8Qc9BTrYo7VuI5fR8tqsy+buA2WFooR5olqvQ==", - "dev": true - }, - "acorn-globals": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/acorn-globals/-/acorn-globals-6.0.0.tgz", - "integrity": "sha512-ZQl7LOWaF5ePqqcX4hLuv/bLXYQNfNWw2c0/yX/TsPRKamzHcTGQnlCjHT3TsmkOUVEPS3crCxiPfdzE/Trlhg==", - "dev": true, - "requires": { - "acorn": "^7.1.1", - "acorn-walk": "^7.1.1" - }, - "dependencies": { - "acorn": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz", - "integrity": "sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A==", - "dev": true - } - } - }, - "acorn-walk": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-7.2.0.tgz", - "integrity": "sha512-OPdCF6GsMIP+Az+aWfAAOEt2/+iVDKE7oy6lJ098aoe59oAmK76qV6Gw60SbZ8jHuG2wH058GF4pLFbYamYrVA==", - "dev": true - }, - "agent-base": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz", - "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==", - "dev": true, - "requires": { - "debug": "4" - } - }, - "ansi-escapes": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", - "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", - "dev": true, - "requires": { - "type-fest": "^0.21.3" - } - }, - "ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true - }, - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "requires": { - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.2.tgz", - "integrity": "sha512-P43ePfOAIupkguHUycrc4qJ9kz8ZiuOUijaETwX7THt0Y/GNK7v0aa8rY816xWjZ7rJdA5XdMcpVFTKMq+RvWg==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", - "dev": true - }, - "babel-jest": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-27.4.5.tgz", - "integrity": "sha512-3uuUTjXbgtODmSv/DXO9nZfD52IyC2OYTFaXGRzL0kpykzroaquCrD5+lZNafTvZlnNqZHt5pb0M08qVBZnsnA==", - "dev": true, - "requires": { - "@jest/transform": "^27.4.5", - "@jest/types": "^27.4.2", - "@types/babel__core": "^7.1.14", - "babel-plugin-istanbul": "^6.0.0", - "babel-preset-jest": "^27.4.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.4", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", - "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^5.0.4", - "test-exclude": "^6.0.0" - }, - "dependencies": { - "istanbul-lib-instrument": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.1.0.tgz", - "integrity": "sha512-czwUz525rkOFDJxfKK6mYfIs9zBKILyrZQxjz3ABhjQXhbhFsSbo1HW/BFcsDnfJYJWA6thRR5/TUY2qs5W99Q==", - "dev": true, - "requires": { - "@babel/core": "^7.12.3", - "@babel/parser": "^7.14.7", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.2.0", - "semver": "^6.3.0" - } - } - } - }, - "babel-plugin-jest-hoist": { - "version": "27.4.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-27.4.0.tgz", - "integrity": "sha512-Jcu7qS4OX5kTWBc45Hz7BMmgXuJqRnhatqpUhnzGC3OBYpOmf2tv6jFNwZpwM7wU7MUuv2r9IPS/ZlYOuburVw==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__core": "^7.0.0", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", - "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-import-meta": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3", - "@babel/plugin-syntax-top-level-await": "^7.8.3" - } - }, - "babel-preset-jest": { - "version": "27.4.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-27.4.0.tgz", - "integrity": "sha512-NK4jGYpnBvNxcGo7/ZpZJr51jCGT+3bwwpVIDY2oNfTxJJldRtB4VAcYdgp1loDE50ODuTu+yBjpMAswv5tlpg==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^27.4.0", - "babel-preset-current-node-syntax": "^1.0.0" - } - }, - "balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dev": true, - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "dev": true, - "requires": { - "fill-range": "^7.0.1" - } - }, - "browser-process-hrtime": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/browser-process-hrtime/-/browser-process-hrtime-1.0.0.tgz", - "integrity": "sha512-9o5UecI3GhkpM6DrXr69PblIuWxPKk9Y0jHBRhdocZ2y7YECBFCsHm79Pr3OyR2AvjhDkabFJaDJMYRazHgsow==", - "dev": true - }, - "browserslist": { - "version": "4.19.1", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.19.1.tgz", - "integrity": "sha512-u2tbbG5PdKRTUoctO3NBD8FQ5HdPh1ZXPHzp1rwaa5jTc+RV9/+RlWiAIKmjRPQF+xbGM9Kklj5bZQFa2s/38A==", - "dev": true, - "requires": { - "caniuse-lite": "^1.0.30001286", - "electron-to-chromium": "^1.4.17", - "escalade": "^3.1.1", - "node-releases": "^2.0.1", - "picocolors": "^1.0.0" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer-from": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", - "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "caniuse-lite": { - "version": "1.0.30001296", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001296.tgz", - "integrity": "sha512-WfrtPEoNSoeATDlf4y3QvkwiELl9GyPLISV5GejTbbQRtQx4LhsXmc9IQ6XCL2d7UxCyEzToEZNMeqR79OUw8Q==", - "dev": true - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "char-regex": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", - "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", - "dev": true - }, - "ci-info": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.3.0.tgz", - "integrity": "sha512-riT/3vI5YpVH6/qomlDnJow6TBee2PBKSEpx3O32EGPYbWGIRsIlGRms3Sm74wYE1JMo8RnO04Hb12+v1J5ICw==", - "dev": true - }, - "cjs-module-lexer": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.2.tgz", - "integrity": "sha512-cOU9usZw8/dXIXKtwa8pM0OTJQuJkxMN6w30csNRUerHfeQ5R6U3kkU/FtJeIf3M202OHfY2U8ccInBG7/xogA==", - "dev": true - }, - "cliui": { - "version": "7.0.4", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-7.0.4.tgz", - "integrity": "sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.0", - "wrap-ansi": "^7.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha1-bqa989hTrlTMuOR7+gvz+QMfsYQ=", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.1.tgz", - "integrity": "sha512-iBPtljfCNcTKNAto0KEtDfZ3qzjJvqE3aTGZsbhjSBlorqpXJlaWWtPO35D+ZImoC3KWejX64o+yPGxhWSTzfg==", - "dev": true - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dev": true, - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", - "dev": true - }, - "convert-source-map": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.8.0.tgz", - "integrity": "sha512-+OQdjP49zViI/6i7nIJpA8rAl4sV/JdPfU9nZs3VqOwGIgizICvuN2ru6fMd+4llL0tar18UYJXfZ/TWtmhUjA==", - "dev": true, - "requires": { - "safe-buffer": "~5.1.1" - } - }, - "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "cssom": { - "version": "0.4.4", - "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.4.4.tgz", - "integrity": "sha512-p3pvU7r1MyyqbTk+WbNJIgJjG2VmTIaB10rI93LzVPrmDJKkzKYMtxxyAvQXR/NS6otuzveI7+7BBq3SjBS2mw==", - "dev": true - }, - "cssstyle": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/cssstyle/-/cssstyle-2.3.0.tgz", - "integrity": "sha512-AZL67abkUzIuvcHqk7c09cezpGNcxUxU4Ioi/05xHk4DQeTkWmGYftIE6ctU6AEt+Gn4n1lDStOtj7FKycP71A==", - "dev": true, - "requires": { - "cssom": "~0.3.6" - }, - "dependencies": { - "cssom": { - "version": "0.3.8", - "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.3.8.tgz", - "integrity": "sha512-b0tGHbfegbhPJpxpiBPU2sCkigAqtM9O121le6bbOlgyV+NyGyCmVfJ6QW9eRjz8CpNfWEOYBIMIGRYkLwsIYg==", - "dev": true - } - } - }, - "data-urls": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/data-urls/-/data-urls-2.0.0.tgz", - "integrity": "sha512-X5eWTSXO/BJmpdIKCRuKUgSCgAN0OwliVK3yPKbwIWU1Tdw5BRajxlzMidvh+gwko9AfQ9zIj52pzF91Q3YAvQ==", - "dev": true, - "requires": { - "abab": "^2.0.3", - "whatwg-mimetype": "^2.3.0", - "whatwg-url": "^8.0.0" - } - }, - "debug": { - "version": "4.3.3", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.3.tgz", - "integrity": "sha512-/zxw5+vh1Tfv+4Qn7a5nsbcJKPaSvCDhojn6FEl9vupwK2VCSDtEiEtqr8DFtzYFOdz63LBkxec7DYuc2jon6Q==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "decimal.js": { - "version": "10.3.1", - "resolved": "https://registry.npmjs.org/decimal.js/-/decimal.js-10.3.1.tgz", - "integrity": "sha512-V0pfhfr8suzyPGOx3nmq4aHqabehUZn6Ch9kyFpV79TGDTWFmHqUqXdabR7QHqxzrYolF4+tVmJhUG4OURg5dQ==", - "dev": true - }, - "dedent": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", - "integrity": "sha1-JJXduvbrh0q7Dhvp3yLS5aVEMmw=", - "dev": true - }, - "deep-is": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz", - "integrity": "sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==", - "dev": true - }, - "deepmerge": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.2.2.tgz", - "integrity": "sha512-FJ3UgI4gIl+PHZm53knsuSFpE+nESMr7M4v9QcgB7S63Kj/6WqMiFQJpBBYz1Pt+66bZpP3Q7Lye0Oo9MPKEdg==", - "dev": true - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", - "dev": true - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "27.4.0", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-27.4.0.tgz", - "integrity": "sha512-YqiQzkrsmHMH5uuh8OdQFU9/ZpADnwzml8z0O5HvRNda+5UZsaX/xN+AAxfR2hWq1Y7HZnAzO9J5lJXOuDz2Ww==", - "dev": true - }, - "domexception": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/domexception/-/domexception-2.0.1.tgz", - "integrity": "sha512-yxJ2mFy/sibVQlu5qHjOkf9J3K6zgmCxgJ94u2EdvDOV09H+32LtRswEcUsmUWN72pVLOEnTSRaIVVzVQgS0dg==", - "dev": true, - "requires": { - "webidl-conversions": "^5.0.0" - }, - "dependencies": { - "webidl-conversions": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-5.0.0.tgz", - "integrity": "sha512-VlZwKPCkYKxQgeSbH5EyngOmRp7Ww7I9rQLERETtf5ofd9pGeswWiOtogpEO850jziPRarreGxn5QIiTqpb2wA==", - "dev": true - } - } - }, - "electron-to-chromium": { - "version": "1.4.33", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.33.tgz", - "integrity": "sha512-OVK1Ad3pHnmuXPhEfq85X8vUKr1UPNHryBnbKnyLcAfh8dPwoFjoDhDlP5KpPJIiymvSucZs48UBrE1250IxOw==", - "dev": true + "node_modules/jsesc": { + "version": "2.5.2", + "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", + "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", + "dev": true, + "bin": { + "jsesc": "bin/jsesc" + }, + "engines": { + "node": ">=4" + } + }, + "node_modules/json5": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.0.tgz", + "integrity": "sha512-f+8cldu7X/y7RAJurMEJmdoKXGB/X550w2Nr3tTbezL6RwEE/iMcm+tZnXeoZtKuOq6ft8+CqzEkrIgx1fPoQA==", + "dev": true, + "dependencies": { + "minimist": "^1.2.5" + }, + "bin": { + "json5": "lib/cli.js" + }, + "engines": { + "node": ">=6" + } + }, + "node_modules/kleur": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", + "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", + "dev": true, + "engines": { + "node": ">=6" + } + }, + "node_modules/leven": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", + "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", + "dev": true, + "engines": { + "node": ">=6" + } + }, + "node_modules/levn": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/levn/-/levn-0.3.0.tgz", + "integrity": "sha1-OwmSTt+fCDwEkP3UwLxEIeBHZO4=", + "dev": true, + "dependencies": { + "prelude-ls": "~1.1.2", + "type-check": "~0.3.2" + }, + "engines": { + "node": ">= 0.8.0" + } + }, + "node_modules/locate-path": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", + "dev": true, + "dependencies": { + "p-locate": "^4.1.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/lodash": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==", + "dev": true + }, + "node_modules/lru-cache": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", + "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", + "dev": true, + "dependencies": { + "yallist": "^4.0.0" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/make-dir": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", + "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", + "dev": true, + "dependencies": { + "semver": "^6.0.0" + }, + "engines": { + "node": ">=8" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/makeerror": { + "version": "1.0.12", + "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", + "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", + "dev": true, + "dependencies": { + "tmpl": "1.0.5" + } + }, + "node_modules/merge-stream": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", + "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", + "dev": true + }, + "node_modules/micromatch": { + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.4.tgz", + "integrity": "sha512-pRmzw/XUcwXGpD9aI9q/0XOwLNygjETJ8y0ao0wdqprrzDa4YnxLcz7fQRZr8voh8V10kGhABbNcHVk5wHgWwg==", + "dev": true, + "dependencies": { + "braces": "^3.0.1", + "picomatch": "^2.2.3" + }, + "engines": { + "node": ">=8.6" + } + }, + "node_modules/mime-db": { + "version": "1.51.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.51.0.tgz", + "integrity": "sha512-5y8A56jg7XVQx2mbv1lu49NR4dokRnhZYTtL+KGfaa27uq4pSTXkwQkFJl4pkRMyNFz/EtYDSkiiEHx3F7UN6g==", + "dev": true, + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/mime-types": { + "version": "2.1.34", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.34.tgz", + "integrity": "sha512-6cP692WwGIs9XXdOO4++N+7qjqv0rqxxVvJ3VHPh/Sc9mVZcQP+ZGhkKiTvWMQRr2tbHkJP/Yn7Y0npb3ZBs4A==", + "dev": true, + "dependencies": { + "mime-db": "1.51.0" + }, + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/mimic-fn": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", + "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", + "dev": true, + "engines": { + "node": ">=6" + } + }, + "node_modules/minimatch": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", + "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", + "dev": true, + "dependencies": { + "brace-expansion": "^1.1.7" + }, + "engines": { + "node": "*" + } + }, + "node_modules/minimist": { + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", + "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==", + "dev": true + }, + "node_modules/ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", + "dev": true + }, + "node_modules/natural-compare": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", + "integrity": "sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=", + "dev": true + }, + "node_modules/node-fetch": { + "version": "2.6.7", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.7.tgz", + "integrity": "sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==", + "dependencies": { + "whatwg-url": "^5.0.0" + }, + "engines": { + "node": "4.x || >=6.0.0" + }, + "peerDependencies": { + "encoding": "^0.1.0" + }, + "peerDependenciesMeta": { + "encoding": { + "optional": true + } + } + }, + "node_modules/node-fetch/node_modules/tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o=" + }, + "node_modules/node-fetch/node_modules/webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha1-JFNCdeKnvGvnvIZhHMFq4KVlSHE=" + }, + "node_modules/node-fetch/node_modules/whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha1-lmRU6HZUYuN2RNNib2dCzotwll0=", + "dependencies": { + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" + } + }, + "node_modules/node-int64": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", + "integrity": "sha1-h6kGXNs1XTGC2PlM4RGIuCXGijs=", + "dev": true + }, + "node_modules/node-releases": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.1.tgz", + "integrity": "sha512-CqyzN6z7Q6aMeF/ktcMVTzhAHCEpf8SOarwpzpf8pNBY2k5/oM34UHldUwp8VKI7uxct2HxSRdJjBaZeESzcxA==", + "dev": true + }, + "node_modules/normalize-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", + "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", + "dev": true, + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/npm-run-path": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", + "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", + "dev": true, + "dependencies": { + "path-key": "^3.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/nwsapi": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/nwsapi/-/nwsapi-2.2.0.tgz", + "integrity": "sha512-h2AatdwYH+JHiZpv7pt/gSX1XoRGb7L/qSIeuqA6GwYoF9w1vP1cw42TO0aI2pNyshRK5893hNSl+1//vHK7hQ==", + "dev": true + }, + "node_modules/once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", + "dev": true, + "dependencies": { + "wrappy": "1" + } + }, + "node_modules/onetime": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", + "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", + "dev": true, + "dependencies": { + "mimic-fn": "^2.1.0" + }, + "engines": { + "node": ">=6" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/optionator": { + "version": "0.8.3", + "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.8.3.tgz", + "integrity": "sha512-+IW9pACdk3XWmmTXG8m3upGUJst5XRGzxMRjXzAuJ1XnIFNvfhjjIuYkDvysnPQ7qzqVzLt78BCruntqRhWQbA==", + "dev": true, + "dependencies": { + "deep-is": "~0.1.3", + "fast-levenshtein": "~2.0.6", + "levn": "~0.3.0", + "prelude-ls": "~1.1.2", + "type-check": "~0.3.2", + "word-wrap": "~1.2.3" + }, + "engines": { + "node": ">= 0.8.0" + } + }, + "node_modules/p-limit": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", + "dev": true, + "dependencies": { + "p-try": "^2.0.0" + }, + "engines": { + "node": ">=6" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/p-locate": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", + "dev": true, + "dependencies": { + "p-limit": "^2.2.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/p-try": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", + "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", + "dev": true, + "engines": { + "node": ">=6" + } + }, + "node_modules/parse5": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/parse5/-/parse5-6.0.1.tgz", + "integrity": "sha512-Ofn/CTFzRGTTxwpNEs9PP93gXShHcTq255nzRYSKe8AkVpZY7e1fpmTfOyoIvjP5HG7Z2ZM7VS9PPhQGW2pOpw==", + "dev": true + }, + "node_modules/path-exists": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", + "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", + "dev": true, + "engines": { + "node": ">=8" + } + }, + "node_modules/path-is-absolute": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", + "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", + "dev": true, + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/path-key": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", + "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", + "dev": true, + "engines": { + "node": ">=8" + } + }, + "node_modules/path-parse": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", + "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", + "dev": true + }, + "node_modules/picocolors": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", + "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", + "dev": true + }, + "node_modules/picomatch": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", + "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", + "dev": true, + "engines": { + "node": ">=8.6" + }, + "funding": { + "url": "https://github.com/sponsors/jonschlinkert" + } + }, + "node_modules/pirates": { + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.4.tgz", + "integrity": "sha512-ZIrVPH+A52Dw84R0L3/VS9Op04PuQ2SEoJL6bkshmiTic/HldyW9Tf7oH5mhJZBK7NmDx27vSMrYEXPXclpDKw==", + "dev": true, + "engines": { + "node": ">= 6" + } + }, + "node_modules/pkg-dir": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", + "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", + "dev": true, + "dependencies": { + "find-up": "^4.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/prelude-ls": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.1.2.tgz", + "integrity": "sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ=", + "dev": true, + "engines": { + "node": ">= 0.8.0" + } + }, + "node_modules/pretty-format": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-27.4.2.tgz", + "integrity": "sha512-p0wNtJ9oLuvgOQDEIZ9zQjZffK7KtyR6Si0jnXULIDwrlNF8Cuir3AZP0hHv0jmKuNN/edOnbMjnzd4uTcmWiw==", + "dev": true, + "dependencies": { + "@jest/types": "^27.4.2", + "ansi-regex": "^5.0.1", + "ansi-styles": "^5.0.0", + "react-is": "^17.0.1" + }, + "engines": { + "node": "^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0" + } + }, + "node_modules/pretty-format/node_modules/ansi-styles": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", + "dev": true, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" + } + }, + "node_modules/prompts": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", + "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", + "dev": true, + "dependencies": { + "kleur": "^3.0.3", + "sisteransi": "^1.0.5" + }, + "engines": { + "node": ">= 6" + } + }, + "node_modules/psl": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", + "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==", + "dev": true + }, + "node_modules/punycode": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", + "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", + "dev": true, + "engines": { + "node": ">=6" + } + }, + "node_modules/react-is": { + "version": "17.0.2", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-17.0.2.tgz", + "integrity": "sha512-w2GsyukL62IJnlaff/nRegPQR94C/XXamvMWmSHRJ4y7Ts/4ocGRmTHvOs8PSE6pB3dWOrD/nueuU5sduBsQ4w==", + "dev": true + }, + "node_modules/require-directory": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", + "integrity": "sha1-jGStX9MNqxyXbiNE/+f3kqam30I=", + "dev": true, + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/resolve": { + "version": "1.21.0", + "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.21.0.tgz", + "integrity": "sha512-3wCbTpk5WJlyE4mSOtDLhqQmGFi0/TD9VPwmiolnk8U0wRgMEktqCXd3vy5buTO3tljvalNvKrjHEfrd2WpEKA==", + "dev": true, + "dependencies": { + "is-core-module": "^2.8.0", + "path-parse": "^1.0.7", + "supports-preserve-symlinks-flag": "^1.0.0" + }, + "bin": { + "resolve": "bin/resolve" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/resolve-cwd": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", + "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", + "dev": true, + "dependencies": { + "resolve-from": "^5.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/resolve-from": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", + "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", + "dev": true, + "engines": { + "node": ">=8" + } + }, + "node_modules/resolve.exports": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-1.1.0.tgz", + "integrity": "sha512-J1l+Zxxp4XK3LUDZ9m60LRJF/mAe4z6a4xyabPHk7pvK5t35dACV32iIjJDFeWZFfZlO29w6SZ67knR0tHzJtQ==", + "dev": true, + "engines": { + "node": ">=10" + } + }, + "node_modules/rimraf": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", + "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", + "dev": true, + "dependencies": { + "glob": "^7.1.3" + }, + "bin": { + "rimraf": "bin.js" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" + } + }, + "node_modules/safe-buffer": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", + "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==", + "dev": true + }, + "node_modules/safer-buffer": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", + "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", + "dev": true + }, + "node_modules/saxes": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/saxes/-/saxes-5.0.1.tgz", + "integrity": "sha512-5LBh1Tls8c9xgGjw3QrMwETmTMVk0oFgvrFSvWx62llR2hcEInrKNZ2GZCCuuy2lvWrdl5jhbpeqc5hRYKFOcw==", + "dev": true, + "dependencies": { + "xmlchars": "^2.2.0" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/semver": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", + "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==", + "dev": true, + "bin": { + "semver": "bin/semver.js" + } + }, + "node_modules/shebang-command": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", + "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", + "dev": true, + "dependencies": { + "shebang-regex": "^3.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/shebang-regex": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", + "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", + "dev": true, + "engines": { + "node": ">=8" + } + }, + "node_modules/signal-exit": { + "version": "3.0.6", + "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.6.tgz", + "integrity": "sha512-sDl4qMFpijcGw22U5w63KmD3cZJfBuFlVNbVMKje2keoKML7X2UzWbc4XrmEbDwg0NXJc3yv4/ox7b+JWb57kQ==", + "dev": true + }, + "node_modules/sisteransi": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", + "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", + "dev": true + }, + "node_modules/slash": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", + "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", + "dev": true, + "engines": { + "node": ">=8" + } + }, + "node_modules/source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", + "dev": true, + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/source-map-support": { + "version": "0.5.21", + "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.21.tgz", + "integrity": "sha512-uBHU3L3czsIyYXKX88fdrGovxdSCoTGDRZ6SYXtSRxLZUzHg5P/66Ht6uoUlHu9EZod+inXhKo3qQgwXUT/y1w==", + "dev": true, + "dependencies": { + "buffer-from": "^1.0.0", + "source-map": "^0.6.0" + } + }, + "node_modules/sprintf-js": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=", + "dev": true + }, + "node_modules/stack-utils": { + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.5.tgz", + "integrity": "sha512-xrQcmYhOsn/1kX+Vraq+7j4oE2j/6BFscZ0etmYg81xuM8Gq0022Pxb8+IqgOFUIaxHs0KaSb7T1+OegiNrNFA==", + "dev": true, + "dependencies": { + "escape-string-regexp": "^2.0.0" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/string-length": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", + "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", + "dev": true, + "dependencies": { + "char-regex": "^1.0.2", + "strip-ansi": "^6.0.0" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/string-width": { + "version": "4.2.3", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", + "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "dev": true, + "dependencies": { + "emoji-regex": "^8.0.0", + "is-fullwidth-code-point": "^3.0.0", + "strip-ansi": "^6.0.1" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/strip-ansi": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", + "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "dev": true, + "dependencies": { + "ansi-regex": "^5.0.1" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/strip-bom": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", + "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", + "dev": true, + "engines": { + "node": ">=8" + } + }, + "node_modules/strip-final-newline": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", + "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", + "dev": true, + "engines": { + "node": ">=6" + } + }, + "node_modules/supports-color": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", + "dev": true, + "dependencies": { + "has-flag": "^4.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/supports-hyperlinks": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/supports-hyperlinks/-/supports-hyperlinks-2.2.0.tgz", + "integrity": "sha512-6sXEzV5+I5j8Bmq9/vUphGRM/RJNT9SCURJLjwfOg51heRtguGWDzcaBlgAzKhQa0EVNpPEKzQuBwZ8S8WaCeQ==", + "dev": true, + "dependencies": { + "has-flag": "^4.0.0", + "supports-color": "^7.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/supports-preserve-symlinks-flag": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", + "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", + "dev": true, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/symbol-tree": { + "version": "3.2.4", + "resolved": "https://registry.npmjs.org/symbol-tree/-/symbol-tree-3.2.4.tgz", + "integrity": "sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw==", + "dev": true + }, + "node_modules/terminal-link": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/terminal-link/-/terminal-link-2.1.1.tgz", + "integrity": "sha512-un0FmiRUQNr5PJqy9kP7c40F5BOfpGlYTrxonDChEZB7pzZxRNp/bt+ymiy9/npwXya9KH99nJ/GXFIiUkYGFQ==", + "dev": true, + "dependencies": { + "ansi-escapes": "^4.2.1", + "supports-hyperlinks": "^2.0.0" + }, + "engines": { + "node": ">=8" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/test-exclude": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", + "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", + "dev": true, + "dependencies": { + "@istanbuljs/schema": "^0.1.2", + "glob": "^7.1.4", + "minimatch": "^3.0.4" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/throat": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/throat/-/throat-6.0.1.tgz", + "integrity": "sha512-8hmiGIJMDlwjg7dlJ4yKGLK8EsYqKgPWbG3b4wjJddKNwc7N7Dpn08Df4szr/sZdMVeOstrdYSsqzX6BYbcB+w==", + "dev": true + }, + "node_modules/tmpl": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", + "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", + "dev": true + }, + "node_modules/to-fast-properties": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", + "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", + "dev": true, + "engines": { + "node": ">=4" + } + }, + "node_modules/to-regex-range": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", + "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", + "dev": true, + "dependencies": { + "is-number": "^7.0.0" + }, + "engines": { + "node": ">=8.0" + } + }, + "node_modules/tough-cookie": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-4.0.0.tgz", + "integrity": "sha512-tHdtEpQCMrc1YLrMaqXXcj6AxhYi/xgit6mZu1+EDWUn+qhUf8wMQoFIy9NXuq23zAwtcB0t/MjACGR18pcRbg==", + "dev": true, + "dependencies": { + "psl": "^1.1.33", + "punycode": "^2.1.1", + "universalify": "^0.1.2" + }, + "engines": { + "node": ">=6" + } + }, + "node_modules/tr46": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-2.1.0.tgz", + "integrity": "sha512-15Ih7phfcdP5YxqiB+iDtLoaTz4Nd35+IiAv0kQ5FNKHzXgdWqPoTIqEDDJmXceQt4JZk6lVPT8lnDlPpGDppw==", + "dev": true, + "dependencies": { + "punycode": "^2.1.1" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/type-check": { + "version": "0.3.2", + "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.3.2.tgz", + "integrity": "sha1-WITKtRLPHTVeP7eE8wgEsrUg23I=", + "dev": true, + "dependencies": { + "prelude-ls": "~1.1.2" + }, + "engines": { + "node": ">= 0.8.0" + } + }, + "node_modules/type-detect": { + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", + "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", + "dev": true, + "engines": { + "node": ">=4" + } + }, + "node_modules/type-fest": { + "version": "0.21.3", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", + "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", + "dev": true, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/typedarray-to-buffer": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/typedarray-to-buffer/-/typedarray-to-buffer-3.1.5.tgz", + "integrity": "sha512-zdu8XMNEDepKKR+XYOXAVPtWui0ly0NtohUscw+UmaHiAWT8hrV1rr//H6V+0DvJ3OQ19S979M0laLfX8rm82Q==", + "dev": true, + "dependencies": { + "is-typedarray": "^1.0.0" + } + }, + "node_modules/universalify": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz", + "integrity": "sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg==", + "dev": true, + "engines": { + "node": ">= 4.0.0" + } + }, + "node_modules/v8-to-istanbul": { + "version": "8.1.0", + "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-8.1.0.tgz", + "integrity": "sha512-/PRhfd8aTNp9Ggr62HPzXg2XasNFGy5PBt0Rp04du7/8GNNSgxFL6WBTkgMKSL9bFjH+8kKEG3f37FmxiTqUUA==", + "dev": true, + "dependencies": { + "@types/istanbul-lib-coverage": "^2.0.1", + "convert-source-map": "^1.6.0", + "source-map": "^0.7.3" + }, + "engines": { + "node": ">=10.12.0" + } + }, + "node_modules/v8-to-istanbul/node_modules/source-map": { + "version": "0.7.3", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.7.3.tgz", + "integrity": "sha512-CkCj6giN3S+n9qrYiBTX5gystlENnRW5jZeNLHpe6aue+SrHcG5VYwujhW9s4dY31mEGsxBDrHR6oI69fTXsaQ==", + "dev": true, + "engines": { + "node": ">= 8" + } + }, + "node_modules/w3c-hr-time": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/w3c-hr-time/-/w3c-hr-time-1.0.2.tgz", + "integrity": "sha512-z8P5DvDNjKDoFIHK7q8r8lackT6l+jo/Ye3HOle7l9nICP9lf1Ci25fy9vHd0JOWewkIFzXIEig3TdKT7JQ5fQ==", + "dev": true, + "dependencies": { + "browser-process-hrtime": "^1.0.0" + } + }, + "node_modules/w3c-xmlserializer": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/w3c-xmlserializer/-/w3c-xmlserializer-2.0.0.tgz", + "integrity": "sha512-4tzD0mF8iSiMiNs30BiLO3EpfGLZUT2MSX/G+o7ZywDzliWQ3OPtTZ0PTC3B3ca1UAf4cJMHB+2Bf56EriJuRA==", + "dev": true, + "dependencies": { + "xml-name-validator": "^3.0.0" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/walker": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", + "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", + "dev": true, + "dependencies": { + "makeerror": "1.0.12" + } + }, + "node_modules/webidl-conversions": { + "version": "6.1.0", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-6.1.0.tgz", + "integrity": "sha512-qBIvFLGiBpLjfwmYAaHPXsn+ho5xZnGvyGvsarywGNc8VyQJUMHJ8OBKGGrPER0okBeMDaan4mNBlgBROxuI8w==", + "dev": true, + "engines": { + "node": ">=10.4" + } + }, + "node_modules/whatwg-encoding": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/whatwg-encoding/-/whatwg-encoding-1.0.5.tgz", + "integrity": "sha512-b5lim54JOPN9HtzvK9HFXvBma/rnfFeqsic0hSpjtDbVxR3dJKLc+KB4V6GgiGOvl7CY/KNh8rxSo9DKQrnUEw==", + "dev": true, + "dependencies": { + "iconv-lite": "0.4.24" + } + }, + "node_modules/whatwg-mimetype": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/whatwg-mimetype/-/whatwg-mimetype-2.3.0.tgz", + "integrity": "sha512-M4yMwr6mAnQz76TbJm914+gPpB/nCwvZbJU28cUD6dR004SAxDLOOSUaB1JDRqLtaOV/vi0IC5lEAGFgrjGv/g==", + "dev": true + }, + "node_modules/whatwg-url": { + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-8.7.0.tgz", + "integrity": "sha512-gAojqb/m9Q8a5IV96E3fHJM70AzCkgt4uXYX2O7EmuyOnLrViCQlsEBmF9UQIu3/aeAIp2U17rtbpZWNntQqdg==", + "dev": true, + "dependencies": { + "lodash": "^4.7.0", + "tr46": "^2.1.0", + "webidl-conversions": "^6.1.0" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/which": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", + "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", + "dev": true, + "dependencies": { + "isexe": "^2.0.0" + }, + "bin": { + "node-which": "bin/node-which" + }, + "engines": { + "node": ">= 8" + } + }, + "node_modules/word-wrap": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz", + "integrity": "sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==", + "dev": true, + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/wrap-ansi": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", + "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", + "dev": true, + "dependencies": { + "ansi-styles": "^4.0.0", + "string-width": "^4.1.0", + "strip-ansi": "^6.0.0" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/wrap-ansi?sponsor=1" + } + }, + "node_modules/wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", + "dev": true + }, + "node_modules/write-file-atomic": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-3.0.3.tgz", + "integrity": "sha512-AvHcyZ5JnSfq3ioSyjrBkH9yW4m7Ayk8/9My/DD9onKeu/94fwrMocemO2QAJFAlnnDN+ZDS+ZjAR5ua1/PV/Q==", + "dev": true, + "dependencies": { + "imurmurhash": "^0.1.4", + "is-typedarray": "^1.0.0", + "signal-exit": "^3.0.2", + "typedarray-to-buffer": "^3.1.5" + } + }, + "node_modules/ws": { + "version": "7.5.6", + "resolved": "https://registry.npmjs.org/ws/-/ws-7.5.6.tgz", + "integrity": "sha512-6GLgCqo2cy2A2rjCNFlxQS6ZljG/coZfZXclldI8FB/1G3CCI36Zd8xy2HrFVACi8tfk5XrgLQEk+P0Tnz9UcA==", + "dev": true, + "engines": { + "node": ">=8.3.0" + }, + "peerDependencies": { + "bufferutil": "^4.0.1", + "utf-8-validate": "^5.0.2" + }, + "peerDependenciesMeta": { + "bufferutil": { + "optional": true + }, + "utf-8-validate": { + "optional": true + } + } + }, + "node_modules/xml-name-validator": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/xml-name-validator/-/xml-name-validator-3.0.0.tgz", + "integrity": "sha512-A5CUptxDsvxKJEU3yO6DuWBSJz/qizqzJKOMIfUJHETbBw/sFaDxgd6fxm1ewUaM0jZ444Fc5vC5ROYurg/4Pw==", + "dev": true + }, + "node_modules/xmlchars": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/xmlchars/-/xmlchars-2.2.0.tgz", + "integrity": "sha512-JZnDKK8B0RCDw84FNdDAIpZK+JuJw+s7Lz8nksI7SIuU3UXJJslUthsi+uWBUYOwPFwW7W7PRLRfUKpxjtjFCw==", + "dev": true + }, + "node_modules/y18n": { + "version": "5.0.8", + "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", + "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", + "dev": true, + "engines": { + "node": ">=10" + } + }, + "node_modules/yallist": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", + "dev": true + }, + "node_modules/yargs": { + "version": "16.2.0", + "resolved": "https://registry.npmjs.org/yargs/-/yargs-16.2.0.tgz", + "integrity": "sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw==", + "dev": true, + "dependencies": { + "cliui": "^7.0.2", + "escalade": "^3.1.1", + "get-caller-file": "^2.0.5", + "require-directory": "^2.1.1", + "string-width": "^4.2.0", + "y18n": "^5.0.5", + "yargs-parser": "^20.2.2" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/yargs-parser": { + "version": "20.2.9", + "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-20.2.9.tgz", + "integrity": "sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w==", + "dev": true, + "engines": { + "node": ">=10" + } + } + }, + "dependencies": { + "@babel/code-frame": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.16.7.tgz", + "integrity": "sha512-iAXqUn8IIeBTNd72xsFlgaXHkMBMt6y4HJp1tIaK465CWLT/fG1aqB7ykr95gHHmlBdGbFeWWfyB4NJJ0nmeIg==", + "dev": true, + "requires": { + "@babel/highlight": "^7.16.7" + } + }, + "@babel/compat-data": { + "version": "7.16.4", + "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.16.4.tgz", + "integrity": "sha512-1o/jo7D+kC9ZjHX5v+EHrdjl3PhxMrLSOTGsOdHJ+KL8HCaEK6ehrVL2RS6oHDZp+L7xLirLrPmQtEng769J/Q==", + "dev": true + }, + "@babel/core": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.16.7.tgz", + "integrity": "sha512-aeLaqcqThRNZYmbMqtulsetOQZ/5gbR/dWruUCJcpas4Qoyy+QeagfDsPdMrqwsPRDNxJvBlRiZxxX7THO7qtA==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.16.7", + "@babel/generator": "^7.16.7", + "@babel/helper-compilation-targets": "^7.16.7", + "@babel/helper-module-transforms": "^7.16.7", + "@babel/helpers": "^7.16.7", + "@babel/parser": "^7.16.7", + "@babel/template": "^7.16.7", + "@babel/traverse": "^7.16.7", + "@babel/types": "^7.16.7", + "convert-source-map": "^1.7.0", + "debug": "^4.1.0", + "gensync": "^1.0.0-beta.2", + "json5": "^2.1.2", + "semver": "^6.3.0", + "source-map": "^0.5.0" + }, + "dependencies": { + "source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "dev": true + } + } + }, + "@babel/generator": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.16.7.tgz", + "integrity": "sha512-/ST3Sg8MLGY5HVYmrjOgL60ENux/HfO/CsUh7y4MalThufhE/Ff/6EibFDHi4jiDCaWfJKoqbE6oTh21c5hrRg==", + "dev": true, + "requires": { + "@babel/types": "^7.16.7", + "jsesc": "^2.5.1", + "source-map": "^0.5.0" + }, + "dependencies": { + "source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "dev": true + } + } + }, + "@babel/helper-compilation-targets": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.16.7.tgz", + "integrity": "sha512-mGojBwIWcwGD6rfqgRXVlVYmPAv7eOpIemUG3dGnDdCY4Pae70ROij3XmfrH6Fa1h1aiDylpglbZyktfzyo/hA==", + "dev": true, + "requires": { + "@babel/compat-data": "^7.16.4", + "@babel/helper-validator-option": "^7.16.7", + "browserslist": "^4.17.5", + "semver": "^6.3.0" + } + }, + "@babel/helper-environment-visitor": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.16.7.tgz", + "integrity": "sha512-SLLb0AAn6PkUeAfKJCCOl9e1R53pQlGAfc4y4XuMRZfqeMYLE0dM1LMhqbGAlGQY0lfw5/ohoYWAe9V1yibRag==", + "dev": true, + "requires": { + "@babel/types": "^7.16.7" + } + }, + "@babel/helper-function-name": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.16.7.tgz", + "integrity": "sha512-QfDfEnIUyyBSR3HtrtGECuZ6DAyCkYFp7GHl75vFtTnn6pjKeK0T1DB5lLkFvBea8MdaiUABx3osbgLyInoejA==", + "dev": true, + "requires": { + "@babel/helper-get-function-arity": "^7.16.7", + "@babel/template": "^7.16.7", + "@babel/types": "^7.16.7" + } + }, + "@babel/helper-get-function-arity": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-get-function-arity/-/helper-get-function-arity-7.16.7.tgz", + "integrity": "sha512-flc+RLSOBXzNzVhcLu6ujeHUrD6tANAOU5ojrRx/as+tbzf8+stUCj7+IfRRoAbEZqj/ahXEMsjhOhgeZsrnTw==", + "dev": true, + "requires": { + "@babel/types": "^7.16.7" + } + }, + "@babel/helper-hoist-variables": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.16.7.tgz", + "integrity": "sha512-m04d/0Op34H5v7pbZw6pSKP7weA6lsMvfiIAMeIvkY/R4xQtBSMFEigu9QTZ2qB/9l22vsxtM8a+Q8CzD255fg==", + "dev": true, + "requires": { + "@babel/types": "^7.16.7" + } + }, + "@babel/helper-module-imports": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.16.7.tgz", + "integrity": "sha512-LVtS6TqjJHFc+nYeITRo6VLXve70xmq7wPhWTqDJusJEgGmkAACWwMiTNrvfoQo6hEhFwAIixNkvB0jPXDL8Wg==", + "dev": true, + "requires": { + "@babel/types": "^7.16.7" + } + }, + "@babel/helper-module-transforms": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.16.7.tgz", + "integrity": "sha512-gaqtLDxJEFCeQbYp9aLAefjhkKdjKcdh6DB7jniIGU3Pz52WAmP268zK0VgPz9hUNkMSYeH976K2/Y6yPadpng==", + "dev": true, + "requires": { + "@babel/helper-environment-visitor": "^7.16.7", + "@babel/helper-module-imports": "^7.16.7", + "@babel/helper-simple-access": "^7.16.7", + "@babel/helper-split-export-declaration": "^7.16.7", + "@babel/helper-validator-identifier": "^7.16.7", + "@babel/template": "^7.16.7", + "@babel/traverse": "^7.16.7", + "@babel/types": "^7.16.7" + } + }, + "@babel/helper-plugin-utils": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.16.7.tgz", + "integrity": "sha512-Qg3Nk7ZxpgMrsox6HreY1ZNKdBq7K72tDSliA6dCl5f007jR4ne8iD5UzuNnCJH2xBf2BEEVGr+/OL6Gdp7RxA==", + "dev": true + }, + "@babel/helper-simple-access": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.16.7.tgz", + "integrity": "sha512-ZIzHVyoeLMvXMN/vok/a4LWRy8G2v205mNP0XOuf9XRLyX5/u9CnVulUtDgUTama3lT+bf/UqucuZjqiGuTS1g==", + "dev": true, + "requires": { + "@babel/types": "^7.16.7" + } + }, + "@babel/helper-split-export-declaration": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.16.7.tgz", + "integrity": "sha512-xbWoy/PFoxSWazIToT9Sif+jJTlrMcndIsaOKvTA6u7QEo7ilkRZpjew18/W3c7nm8fXdUDXh02VXTbZ0pGDNw==", + "dev": true, + "requires": { + "@babel/types": "^7.16.7" + } + }, + "@babel/helper-validator-identifier": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.16.7.tgz", + "integrity": "sha512-hsEnFemeiW4D08A5gUAZxLBTXpZ39P+a+DGDsHw1yxqyQ/jzFEnxf5uTEGp+3bzAbNOxU1paTgYS4ECU/IgfDw==", + "dev": true + }, + "@babel/helper-validator-option": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.16.7.tgz", + "integrity": "sha512-TRtenOuRUVo9oIQGPC5G9DgK4743cdxvtOw0weQNpZXaS16SCBi5MNjZF8vba3ETURjZpTbVn7Vvcf2eAwFozQ==", + "dev": true + }, + "@babel/helpers": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.16.7.tgz", + "integrity": "sha512-9ZDoqtfY7AuEOt3cxchfii6C7GDyyMBffktR5B2jvWv8u2+efwvpnVKXMWzNehqy68tKgAfSwfdw/lWpthS2bw==", + "dev": true, + "requires": { + "@babel/template": "^7.16.7", + "@babel/traverse": "^7.16.7", + "@babel/types": "^7.16.7" + } + }, + "@babel/highlight": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.16.7.tgz", + "integrity": "sha512-aKpPMfLvGO3Q97V0qhw/V2SWNWlwfJknuwAunU7wZLSfrM4xTBvg7E5opUVi1kJTBKihE38CPg4nBiqX83PWYw==", + "dev": true, + "requires": { + "@babel/helper-validator-identifier": "^7.16.7", + "chalk": "^2.0.0", + "js-tokens": "^4.0.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "dev": true, + "requires": { + "color-convert": "^1.9.0" + } }, - "emittery": { - "version": "0.8.1", - "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.8.1.tgz", - "integrity": "sha512-uDfvUjVrfGJJhymx/kz6prltenw1u7WrCg1oa94zYY8xxVpLLUu045LAT0dhDZdXG58/EpPL/5kA180fQ/qudg==", - "dev": true + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "dev": true, + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true + "color-convert": { + "version": "1.9.3", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "dev": true, + "requires": { + "color-name": "1.1.3" + } }, - "escalade": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", - "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", - "dev": true + "color-name": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=", + "dev": true }, "escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "dev": true - }, - "escodegen": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escodegen/-/escodegen-2.0.0.tgz", - "integrity": "sha512-mmHKys/C8BFUGI+MAWNcSYoORYLMdPzjrknd2Vc+bUsjN5bXcr8EhrNB+UTqfL1y3I9c4fw2ihgtMPQLBRiQxw==", - "dev": true, - "requires": { - "esprima": "^4.0.1", - "estraverse": "^5.2.0", - "esutils": "^2.0.2", - "optionator": "^0.8.1", - "source-map": "~0.6.1" - } - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true - }, - "estraverse": { - "version": "5.3.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz", - "integrity": "sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==", - "dev": true - }, - "esutils": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", - "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", - "dev": true - }, - "execa": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", - "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.3", - "get-stream": "^6.0.0", - "human-signals": "^2.1.0", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.1", - "onetime": "^5.1.2", - "signal-exit": "^3.0.3", - "strip-final-newline": "^2.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha1-BjJjj42HfMghB9MKD/8aF8uhzQw=", - "dev": true - }, - "expect": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/expect/-/expect-27.4.2.tgz", - "integrity": "sha512-BjAXIDC6ZOW+WBFNg96J22D27Nq5ohn+oGcuP2rtOtcjuxNoV9McpQ60PcQWhdFOSBIQdR72e+4HdnbZTFSTyg==", - "dev": true, - "requires": { - "@jest/types": "^27.4.2", - "ansi-styles": "^5.0.0", - "jest-get-type": "^27.4.0", - "jest-matcher-utils": "^27.4.2", - "jest-message-util": "^27.4.2", - "jest-regex-util": "^27.4.0" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", - "dev": true - }, - "fast-levenshtein": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", - "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=", - "dev": true - }, - "fb-watchman": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.1.tgz", - "integrity": "sha512-DkPJKQeY6kKwmuMretBhr7G6Vodr7bFwDYTXIkfG1gjvNpaxBTQV3PbXg6bR1c1UP4jPOX0jHUbbHANL9vRjVg==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "form-data": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-3.0.1.tgz", - "integrity": "sha512-RHkBKtLWUVwd7SqRIvCZMEvAMoGUp0XU+seQiZejj0COz3RI3hWP4sCv3gZWWLjJTd7rGwcsF5eKZGii0r/hbg==", - "dev": true, - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" - } - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", - "dev": true - }, - "fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "optional": true - }, - "function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true - }, - "gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", - "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", - "dev": true - }, - "glob": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.0.tgz", - "integrity": "sha512-lmLf6gtyrPq8tTjSmrO94wBeQbFR3HbLHbuyD69wuyQkImp2hWqMGB47OX65FBkPffO641IP9jWa1z4ivqG26Q==", - "dev": true, - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.0.4", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "graceful-fs": { - "version": "4.2.8", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.8.tgz", - "integrity": "sha512-qkIilPUYcNhJpd33n0GBXTB1MMPp14TxEsEs0pTrsSVucApsYzW5V+Q8Qxhik6KU3evy+qkAAowTByymK0avdg==", - "dev": true - }, - "has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, - "requires": { - "function-bind": "^1.1.1" - } + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=", + "dev": true }, "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "html-encoding-sniffer": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/html-encoding-sniffer/-/html-encoding-sniffer-2.0.1.tgz", - "integrity": "sha512-D5JbOMBIR/TVZkubHT+OyT2705QvogUW4IBn6nHd756OwieSF9aDYFj4dv6HHEVGYbHaLETa3WggZYWWMyy3ZQ==", - "dev": true, - "requires": { - "whatwg-encoding": "^1.0.5" - } - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "http-proxy-agent": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-4.0.1.tgz", - "integrity": "sha512-k0zdNgqWTGA6aeIRVpvfVob4fL52dTfaehylg0Y4UvSySvOq/Y+BOyPrgpUrA7HylqvU8vIZGsRuXmspskV0Tg==", - "dev": true, - "requires": { - "@tootallnate/once": "1", - "agent-base": "6", - "debug": "4" - } - }, - "https-proxy-agent": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.0.tgz", - "integrity": "sha512-EkYm5BcKUGiduxzSt3Eppko+PiNWNEpa4ySk9vTC6wDsQJW9rHSa+UhGNJoRYp7bz6Ht1eaRIa6QaJqO5rCFbA==", - "dev": true, - "requires": { - "agent-base": "6", - "debug": "4" - } - }, - "human-signals": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", - "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", - "dev": true - }, - "iconv-lite": { - "version": "0.4.24", - "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", - "integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==", - "dev": true, - "requires": { - "safer-buffer": ">= 2.1.2 < 3" - } - }, - "import-local": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.0.3.tgz", - "integrity": "sha512-bE9iaUY3CXH8Cwfan/abDKAxe1KGT9kyGsBPqf6DMK/z0a2OzAsrukeYNgIH6cH5Xr452jb1TUL8rSfCLjZ9uA==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=", - "dev": true - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", - "dev": true, - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "dev": true - }, - "is-core-module": { - "version": "2.8.0", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.8.0.tgz", - "integrity": "sha512-vd15qHsaqrRL7dtH6QNuy0ndJmRDrS9HAM1CAiSifNUFv4x1a0CCVsj18hJ1mShxIG6T2i1sO78MkP56r0nYRw==", - "dev": true, - "requires": { - "has": "^1.0.3" - } - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-potential-custom-element-name": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/is-potential-custom-element-name/-/is-potential-custom-element-name-1.0.1.tgz", - "integrity": "sha512-bCYeRA2rVibKZd+s2625gGnGF/t7DSqDs4dP7CrLA1m7jKWz6pps0LpYLJN8Q64HtmPKJ1hrN3nzPNKFEKOUiQ==", - "dev": true - }, - "is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", - "dev": true - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=", - "dev": true - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=", - "dev": true - }, - "istanbul-lib-coverage": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", - "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", - "dev": true + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", + "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", + "dev": true }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "dev": true, + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "@babel/parser": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.16.7.tgz", + "integrity": "sha512-sR4eaSrnM7BV7QPzGfEX5paG/6wrZM3I0HDzfIAK06ESvo9oy3xBuVBxE3MbQaKNhvg8g/ixjMWo2CGpzpHsDA==", + "dev": true + }, + "@babel/plugin-syntax-async-generators": { + "version": "7.8.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", + "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-bigint": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", + "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-class-properties": { + "version": "7.12.13", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", + "integrity": "sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.12.13" + } + }, + "@babel/plugin-syntax-import-meta": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", + "integrity": "sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-syntax-json-strings": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", + "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-logical-assignment-operators": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", + "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-syntax-nullish-coalescing-operator": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", + "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-numeric-separator": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", + "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-syntax-object-rest-spread": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", + "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-optional-catch-binding": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", + "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-optional-chaining": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", + "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-top-level-await": { + "version": "7.14.5", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", + "integrity": "sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.14.5" + } + }, + "@babel/plugin-syntax-typescript": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.16.7.tgz", + "integrity": "sha512-YhUIJHHGkqPgEcMYkPCKTyGUdoGKWtopIycQyjJH8OjvRgOYsXsaKehLVPScKJWAULPxMa4N1vCe6szREFlZ7A==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.16.7" + } + }, + "@babel/template": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.16.7.tgz", + "integrity": "sha512-I8j/x8kHUrbYRTUxXrrMbfCa7jxkE7tZre39x3kjr9hvI82cK1FfqLygotcWN5kdPGWcLdWMHpSBavse5tWw3w==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.16.7", + "@babel/parser": "^7.16.7", + "@babel/types": "^7.16.7" + } + }, + "@babel/traverse": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.16.7.tgz", + "integrity": "sha512-8KWJPIb8c2VvY8AJrydh6+fVRo2ODx1wYBU2398xJVq0JomuLBZmVQzLPBblJgHIGYG4znCpUZUZ0Pt2vdmVYQ==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.16.7", + "@babel/generator": "^7.16.7", + "@babel/helper-environment-visitor": "^7.16.7", + "@babel/helper-function-name": "^7.16.7", + "@babel/helper-hoist-variables": "^7.16.7", + "@babel/helper-split-export-declaration": "^7.16.7", + "@babel/parser": "^7.16.7", + "@babel/types": "^7.16.7", + "debug": "^4.1.0", + "globals": "^11.1.0" + } + }, + "@babel/types": { + "version": "7.16.7", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.16.7.tgz", + "integrity": "sha512-E8HuV7FO9qLpx6OtoGfUQ2cjIYnbFwvZWYBS+87EwtdMvmUPJSwykpovFB+8insbpF0uJcpr8KMUi64XZntZcg==", + "dev": true, + "requires": { + "@babel/helper-validator-identifier": "^7.16.7", + "to-fast-properties": "^2.0.0" + } + }, + "@bcoe/v8-coverage": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", + "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", + "dev": true + }, + "@istanbuljs/load-nyc-config": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", + "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", + "dev": true, + "requires": { + "camelcase": "^5.3.1", + "find-up": "^4.1.0", + "get-package-type": "^0.1.0", + "js-yaml": "^3.13.1", + "resolve-from": "^5.0.0" + } + }, + "@istanbuljs/schema": { + "version": "0.1.3", + "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", + "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", + "dev": true + }, + "@jest/console": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/@jest/console/-/console-27.4.2.tgz", + "integrity": "sha512-xknHThRsPB/To1FUbi6pCe43y58qFC03zfb6R7fDb/FfC7k2R3i1l+izRBJf8DI46KhYGRaF14Eo9A3qbBoixg==", + "dev": true, + "requires": { + "@jest/types": "^27.4.2", + "@types/node": "*", + "chalk": "^4.0.0", + "jest-message-util": "^27.4.2", + "jest-util": "^27.4.2", + "slash": "^3.0.0" + } + }, + "@jest/core": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/@jest/core/-/core-27.4.5.tgz", + "integrity": "sha512-3tm/Pevmi8bDsgvo73nX8p/WPng6KWlCyScW10FPEoN1HU4pwI83tJ3TsFvi1FfzsjwUlMNEPowgb/rPau/LTQ==", + "dev": true, + "requires": { + "@jest/console": "^27.4.2", + "@jest/reporters": "^27.4.5", + "@jest/test-result": "^27.4.2", + "@jest/transform": "^27.4.5", + "@jest/types": "^27.4.2", + "@types/node": "*", + "ansi-escapes": "^4.2.1", + "chalk": "^4.0.0", + "emittery": "^0.8.1", + "exit": "^0.1.2", + "graceful-fs": "^4.2.4", + "jest-changed-files": "^27.4.2", + "jest-config": "^27.4.5", + "jest-haste-map": "^27.4.5", + "jest-message-util": "^27.4.2", + "jest-regex-util": "^27.4.0", + "jest-resolve": "^27.4.5", + "jest-resolve-dependencies": "^27.4.5", + "jest-runner": "^27.4.5", + "jest-runtime": "^27.4.5", + "jest-snapshot": "^27.4.5", + "jest-util": "^27.4.2", + "jest-validate": "^27.4.2", + "jest-watcher": "^27.4.2", + "micromatch": "^4.0.4", + "rimraf": "^3.0.0", + "slash": "^3.0.0", + "strip-ansi": "^6.0.0" + } + }, + "@jest/environment": { + "version": "27.4.4", + "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-27.4.4.tgz", + "integrity": "sha512-q+niMx7cJgt/t/b6dzLOh4W8Ef/8VyKG7hxASK39jakijJzbFBGpptx3RXz13FFV7OishQ9lTbv+dQ5K3EhfDQ==", + "dev": true, + "requires": { + "@jest/fake-timers": "^27.4.2", + "@jest/types": "^27.4.2", + "@types/node": "*", + "jest-mock": "^27.4.2" + } + }, + "@jest/fake-timers": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-27.4.2.tgz", + "integrity": "sha512-f/Xpzn5YQk5adtqBgvw1V6bF8Nx3hY0OIRRpCvWcfPl0EAjdqWPdhH3t/3XpiWZqtjIEHDyMKP9ajpva1l4Zmg==", + "dev": true, + "requires": { + "@jest/types": "^27.4.2", + "@sinonjs/fake-timers": "^8.0.1", + "@types/node": "*", + "jest-message-util": "^27.4.2", + "jest-mock": "^27.4.2", + "jest-util": "^27.4.2" + } + }, + "@jest/globals": { + "version": "27.4.4", + "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-27.4.4.tgz", + "integrity": "sha512-bqpqQhW30BOreXM8bA8t8JbOQzsq/WnPTnBl+It3UxAD9J8yxEAaBEylHx1dtBapAr/UBk8GidXbzmqnee8tYQ==", + "dev": true, + "requires": { + "@jest/environment": "^27.4.4", + "@jest/types": "^27.4.2", + "expect": "^27.4.2" + } + }, + "@jest/reporters": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-27.4.5.tgz", + "integrity": "sha512-3orsG4vi8zXuBqEoy2LbnC1kuvkg1KQUgqNxmxpQgIOQEPeV0onvZu+qDQnEoX8qTQErtqn/xzcnbpeTuOLSiA==", + "dev": true, + "requires": { + "@bcoe/v8-coverage": "^0.2.3", + "@jest/console": "^27.4.2", + "@jest/test-result": "^27.4.2", + "@jest/transform": "^27.4.5", + "@jest/types": "^27.4.2", + "@types/node": "*", + "chalk": "^4.0.0", + "collect-v8-coverage": "^1.0.0", + "exit": "^0.1.2", + "glob": "^7.1.2", + "graceful-fs": "^4.2.4", + "istanbul-lib-coverage": "^3.0.0", + "istanbul-lib-instrument": "^4.0.3", + "istanbul-lib-report": "^3.0.0", + "istanbul-lib-source-maps": "^4.0.0", + "istanbul-reports": "^3.0.2", + "jest-haste-map": "^27.4.5", + "jest-resolve": "^27.4.5", + "jest-util": "^27.4.2", + "jest-worker": "^27.4.5", + "slash": "^3.0.0", + "source-map": "^0.6.0", + "string-length": "^4.0.1", + "terminal-link": "^2.0.0", + "v8-to-istanbul": "^8.1.0" + } + }, + "@jest/source-map": { + "version": "27.4.0", + "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-27.4.0.tgz", + "integrity": "sha512-Ntjx9jzP26Bvhbm93z/AKcPRj/9wrkI88/gK60glXDx1q+IeI0rf7Lw2c89Ch6ofonB0On/iRDreQuQ6te9pgQ==", + "dev": true, + "requires": { + "callsites": "^3.0.0", + "graceful-fs": "^4.2.4", + "source-map": "^0.6.0" + } + }, + "@jest/test-result": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-27.4.2.tgz", + "integrity": "sha512-kr+bCrra9jfTgxHXHa2UwoQjxvQk3Am6QbpAiJ5x/50LW8llOYrxILkqY0lZRW/hu8FXesnudbql263+EW9iNA==", + "dev": true, + "requires": { + "@jest/console": "^27.4.2", + "@jest/types": "^27.4.2", + "@types/istanbul-lib-coverage": "^2.0.0", + "collect-v8-coverage": "^1.0.0" + } + }, + "@jest/test-sequencer": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-27.4.5.tgz", + "integrity": "sha512-n5woIn/1v+FT+9hniymHPARA9upYUmfi5Pw9ewVwXCDlK4F5/Gkees9v8vdjGdAIJ2MPHLHodiajLpZZanWzEQ==", + "dev": true, + "requires": { + "@jest/test-result": "^27.4.2", + "graceful-fs": "^4.2.4", + "jest-haste-map": "^27.4.5", + "jest-runtime": "^27.4.5" + } + }, + "@jest/transform": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-27.4.5.tgz", + "integrity": "sha512-PuMet2UlZtlGzwc6L+aZmR3I7CEBpqadO03pU40l2RNY2fFJ191b9/ITB44LNOhVtsyykx0OZvj0PCyuLm7Eew==", + "dev": true, + "requires": { + "@babel/core": "^7.1.0", + "@jest/types": "^27.4.2", + "babel-plugin-istanbul": "^6.0.0", + "chalk": "^4.0.0", + "convert-source-map": "^1.4.0", + "fast-json-stable-stringify": "^2.0.0", + "graceful-fs": "^4.2.4", + "jest-haste-map": "^27.4.5", + "jest-regex-util": "^27.4.0", + "jest-util": "^27.4.2", + "micromatch": "^4.0.4", + "pirates": "^4.0.1", + "slash": "^3.0.0", + "source-map": "^0.6.1", + "write-file-atomic": "^3.0.0" + } + }, + "@jest/types": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/@jest/types/-/types-27.4.2.tgz", + "integrity": "sha512-j35yw0PMTPpZsUoOBiuHzr1zTYoad1cVIE0ajEjcrJONxxrko/IRGKkXx3os0Nsi4Hu3+5VmDbVfq5WhG/pWAg==", + "dev": true, + "requires": { + "@types/istanbul-lib-coverage": "^2.0.0", + "@types/istanbul-reports": "^3.0.0", + "@types/node": "*", + "@types/yargs": "^16.0.0", + "chalk": "^4.0.0" + } + }, + "@sinonjs/commons": { + "version": "1.8.3", + "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.3.tgz", + "integrity": "sha512-xkNcLAn/wZaX14RPlwizcKicDk9G3F8m2nU3L7Ukm5zBgTwiT0wsoFAHx9Jq56fJA1z/7uKGtCRu16sOUCLIHQ==", + "dev": true, + "requires": { + "type-detect": "4.0.8" + } + }, + "@sinonjs/fake-timers": { + "version": "8.1.0", + "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-8.1.0.tgz", + "integrity": "sha512-OAPJUAtgeINhh/TAlUID4QTs53Njm7xzddaVlEs/SXwgtiD1tW22zAB/W1wdqfrpmikgaWQ9Fw6Ws+hsiRm5Vg==", + "dev": true, + "requires": { + "@sinonjs/commons": "^1.7.0" + } + }, + "@tootallnate/once": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/@tootallnate/once/-/once-1.1.2.tgz", + "integrity": "sha512-RbzJvlNzmRq5c3O09UipeuXno4tA1FE6ikOjxZK0tuxVv3412l64l5t1W5pj4+rJq9vpkm/kwiR07aZXnsKPxw==", + "dev": true + }, + "@types/babel__core": { + "version": "7.1.18", + "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.1.18.tgz", + "integrity": "sha512-S7unDjm/C7z2A2R9NzfKCK1I+BAALDtxEmsJBwlB3EzNfb929ykjL++1CK9LO++EIp2fQrC8O+BwjKvz6UeDyQ==", + "dev": true, + "requires": { + "@babel/parser": "^7.1.0", + "@babel/types": "^7.0.0", + "@types/babel__generator": "*", + "@types/babel__template": "*", + "@types/babel__traverse": "*" + } + }, + "@types/babel__generator": { + "version": "7.6.4", + "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz", + "integrity": "sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==", + "dev": true, + "requires": { + "@babel/types": "^7.0.0" + } + }, + "@types/babel__template": { + "version": "7.4.1", + "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz", + "integrity": "sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==", + "dev": true, + "requires": { + "@babel/parser": "^7.1.0", + "@babel/types": "^7.0.0" + } + }, + "@types/babel__traverse": { + "version": "7.14.2", + "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.14.2.tgz", + "integrity": "sha512-K2waXdXBi2302XUdcHcR1jCeU0LL4TD9HRs/gk0N2Xvrht+G/BfJa4QObBQZfhMdxiCpV3COl5Nfq4uKTeTnJA==", + "dev": true, + "requires": { + "@babel/types": "^7.3.0" + } + }, + "@types/graceful-fs": { + "version": "4.1.5", + "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.5.tgz", + "integrity": "sha512-anKkLmZZ+xm4p8JWBf4hElkM4XR+EZeA2M9BAkkTldmcyDY4mbdIJnRghDJH3Ov5ooY7/UAoENtmdMSkaAd7Cw==", + "dev": true, + "requires": { + "@types/node": "*" + } + }, + "@types/istanbul-lib-coverage": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz", + "integrity": "sha512-z/QT1XN4K4KYuslS23k62yDIDLwLFkzxOuMplDtObz0+y7VqJCaO2o+SPwHCvLFZh7xazvvoor2tA/hPz9ee7g==", + "dev": true + }, + "@types/istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", + "dev": true, + "requires": { + "@types/istanbul-lib-coverage": "*" + } + }, + "@types/istanbul-reports": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.1.tgz", + "integrity": "sha512-c3mAZEuK0lvBp8tmuL74XRKn1+y2dcwOUpH7x4WrF6gk1GIgiluDRgMYQtw2OFcBvAJWlt6ASU3tSqxp0Uu0Aw==", + "dev": true, + "requires": { + "@types/istanbul-lib-report": "*" + } + }, + "@types/node": { + "version": "17.0.7", + "resolved": "https://registry.npmjs.org/@types/node/-/node-17.0.7.tgz", + "integrity": "sha512-1QUk+WAUD4t8iR+Oj+UgI8oJa6yyxaB8a8pHaC8uqM6RrS1qbL7bf3Pwl5rHv0psm2CuDErgho6v5N+G+5fwtQ==", + "dev": true + }, + "@types/prettier": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.4.2.tgz", + "integrity": "sha512-ekoj4qOQYp7CvjX8ZDBgN86w3MqQhLE1hczEJbEIjgFEumDy+na/4AJAbLXfgEWFNB2pKadM5rPFtuSGMWK7xA==", + "dev": true + }, + "@types/stack-utils": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz", + "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==", + "dev": true + }, + "@types/yargs": { + "version": "16.0.4", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-16.0.4.tgz", + "integrity": "sha512-T8Yc9wt/5LbJyCaLiHPReJa0kApcIgJ7Bn735GjItUfh08Z1pJvu8QZqb9s+mMvKV6WUQRV7K2R46YbjMXTTJw==", + "dev": true, + "requires": { + "@types/yargs-parser": "*" + } + }, + "@types/yargs-parser": { + "version": "20.2.1", + "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-20.2.1.tgz", + "integrity": "sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw==", + "dev": true + }, + "abab": { + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/abab/-/abab-2.0.5.tgz", + "integrity": "sha512-9IK9EadsbHo6jLWIpxpR6pL0sazTXV6+SQv25ZB+F7Bj9mJNaOc4nCRabwd5M/JwmUa8idz6Eci6eKfJryPs6Q==", + "dev": true + }, + "acorn": { + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.7.0.tgz", + "integrity": "sha512-V/LGr1APy+PXIwKebEWrkZPwoeoF+w1jiOBUmuxuiUIaOHtob8Qc9BTrYo7VuI5fR8tqsy+buA2WFooR5olqvQ==", + "dev": true + }, + "acorn-globals": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/acorn-globals/-/acorn-globals-6.0.0.tgz", + "integrity": "sha512-ZQl7LOWaF5ePqqcX4hLuv/bLXYQNfNWw2c0/yX/TsPRKamzHcTGQnlCjHT3TsmkOUVEPS3crCxiPfdzE/Trlhg==", + "dev": true, + "requires": { + "acorn": "^7.1.1", + "acorn-walk": "^7.1.1" + }, + "dependencies": { + "acorn": { + "version": "7.4.1", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz", + "integrity": "sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A==", + "dev": true + } + } + }, + "acorn-walk": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-7.2.0.tgz", + "integrity": "sha512-OPdCF6GsMIP+Az+aWfAAOEt2/+iVDKE7oy6lJ098aoe59oAmK76qV6Gw60SbZ8jHuG2wH058GF4pLFbYamYrVA==", + "dev": true + }, + "agent-base": { + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz", + "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==", + "dev": true, + "requires": { + "debug": "4" + } + }, + "ansi-escapes": { + "version": "4.3.2", + "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", + "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", + "dev": true, + "requires": { + "type-fest": "^0.21.3" + } + }, + "ansi-regex": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", + "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "dev": true + }, + "ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", + "dev": true, + "requires": { + "color-convert": "^2.0.1" + } + }, + "anymatch": { + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.2.tgz", + "integrity": "sha512-P43ePfOAIupkguHUycrc4qJ9kz8ZiuOUijaETwX7THt0Y/GNK7v0aa8rY816xWjZ7rJdA5XdMcpVFTKMq+RvWg==", + "dev": true, + "requires": { + "normalize-path": "^3.0.0", + "picomatch": "^2.0.4" + } + }, + "argparse": { + "version": "1.0.10", + "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", + "dev": true, + "requires": { + "sprintf-js": "~1.0.2" + } + }, + "asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", + "dev": true + }, + "babel-jest": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-27.4.5.tgz", + "integrity": "sha512-3uuUTjXbgtODmSv/DXO9nZfD52IyC2OYTFaXGRzL0kpykzroaquCrD5+lZNafTvZlnNqZHt5pb0M08qVBZnsnA==", + "dev": true, + "requires": { + "@jest/transform": "^27.4.5", + "@jest/types": "^27.4.2", + "@types/babel__core": "^7.1.14", + "babel-plugin-istanbul": "^6.0.0", + "babel-preset-jest": "^27.4.0", + "chalk": "^4.0.0", + "graceful-fs": "^4.2.4", + "slash": "^3.0.0" + } + }, + "babel-plugin-istanbul": { + "version": "6.1.1", + "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", + "integrity": "sha512-Y1IQok9821cC9onCx5otgFfRm7Lm+I+wwxOx738M/WLPZ9Q42m4IG5W0FNX8WLL2gYMZo3JkuXIH2DOpWM+qwA==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.0.0", + "@istanbuljs/load-nyc-config": "^1.0.0", + "@istanbuljs/schema": "^0.1.2", + "istanbul-lib-instrument": "^5.0.4", + "test-exclude": "^6.0.0" + }, + "dependencies": { "istanbul-lib-instrument": { - "version": "4.0.3", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-4.0.3.tgz", - "integrity": "sha512-BXgQl9kf4WTCPCCpmFGoJkz/+uhvm7h7PFKUYxh7qarQd3ER33vHG//qaE8eN25l07YqZPpHXU9I09l/RD5aGQ==", - "dev": true, - "requires": { - "@babel/core": "^7.7.5", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.0.0", - "semver": "^6.3.0" - } - }, - "istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", - "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.3.tgz", - "integrity": "sha512-x9LtDVtfm/t1GFiLl3NffC7hz+I1ragvgX1P/Lg1NlIagifZDKUkuuaAxH/qpwj2IuEfD8G2Bs/UKp+sZ/pKkg==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "jest": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest/-/jest-27.4.5.tgz", - "integrity": "sha512-uT5MiVN3Jppt314kidCk47MYIRilJjA/l2mxwiuzzxGUeJIvA8/pDaJOAX5KWvjAo7SCydcW0/4WEtgbLMiJkg==", - "dev": true, - "requires": { - "@jest/core": "^27.4.5", - "import-local": "^3.0.2", - "jest-cli": "^27.4.5" - } - }, - "jest-changed-files": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-27.4.2.tgz", - "integrity": "sha512-/9x8MjekuzUQoPjDHbBiXbNEBauhrPU2ct7m8TfCg69ywt1y/N+yYwGh3gCpnqUS3klYWDU/lSNgv+JhoD2k1A==", - "dev": true, - "requires": { - "@jest/types": "^27.4.2", - "execa": "^5.0.0", - "throat": "^6.0.1" - } - }, - "jest-circus": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-27.4.5.tgz", - "integrity": "sha512-eTNWa9wsvBwPykhMMShheafbwyakcdHZaEYh5iRrQ0PFJxkDP/e3U/FvzGuKWu2WpwUA3C3hPlfpuzvOdTVqnw==", - "dev": true, - "requires": { - "@jest/environment": "^27.4.4", - "@jest/test-result": "^27.4.2", - "@jest/types": "^27.4.2", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "dedent": "^0.7.0", - "expect": "^27.4.2", - "is-generator-fn": "^2.0.0", - "jest-each": "^27.4.2", - "jest-matcher-utils": "^27.4.2", - "jest-message-util": "^27.4.2", - "jest-runtime": "^27.4.5", - "jest-snapshot": "^27.4.5", - "jest-util": "^27.4.2", - "pretty-format": "^27.4.2", - "slash": "^3.0.0", - "stack-utils": "^2.0.3", - "throat": "^6.0.1" - } - }, - "jest-cli": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-27.4.5.tgz", - "integrity": "sha512-hrky3DSgE0u7sQxaCL7bdebEPHx5QzYmrGuUjaPLmPE8jx5adtvGuOlRspvMoVLTTDOHRnZDoRLYJuA+VCI7Hg==", - "dev": true, - "requires": { - "@jest/core": "^27.4.5", - "@jest/test-result": "^27.4.2", - "@jest/types": "^27.4.2", - "chalk": "^4.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.4", - "import-local": "^3.0.2", - "jest-config": "^27.4.5", - "jest-util": "^27.4.2", - "jest-validate": "^27.4.2", - "prompts": "^2.0.1", - "yargs": "^16.2.0" - } - }, - "jest-config": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-27.4.5.tgz", - "integrity": "sha512-t+STVJtPt+fpqQ8GBw850NtSQbnDOw/UzdPfzDaHQ48/AylQlW7LHj3dH+ndxhC1UxJ0Q3qkq7IH+nM1skwTwA==", - "dev": true, - "requires": { - "@babel/core": "^7.1.0", - "@jest/test-sequencer": "^27.4.5", - "@jest/types": "^27.4.2", - "babel-jest": "^27.4.5", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.1", - "graceful-fs": "^4.2.4", - "jest-circus": "^27.4.5", - "jest-environment-jsdom": "^27.4.4", - "jest-environment-node": "^27.4.4", - "jest-get-type": "^27.4.0", - "jest-jasmine2": "^27.4.5", - "jest-regex-util": "^27.4.0", - "jest-resolve": "^27.4.5", - "jest-runner": "^27.4.5", - "jest-util": "^27.4.2", - "jest-validate": "^27.4.2", - "micromatch": "^4.0.4", - "pretty-format": "^27.4.2", - "slash": "^3.0.0" - } - }, - "jest-diff": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-27.4.2.tgz", - "integrity": "sha512-ujc9ToyUZDh9KcqvQDkk/gkbf6zSaeEg9AiBxtttXW59H/AcqEYp1ciXAtJp+jXWva5nAf/ePtSsgWwE5mqp4Q==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "diff-sequences": "^27.4.0", - "jest-get-type": "^27.4.0", - "pretty-format": "^27.4.2" - } - }, - "jest-docblock": { - "version": "27.4.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-27.4.0.tgz", - "integrity": "sha512-7TBazUdCKGV7svZ+gh7C8esAnweJoG+SvcF6Cjqj4l17zA2q1cMwx2JObSioubk317H+cjcHgP+7fTs60paulg==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-27.4.2.tgz", - "integrity": "sha512-53V2MNyW28CTruB3lXaHNk6PkiIFuzdOC9gR3C6j8YE/ACfrPnz+slB0s17AgU1TtxNzLuHyvNlLJ+8QYw9nBg==", - "dev": true, - "requires": { - "@jest/types": "^27.4.2", - "chalk": "^4.0.0", - "jest-get-type": "^27.4.0", - "jest-util": "^27.4.2", - "pretty-format": "^27.4.2" - } - }, - "jest-environment-jsdom": { - "version": "27.4.4", - "resolved": "https://registry.npmjs.org/jest-environment-jsdom/-/jest-environment-jsdom-27.4.4.tgz", - "integrity": "sha512-cYR3ndNfHBqQgFvS1RL7dNqSvD//K56j/q1s2ygNHcfTCAp12zfIromO1w3COmXrxS8hWAh7+CmZmGCIoqGcGA==", - "dev": true, - "requires": { - "@jest/environment": "^27.4.4", - "@jest/fake-timers": "^27.4.2", - "@jest/types": "^27.4.2", - "@types/node": "*", - "jest-mock": "^27.4.2", - "jest-util": "^27.4.2", - "jsdom": "^16.6.0" - } - }, - "jest-environment-node": { - "version": "27.4.4", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-27.4.4.tgz", - "integrity": "sha512-D+v3lbJ2GjQTQR23TK0kY3vFVmSeea05giInI41HHOaJnAwOnmUHTZgUaZL+VxUB43pIzoa7PMwWtCVlIUoVoA==", - "dev": true, - "requires": { - "@jest/environment": "^27.4.4", - "@jest/fake-timers": "^27.4.2", - "@jest/types": "^27.4.2", - "@types/node": "*", - "jest-mock": "^27.4.2", - "jest-util": "^27.4.2" - } - }, - "jest-get-type": { - "version": "27.4.0", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-27.4.0.tgz", - "integrity": "sha512-tk9o+ld5TWq41DkK14L4wox4s2D9MtTpKaAVzXfr5CUKm5ZK2ExcaFE0qls2W71zE/6R2TxxrK9w2r6svAFDBQ==", - "dev": true - }, - "jest-haste-map": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-27.4.5.tgz", - "integrity": "sha512-oJm1b5qhhPs78K24EDGifWS0dELYxnoBiDhatT/FThgB9yxqUm5F6li3Pv+Q+apMBmmPNzOBnZ7ZxWMB1Leq1Q==", - "dev": true, - "requires": { - "@jest/types": "^27.4.2", - "@types/graceful-fs": "^4.1.2", - "@types/node": "*", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.3.2", - "graceful-fs": "^4.2.4", - "jest-regex-util": "^27.4.0", - "jest-serializer": "^27.4.0", - "jest-util": "^27.4.2", - "jest-worker": "^27.4.5", - "micromatch": "^4.0.4", - "walker": "^1.0.7" - } - }, - "jest-jasmine2": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-jasmine2/-/jest-jasmine2-27.4.5.tgz", - "integrity": "sha512-oUnvwhJDj2LhOiUB1kdnJjkx8C5PwgUZQb9urF77mELH9DGR4e2GqpWQKBOYXWs5+uTN9BGDqRz3Aeg5Wts7aw==", - "dev": true, - "requires": { - "@babel/traverse": "^7.1.0", - "@jest/environment": "^27.4.4", - "@jest/source-map": "^27.4.0", - "@jest/test-result": "^27.4.2", - "@jest/types": "^27.4.2", - "@types/node": "*", - "chalk": "^4.0.0", - "co": "^4.6.0", - "expect": "^27.4.2", - "is-generator-fn": "^2.0.0", - "jest-each": "^27.4.2", - "jest-matcher-utils": "^27.4.2", - "jest-message-util": "^27.4.2", - "jest-runtime": "^27.4.5", - "jest-snapshot": "^27.4.5", - "jest-util": "^27.4.2", - "pretty-format": "^27.4.2", - "throat": "^6.0.1" - } - }, - "jest-leak-detector": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-27.4.2.tgz", - "integrity": "sha512-ml0KvFYZllzPBJWDei3mDzUhyp/M4ubKebX++fPaudpe8OsxUE+m+P6ciVLboQsrzOCWDjE20/eXew9QMx/VGw==", - "dev": true, - "requires": { - "jest-get-type": "^27.4.0", - "pretty-format": "^27.4.2" - } - }, - "jest-matcher-utils": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-27.4.2.tgz", - "integrity": "sha512-jyP28er3RRtMv+fmYC/PKG8wvAmfGcSNproVTW2Y0P/OY7/hWUOmsPfxN1jOhM+0u2xU984u2yEagGivz9OBGQ==", - "dev": true, - "requires": { - "chalk": "^4.0.0", - "jest-diff": "^27.4.2", - "jest-get-type": "^27.4.0", - "pretty-format": "^27.4.2" - } - }, - "jest-message-util": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-27.4.2.tgz", - "integrity": "sha512-OMRqRNd9E0DkBLZpFtZkAGYOXl6ZpoMtQJWTAREJKDOFa0M6ptB7L67tp+cszMBkvSgKOhNtQp2Vbcz3ZZKo/w==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.12.13", - "@jest/types": "^27.4.2", - "@types/stack-utils": "^2.0.0", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.4", - "micromatch": "^4.0.4", - "pretty-format": "^27.4.2", - "slash": "^3.0.0", - "stack-utils": "^2.0.3" - } - }, - "jest-mock": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-27.4.2.tgz", - "integrity": "sha512-PDDPuyhoukk20JrQKeofK12hqtSka7mWH0QQuxSNgrdiPsrnYYLS6wbzu/HDlxZRzji5ylLRULeuI/vmZZDrYA==", - "dev": true, - "requires": { - "@jest/types": "^27.4.2", - "@types/node": "*" - } - }, - "jest-pnp-resolver": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.2.tgz", - "integrity": "sha512-olV41bKSMm8BdnuMsewT4jqlZ8+3TCARAXjZGT9jcoSnrfUnRCqnMoF9XEeoWjbzObpqF9dRhHQj0Xb9QdF6/w==", - "dev": true, - "requires": {} - }, - "jest-regex-util": { - "version": "27.4.0", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-27.4.0.tgz", - "integrity": "sha512-WeCpMpNnqJYMQoOjm1nTtsgbR4XHAk1u00qDoNBQoykM280+/TmgA5Qh5giC1ecy6a5d4hbSsHzpBtu5yvlbEg==", - "dev": true - }, - "jest-resolve": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-27.4.5.tgz", - "integrity": "sha512-xU3z1BuOz/hUhVUL+918KqUgK+skqOuUsAi7A+iwoUldK6/+PW+utK8l8cxIWT9AW7IAhGNXjSAh1UYmjULZZw==", - "dev": true, - "requires": { - "@jest/types": "^27.4.2", - "chalk": "^4.0.0", - "graceful-fs": "^4.2.4", - "jest-haste-map": "^27.4.5", - "jest-pnp-resolver": "^1.2.2", - "jest-util": "^27.4.2", - "jest-validate": "^27.4.2", - "resolve": "^1.20.0", - "resolve.exports": "^1.1.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-27.4.5.tgz", - "integrity": "sha512-elEVvkvRK51y037NshtEkEnukMBWvlPzZHiL847OrIljJ8yIsujD2GXRPqDXC4rEVKbcdsy7W0FxoZb4WmEs7w==", - "dev": true, - "requires": { - "@jest/types": "^27.4.2", - "jest-regex-util": "^27.4.0", - "jest-snapshot": "^27.4.5" - } - }, - "jest-runner": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-27.4.5.tgz", - "integrity": "sha512-/irauncTfmY1WkTaRQGRWcyQLzK1g98GYG/8QvIPviHgO1Fqz1JYeEIsSfF+9mc/UTA6S+IIHFgKyvUrtiBIZg==", - "dev": true, - "requires": { - "@jest/console": "^27.4.2", - "@jest/environment": "^27.4.4", - "@jest/test-result": "^27.4.2", - "@jest/transform": "^27.4.5", - "@jest/types": "^27.4.2", - "@types/node": "*", - "chalk": "^4.0.0", - "emittery": "^0.8.1", - "exit": "^0.1.2", - "graceful-fs": "^4.2.4", - "jest-docblock": "^27.4.0", - "jest-environment-jsdom": "^27.4.4", - "jest-environment-node": "^27.4.4", - "jest-haste-map": "^27.4.5", - "jest-leak-detector": "^27.4.2", - "jest-message-util": "^27.4.2", - "jest-resolve": "^27.4.5", - "jest-runtime": "^27.4.5", - "jest-util": "^27.4.2", - "jest-worker": "^27.4.5", - "source-map-support": "^0.5.6", - "throat": "^6.0.1" - } - }, - "jest-runtime": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-27.4.5.tgz", - "integrity": "sha512-CIYqwuJQXHQtPd/idgrx4zgJ6iCb6uBjQq1RSAGQrw2S8XifDmoM1Ot8NRd80ooAm+ZNdHVwsktIMGlA1F1FAQ==", - "dev": true, - "requires": { - "@jest/console": "^27.4.2", - "@jest/environment": "^27.4.4", - "@jest/globals": "^27.4.4", - "@jest/source-map": "^27.4.0", - "@jest/test-result": "^27.4.2", - "@jest/transform": "^27.4.5", - "@jest/types": "^27.4.2", - "@types/yargs": "^16.0.0", - "chalk": "^4.0.0", - "cjs-module-lexer": "^1.0.0", - "collect-v8-coverage": "^1.0.0", - "execa": "^5.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.4", - "jest-haste-map": "^27.4.5", - "jest-message-util": "^27.4.2", - "jest-mock": "^27.4.2", - "jest-regex-util": "^27.4.0", - "jest-resolve": "^27.4.5", - "jest-snapshot": "^27.4.5", - "jest-util": "^27.4.2", - "jest-validate": "^27.4.2", - "slash": "^3.0.0", - "strip-bom": "^4.0.0", - "yargs": "^16.2.0" - } - }, - "jest-serializer": { - "version": "27.4.0", - "resolved": "https://registry.npmjs.org/jest-serializer/-/jest-serializer-27.4.0.tgz", - "integrity": "sha512-RDhpcn5f1JYTX2pvJAGDcnsNTnsV9bjYPU8xcV+xPwOXnUPOQwf4ZEuiU6G9H1UztH+OapMgu/ckEVwO87PwnQ==", - "dev": true, - "requires": { - "@types/node": "*", - "graceful-fs": "^4.2.4" - } - }, - "jest-snapshot": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-27.4.5.tgz", - "integrity": "sha512-eCi/iM1YJFrJWiT9de4+RpWWWBqsHiYxFG9V9o/n0WXs6GpW4lUt4FAHAgFPTLPqCUVzrMQmSmTZSgQzwqR7IQ==", - "dev": true, - "requires": { - "@babel/core": "^7.7.2", - "@babel/generator": "^7.7.2", - "@babel/parser": "^7.7.2", - "@babel/plugin-syntax-typescript": "^7.7.2", - "@babel/traverse": "^7.7.2", - "@babel/types": "^7.0.0", - "@jest/transform": "^27.4.5", - "@jest/types": "^27.4.2", - "@types/babel__traverse": "^7.0.4", - "@types/prettier": "^2.1.5", - "babel-preset-current-node-syntax": "^1.0.0", - "chalk": "^4.0.0", - "expect": "^27.4.2", - "graceful-fs": "^4.2.4", - "jest-diff": "^27.4.2", - "jest-get-type": "^27.4.0", - "jest-haste-map": "^27.4.5", - "jest-matcher-utils": "^27.4.2", - "jest-message-util": "^27.4.2", - "jest-resolve": "^27.4.5", - "jest-util": "^27.4.2", - "natural-compare": "^1.4.0", - "pretty-format": "^27.4.2", - "semver": "^7.3.2" - }, - "dependencies": { - "semver": { - "version": "7.3.5", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.5.tgz", - "integrity": "sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ==", - "dev": true, - "requires": { - "lru-cache": "^6.0.0" - } - } - } - }, - "jest-util": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-27.4.2.tgz", - "integrity": "sha512-YuxxpXU6nlMan9qyLuxHaMMOzXAl5aGZWCSzben5DhLHemYQxCc4YK+4L3ZrCutT8GPQ+ui9k5D8rUJoDioMnA==", - "dev": true, - "requires": { - "@jest/types": "^27.4.2", - "@types/node": "*", - "chalk": "^4.0.0", - "ci-info": "^3.2.0", - "graceful-fs": "^4.2.4", - "picomatch": "^2.2.3" - } - }, - "jest-validate": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-27.4.2.tgz", - "integrity": "sha512-hWYsSUej+Fs8ZhOm5vhWzwSLmVaPAxRy+Mr+z5MzeaHm9AxUpXdoVMEW4R86y5gOobVfBsMFLk4Rb+QkiEpx1A==", - "dev": true, - "requires": { - "@jest/types": "^27.4.2", - "camelcase": "^6.2.0", - "chalk": "^4.0.0", - "jest-get-type": "^27.4.0", - "leven": "^3.1.0", - "pretty-format": "^27.4.2" - }, - "dependencies": { - "camelcase": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", - "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", - "dev": true - } - } - }, - "jest-watcher": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-27.4.2.tgz", - "integrity": "sha512-NJvMVyyBeXfDezhWzUOCOYZrUmkSCiatpjpm+nFUid74OZEHk6aMLrZAukIiFDwdbqp6mTM6Ui1w4oc+8EobQg==", - "dev": true, - "requires": { - "@jest/test-result": "^27.4.2", - "@jest/types": "^27.4.2", - "@types/node": "*", - "ansi-escapes": "^4.2.1", - "chalk": "^4.0.0", - "jest-util": "^27.4.2", - "string-length": "^4.0.1" - } - }, - "jest-worker": { - "version": "27.4.5", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-27.4.5.tgz", - "integrity": "sha512-f2s8kEdy15cv9r7q4KkzGXvlY0JTcmCbMHZBfSQDwW77REr45IDWwd0lksDFeVHH2jJ5pqb90T77XscrjeGzzg==", - "dev": true, - "requires": { - "@types/node": "*", - "merge-stream": "^2.0.0", - "supports-color": "^8.0.0" - }, - "dependencies": { - "supports-color": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", - "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - } - } - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "jsdom": { - "version": "16.7.0", - "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-16.7.0.tgz", - "integrity": "sha512-u9Smc2G1USStM+s/x1ru5Sxrl6mPYCbByG1U/hUmqaVsm4tbNyS7CicOSRyuGQYZhTu0h84qkZZQ/I+dzizSVw==", - "dev": true, - "requires": { - "abab": "^2.0.5", - "acorn": "^8.2.4", - "acorn-globals": "^6.0.0", - "cssom": "^0.4.4", - "cssstyle": "^2.3.0", - "data-urls": "^2.0.0", - "decimal.js": "^10.2.1", - "domexception": "^2.0.1", - "escodegen": "^2.0.0", - "form-data": "^3.0.0", - "html-encoding-sniffer": "^2.0.1", - "http-proxy-agent": "^4.0.1", - "https-proxy-agent": "^5.0.0", - "is-potential-custom-element-name": "^1.0.1", - "nwsapi": "^2.2.0", - "parse5": "6.0.1", - "saxes": "^5.0.1", - "symbol-tree": "^3.2.4", - "tough-cookie": "^4.0.0", - "w3c-hr-time": "^1.0.2", - "w3c-xmlserializer": "^2.0.0", - "webidl-conversions": "^6.1.0", - "whatwg-encoding": "^1.0.5", - "whatwg-mimetype": "^2.3.0", - "whatwg-url": "^8.5.0", - "ws": "^7.4.6", - "xml-name-validator": "^3.0.0" - } - }, - "jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true - }, - "json5": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.0.tgz", - "integrity": "sha512-f+8cldu7X/y7RAJurMEJmdoKXGB/X550w2Nr3tTbezL6RwEE/iMcm+tZnXeoZtKuOq6ft8+CqzEkrIgx1fPoQA==", - "dev": true, - "requires": { - "minimist": "^1.2.5" - } - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "levn": { - "version": "0.3.0", - "resolved": "https://registry.npmjs.org/levn/-/levn-0.3.0.tgz", - "integrity": "sha1-OwmSTt+fCDwEkP3UwLxEIeBHZO4=", - "dev": true, - "requires": { - "prelude-ls": "~1.1.2", - "type-check": "~0.3.2" - } - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lodash": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==", - "dev": true - }, - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dev": true, - "requires": { - "yallist": "^4.0.0" - } - }, - "make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "requires": { - "semver": "^6.0.0" - } - }, - "makeerror": { - "version": "1.0.12", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", - "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", - "dev": true, - "requires": { - "tmpl": "1.0.5" - } - }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.4", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.4.tgz", - "integrity": "sha512-pRmzw/XUcwXGpD9aI9q/0XOwLNygjETJ8y0ao0wdqprrzDa4YnxLcz7fQRZr8voh8V10kGhABbNcHVk5wHgWwg==", - "dev": true, - "requires": { - "braces": "^3.0.1", - "picomatch": "^2.2.3" - } - }, - "mime-db": { - "version": "1.51.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.51.0.tgz", - "integrity": "sha512-5y8A56jg7XVQx2mbv1lu49NR4dokRnhZYTtL+KGfaa27uq4pSTXkwQkFJl4pkRMyNFz/EtYDSkiiEHx3F7UN6g==", - "dev": true - }, - "mime-types": { - "version": "2.1.34", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.34.tgz", - "integrity": "sha512-6cP692WwGIs9XXdOO4++N+7qjqv0rqxxVvJ3VHPh/Sc9mVZcQP+ZGhkKiTvWMQRr2tbHkJP/Yn7Y0npb3ZBs4A==", - "dev": true, - "requires": { - "mime-db": "1.51.0" - } - }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "minimatch": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", - "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", - "dev": true, - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "minimist": { - "version": "1.2.6", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", - "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==", - "dev": true - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=", - "dev": true - }, - "node-fetch": { - "version": "2.6.7", - "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.7.tgz", - "integrity": "sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==", - "requires": { - "whatwg-url": "^5.0.0" - }, - "dependencies": { - "tr46": { - "version": "0.0.3", - "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", - "integrity": "sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o=" - }, - "webidl-conversions": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", - "integrity": "sha1-JFNCdeKnvGvnvIZhHMFq4KVlSHE=" - }, - "whatwg-url": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", - "integrity": "sha1-lmRU6HZUYuN2RNNib2dCzotwll0=", - "requires": { - "tr46": "~0.0.3", - "webidl-conversions": "^3.0.0" - } - } - } - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha1-h6kGXNs1XTGC2PlM4RGIuCXGijs=", - "dev": true - }, - "node-releases": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.1.tgz", - "integrity": "sha512-CqyzN6z7Q6aMeF/ktcMVTzhAHCEpf8SOarwpzpf8pNBY2k5/oM34UHldUwp8VKI7uxct2HxSRdJjBaZeESzcxA==", - "dev": true - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "requires": { - "path-key": "^3.0.0" - } - }, - "nwsapi": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/nwsapi/-/nwsapi-2.2.0.tgz", - "integrity": "sha512-h2AatdwYH+JHiZpv7pt/gSX1XoRGb7L/qSIeuqA6GwYoF9w1vP1cw42TO0aI2pNyshRK5893hNSl+1//vHK7hQ==", - "dev": true - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", - "dev": true, - "requires": { - "wrappy": "1" - } - }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "requires": { - "mimic-fn": "^2.1.0" - } - }, - "optionator": { - "version": "0.8.3", - "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.8.3.tgz", - "integrity": "sha512-+IW9pACdk3XWmmTXG8m3upGUJst5XRGzxMRjXzAuJ1XnIFNvfhjjIuYkDvysnPQ7qzqVzLt78BCruntqRhWQbA==", - "dev": true, - "requires": { - "deep-is": "~0.1.3", - "fast-levenshtein": "~2.0.6", - "levn": "~0.3.0", - "prelude-ls": "~1.1.2", - "type-check": "~0.3.2", - "word-wrap": "~1.2.3" - } - }, - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - } - }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true - }, - "parse5": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/parse5/-/parse5-6.0.1.tgz", - "integrity": "sha512-Ofn/CTFzRGTTxwpNEs9PP93gXShHcTq255nzRYSKe8AkVpZY7e1fpmTfOyoIvjP5HG7Z2ZM7VS9PPhQGW2pOpw==", - "dev": true - }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true - }, - "path-parse": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", - "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", - "dev": true - }, - "picocolors": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", - "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", - "dev": true - }, - "picomatch": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", - "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", - "dev": true - }, - "pirates": { - "version": "4.0.4", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.4.tgz", - "integrity": "sha512-ZIrVPH+A52Dw84R0L3/VS9Op04PuQ2SEoJL6bkshmiTic/HldyW9Tf7oH5mhJZBK7NmDx27vSMrYEXPXclpDKw==", - "dev": true - }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - } - }, - "prelude-ls": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.1.2.tgz", - "integrity": "sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ=", - "dev": true - }, - "pretty-format": { - "version": "27.4.2", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-27.4.2.tgz", - "integrity": "sha512-p0wNtJ9oLuvgOQDEIZ9zQjZffK7KtyR6Si0jnXULIDwrlNF8Cuir3AZP0hHv0jmKuNN/edOnbMjnzd4uTcmWiw==", - "dev": true, - "requires": { - "@jest/types": "^27.4.2", - "ansi-regex": "^5.0.1", - "ansi-styles": "^5.0.0", - "react-is": "^17.0.1" - }, - "dependencies": { - "ansi-styles": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", - "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", - "dev": true - } - } - }, - "prompts": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", - "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.5" - } - }, - "psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==", - "dev": true - }, - "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", - "dev": true - }, - "react-is": { - "version": "17.0.2", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-17.0.2.tgz", - "integrity": "sha512-w2GsyukL62IJnlaff/nRegPQR94C/XXamvMWmSHRJ4y7Ts/4ocGRmTHvOs8PSE6pB3dWOrD/nueuU5sduBsQ4w==", - "dev": true - }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha1-jGStX9MNqxyXbiNE/+f3kqam30I=", - "dev": true - }, - "resolve": { - "version": "1.21.0", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.21.0.tgz", - "integrity": "sha512-3wCbTpk5WJlyE4mSOtDLhqQmGFi0/TD9VPwmiolnk8U0wRgMEktqCXd3vy5buTO3tljvalNvKrjHEfrd2WpEKA==", - "dev": true, - "requires": { - "is-core-module": "^2.8.0", - "path-parse": "^1.0.7", - "supports-preserve-symlinks-flag": "^1.0.0" - } - }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - } - }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - }, - "resolve.exports": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-1.1.0.tgz", - "integrity": "sha512-J1l+Zxxp4XK3LUDZ9m60LRJF/mAe4z6a4xyabPHk7pvK5t35dACV32iIjJDFeWZFfZlO29w6SZ67knR0tHzJtQ==", - "dev": true - }, - "rimraf": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", - "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", - "dev": true, - "requires": { - "glob": "^7.1.3" - } - }, - "safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==", - "dev": true - }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", - "dev": true - }, - "saxes": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/saxes/-/saxes-5.0.1.tgz", - "integrity": "sha512-5LBh1Tls8c9xgGjw3QrMwETmTMVk0oFgvrFSvWx62llR2hcEInrKNZ2GZCCuuy2lvWrdl5jhbpeqc5hRYKFOcw==", - "dev": true, - "requires": { - "xmlchars": "^2.2.0" - } - }, + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.1.0.tgz", + "integrity": "sha512-czwUz525rkOFDJxfKK6mYfIs9zBKILyrZQxjz3ABhjQXhbhFsSbo1HW/BFcsDnfJYJWA6thRR5/TUY2qs5W99Q==", + "dev": true, + "requires": { + "@babel/core": "^7.12.3", + "@babel/parser": "^7.14.7", + "@istanbuljs/schema": "^0.1.2", + "istanbul-lib-coverage": "^3.2.0", + "semver": "^6.3.0" + } + } + } + }, + "babel-plugin-jest-hoist": { + "version": "27.4.0", + "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-27.4.0.tgz", + "integrity": "sha512-Jcu7qS4OX5kTWBc45Hz7BMmgXuJqRnhatqpUhnzGC3OBYpOmf2tv6jFNwZpwM7wU7MUuv2r9IPS/ZlYOuburVw==", + "dev": true, + "requires": { + "@babel/template": "^7.3.3", + "@babel/types": "^7.3.3", + "@types/babel__core": "^7.0.0", + "@types/babel__traverse": "^7.0.6" + } + }, + "babel-preset-current-node-syntax": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", + "integrity": "sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==", + "dev": true, + "requires": { + "@babel/plugin-syntax-async-generators": "^7.8.4", + "@babel/plugin-syntax-bigint": "^7.8.3", + "@babel/plugin-syntax-class-properties": "^7.8.3", + "@babel/plugin-syntax-import-meta": "^7.8.3", + "@babel/plugin-syntax-json-strings": "^7.8.3", + "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", + "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", + "@babel/plugin-syntax-numeric-separator": "^7.8.3", + "@babel/plugin-syntax-object-rest-spread": "^7.8.3", + "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", + "@babel/plugin-syntax-optional-chaining": "^7.8.3", + "@babel/plugin-syntax-top-level-await": "^7.8.3" + } + }, + "babel-preset-jest": { + "version": "27.4.0", + "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-27.4.0.tgz", + "integrity": "sha512-NK4jGYpnBvNxcGo7/ZpZJr51jCGT+3bwwpVIDY2oNfTxJJldRtB4VAcYdgp1loDE50ODuTu+yBjpMAswv5tlpg==", + "dev": true, + "requires": { + "babel-plugin-jest-hoist": "^27.4.0", + "babel-preset-current-node-syntax": "^1.0.0" + } + }, + "balanced-match": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", + "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", + "dev": true + }, + "brace-expansion": { + "version": "1.1.11", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "dev": true, + "requires": { + "balanced-match": "^1.0.0", + "concat-map": "0.0.1" + } + }, + "braces": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", + "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "dev": true, + "requires": { + "fill-range": "^7.0.1" + } + }, + "browser-process-hrtime": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/browser-process-hrtime/-/browser-process-hrtime-1.0.0.tgz", + "integrity": "sha512-9o5UecI3GhkpM6DrXr69PblIuWxPKk9Y0jHBRhdocZ2y7YECBFCsHm79Pr3OyR2AvjhDkabFJaDJMYRazHgsow==", + "dev": true + }, + "browserslist": { + "version": "4.19.1", + "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.19.1.tgz", + "integrity": "sha512-u2tbbG5PdKRTUoctO3NBD8FQ5HdPh1ZXPHzp1rwaa5jTc+RV9/+RlWiAIKmjRPQF+xbGM9Kklj5bZQFa2s/38A==", + "dev": true, + "requires": { + "caniuse-lite": "^1.0.30001286", + "electron-to-chromium": "^1.4.17", + "escalade": "^3.1.1", + "node-releases": "^2.0.1", + "picocolors": "^1.0.0" + } + }, + "bser": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", + "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", + "dev": true, + "requires": { + "node-int64": "^0.4.0" + } + }, + "buffer-from": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", + "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", + "dev": true + }, + "callsites": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", + "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", + "dev": true + }, + "camelcase": { + "version": "5.3.1", + "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", + "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", + "dev": true + }, + "caniuse-lite": { + "version": "1.0.30001296", + "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001296.tgz", + "integrity": "sha512-WfrtPEoNSoeATDlf4y3QvkwiELl9GyPLISV5GejTbbQRtQx4LhsXmc9IQ6XCL2d7UxCyEzToEZNMeqR79OUw8Q==", + "dev": true + }, + "chalk": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", + "dev": true, + "requires": { + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" + } + }, + "char-regex": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", + "integrity": "sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw==", + "dev": true + }, + "ci-info": { + "version": "3.3.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.3.0.tgz", + "integrity": "sha512-riT/3vI5YpVH6/qomlDnJow6TBee2PBKSEpx3O32EGPYbWGIRsIlGRms3Sm74wYE1JMo8RnO04Hb12+v1J5ICw==", + "dev": true + }, + "cjs-module-lexer": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.2.tgz", + "integrity": "sha512-cOU9usZw8/dXIXKtwa8pM0OTJQuJkxMN6w30csNRUerHfeQ5R6U3kkU/FtJeIf3M202OHfY2U8ccInBG7/xogA==", + "dev": true + }, + "cliui": { + "version": "7.0.4", + "resolved": "https://registry.npmjs.org/cliui/-/cliui-7.0.4.tgz", + "integrity": "sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ==", + "dev": true, + "requires": { + "string-width": "^4.2.0", + "strip-ansi": "^6.0.0", + "wrap-ansi": "^7.0.0" + } + }, + "co": { + "version": "4.6.0", + "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", + "integrity": "sha1-bqa989hTrlTMuOR7+gvz+QMfsYQ=", + "dev": true + }, + "collect-v8-coverage": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.1.tgz", + "integrity": "sha512-iBPtljfCNcTKNAto0KEtDfZ3qzjJvqE3aTGZsbhjSBlorqpXJlaWWtPO35D+ZImoC3KWejX64o+yPGxhWSTzfg==", + "dev": true + }, + "color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "dev": true, + "requires": { + "color-name": "~1.1.4" + } + }, + "color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true + }, + "combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "dev": true, + "requires": { + "delayed-stream": "~1.0.0" + } + }, + "concat-map": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", + "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", + "dev": true + }, + "convert-source-map": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.8.0.tgz", + "integrity": "sha512-+OQdjP49zViI/6i7nIJpA8rAl4sV/JdPfU9nZs3VqOwGIgizICvuN2ru6fMd+4llL0tar18UYJXfZ/TWtmhUjA==", + "dev": true, + "requires": { + "safe-buffer": "~5.1.1" + } + }, + "cross-spawn": { + "version": "7.0.3", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", + "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "dev": true, + "requires": { + "path-key": "^3.1.0", + "shebang-command": "^2.0.0", + "which": "^2.0.1" + } + }, + "cssom": { + "version": "0.4.4", + "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.4.4.tgz", + "integrity": "sha512-p3pvU7r1MyyqbTk+WbNJIgJjG2VmTIaB10rI93LzVPrmDJKkzKYMtxxyAvQXR/NS6otuzveI7+7BBq3SjBS2mw==", + "dev": true + }, + "cssstyle": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/cssstyle/-/cssstyle-2.3.0.tgz", + "integrity": "sha512-AZL67abkUzIuvcHqk7c09cezpGNcxUxU4Ioi/05xHk4DQeTkWmGYftIE6ctU6AEt+Gn4n1lDStOtj7FKycP71A==", + "dev": true, + "requires": { + "cssom": "~0.3.6" + }, + "dependencies": { + "cssom": { + "version": "0.3.8", + "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.3.8.tgz", + "integrity": "sha512-b0tGHbfegbhPJpxpiBPU2sCkigAqtM9O121le6bbOlgyV+NyGyCmVfJ6QW9eRjz8CpNfWEOYBIMIGRYkLwsIYg==", + "dev": true + } + } + }, + "data-urls": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/data-urls/-/data-urls-2.0.0.tgz", + "integrity": "sha512-X5eWTSXO/BJmpdIKCRuKUgSCgAN0OwliVK3yPKbwIWU1Tdw5BRajxlzMidvh+gwko9AfQ9zIj52pzF91Q3YAvQ==", + "dev": true, + "requires": { + "abab": "^2.0.3", + "whatwg-mimetype": "^2.3.0", + "whatwg-url": "^8.0.0" + } + }, + "debug": { + "version": "4.3.3", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.3.tgz", + "integrity": "sha512-/zxw5+vh1Tfv+4Qn7a5nsbcJKPaSvCDhojn6FEl9vupwK2VCSDtEiEtqr8DFtzYFOdz63LBkxec7DYuc2jon6Q==", + "dev": true, + "requires": { + "ms": "2.1.2" + } + }, + "decimal.js": { + "version": "10.3.1", + "resolved": "https://registry.npmjs.org/decimal.js/-/decimal.js-10.3.1.tgz", + "integrity": "sha512-V0pfhfr8suzyPGOx3nmq4aHqabehUZn6Ch9kyFpV79TGDTWFmHqUqXdabR7QHqxzrYolF4+tVmJhUG4OURg5dQ==", + "dev": true + }, + "dedent": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", + "integrity": "sha1-JJXduvbrh0q7Dhvp3yLS5aVEMmw=", + "dev": true + }, + "deep-is": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz", + "integrity": "sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==", + "dev": true + }, + "deepmerge": { + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.2.2.tgz", + "integrity": "sha512-FJ3UgI4gIl+PHZm53knsuSFpE+nESMr7M4v9QcgB7S63Kj/6WqMiFQJpBBYz1Pt+66bZpP3Q7Lye0Oo9MPKEdg==", + "dev": true + }, + "delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", + "dev": true + }, + "detect-newline": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", + "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", + "dev": true + }, + "diff-sequences": { + "version": "27.4.0", + "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-27.4.0.tgz", + "integrity": "sha512-YqiQzkrsmHMH5uuh8OdQFU9/ZpADnwzml8z0O5HvRNda+5UZsaX/xN+AAxfR2hWq1Y7HZnAzO9J5lJXOuDz2Ww==", + "dev": true + }, + "domexception": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/domexception/-/domexception-2.0.1.tgz", + "integrity": "sha512-yxJ2mFy/sibVQlu5qHjOkf9J3K6zgmCxgJ94u2EdvDOV09H+32LtRswEcUsmUWN72pVLOEnTSRaIVVzVQgS0dg==", + "dev": true, + "requires": { + "webidl-conversions": "^5.0.0" + }, + "dependencies": { + "webidl-conversions": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-5.0.0.tgz", + "integrity": "sha512-VlZwKPCkYKxQgeSbH5EyngOmRp7Ww7I9rQLERETtf5ofd9pGeswWiOtogpEO850jziPRarreGxn5QIiTqpb2wA==", + "dev": true + } + } + }, + "electron-to-chromium": { + "version": "1.4.33", + "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.33.tgz", + "integrity": "sha512-OVK1Ad3pHnmuXPhEfq85X8vUKr1UPNHryBnbKnyLcAfh8dPwoFjoDhDlP5KpPJIiymvSucZs48UBrE1250IxOw==", + "dev": true + }, + "emittery": { + "version": "0.8.1", + "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.8.1.tgz", + "integrity": "sha512-uDfvUjVrfGJJhymx/kz6prltenw1u7WrCg1oa94zYY8xxVpLLUu045LAT0dhDZdXG58/EpPL/5kA180fQ/qudg==", + "dev": true + }, + "emoji-regex": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", + "dev": true + }, + "escalade": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", + "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==", + "dev": true + }, + "escape-string-regexp": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", + "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", + "dev": true + }, + "escodegen": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/escodegen/-/escodegen-2.0.0.tgz", + "integrity": "sha512-mmHKys/C8BFUGI+MAWNcSYoORYLMdPzjrknd2Vc+bUsjN5bXcr8EhrNB+UTqfL1y3I9c4fw2ihgtMPQLBRiQxw==", + "dev": true, + "requires": { + "esprima": "^4.0.1", + "estraverse": "^5.2.0", + "esutils": "^2.0.2", + "optionator": "^0.8.1", + "source-map": "~0.6.1" + } + }, + "esprima": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", + "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", + "dev": true + }, + "estraverse": { + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz", + "integrity": "sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==", + "dev": true + }, + "esutils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", + "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", + "dev": true + }, + "execa": { + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", + "integrity": "sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==", + "dev": true, + "requires": { + "cross-spawn": "^7.0.3", + "get-stream": "^6.0.0", + "human-signals": "^2.1.0", + "is-stream": "^2.0.0", + "merge-stream": "^2.0.0", + "npm-run-path": "^4.0.1", + "onetime": "^5.1.2", + "signal-exit": "^3.0.3", + "strip-final-newline": "^2.0.0" + } + }, + "exit": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", + "integrity": "sha1-BjJjj42HfMghB9MKD/8aF8uhzQw=", + "dev": true + }, + "expect": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/expect/-/expect-27.4.2.tgz", + "integrity": "sha512-BjAXIDC6ZOW+WBFNg96J22D27Nq5ohn+oGcuP2rtOtcjuxNoV9McpQ60PcQWhdFOSBIQdR72e+4HdnbZTFSTyg==", + "dev": true, + "requires": { + "@jest/types": "^27.4.2", + "ansi-styles": "^5.0.0", + "jest-get-type": "^27.4.0", + "jest-matcher-utils": "^27.4.2", + "jest-message-util": "^27.4.2", + "jest-regex-util": "^27.4.0" + }, + "dependencies": { + "ansi-styles": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", + "dev": true + } + } + }, + "fast-json-stable-stringify": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", + "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", + "dev": true + }, + "fast-levenshtein": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", + "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=", + "dev": true + }, + "fb-watchman": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.1.tgz", + "integrity": "sha512-DkPJKQeY6kKwmuMretBhr7G6Vodr7bFwDYTXIkfG1gjvNpaxBTQV3PbXg6bR1c1UP4jPOX0jHUbbHANL9vRjVg==", + "dev": true, + "requires": { + "bser": "2.1.1" + } + }, + "fill-range": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", + "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", + "dev": true, + "requires": { + "to-regex-range": "^5.0.1" + } + }, + "find-up": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", + "dev": true, + "requires": { + "locate-path": "^5.0.0", + "path-exists": "^4.0.0" + } + }, + "form-data": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-3.0.1.tgz", + "integrity": "sha512-RHkBKtLWUVwd7SqRIvCZMEvAMoGUp0XU+seQiZejj0COz3RI3hWP4sCv3gZWWLjJTd7rGwcsF5eKZGii0r/hbg==", + "dev": true, + "requires": { + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "mime-types": "^2.1.12" + } + }, + "fs.realpath": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", + "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", + "dev": true + }, + "fsevents": { + "version": "2.3.2", + "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", + "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", + "dev": true, + "optional": true + }, + "function-bind": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", + "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", + "dev": true + }, + "gensync": { + "version": "1.0.0-beta.2", + "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", + "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", + "dev": true + }, + "get-caller-file": { + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", + "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", + "dev": true + }, + "get-package-type": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", + "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", + "dev": true + }, + "get-stream": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", + "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", + "dev": true + }, + "glob": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.0.tgz", + "integrity": "sha512-lmLf6gtyrPq8tTjSmrO94wBeQbFR3HbLHbuyD69wuyQkImp2hWqMGB47OX65FBkPffO641IP9jWa1z4ivqG26Q==", + "dev": true, + "requires": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^3.0.4", + "once": "^1.3.0", + "path-is-absolute": "^1.0.0" + } + }, + "globals": { + "version": "11.12.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", + "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", + "dev": true + }, + "graceful-fs": { + "version": "4.2.8", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.8.tgz", + "integrity": "sha512-qkIilPUYcNhJpd33n0GBXTB1MMPp14TxEsEs0pTrsSVucApsYzW5V+Q8Qxhik6KU3evy+qkAAowTByymK0avdg==", + "dev": true + }, + "has": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", + "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", + "dev": true, + "requires": { + "function-bind": "^1.1.1" + } + }, + "has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", + "dev": true + }, + "html-encoding-sniffer": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/html-encoding-sniffer/-/html-encoding-sniffer-2.0.1.tgz", + "integrity": "sha512-D5JbOMBIR/TVZkubHT+OyT2705QvogUW4IBn6nHd756OwieSF9aDYFj4dv6HHEVGYbHaLETa3WggZYWWMyy3ZQ==", + "dev": true, + "requires": { + "whatwg-encoding": "^1.0.5" + } + }, + "html-escaper": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", + "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", + "dev": true + }, + "http-proxy-agent": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-4.0.1.tgz", + "integrity": "sha512-k0zdNgqWTGA6aeIRVpvfVob4fL52dTfaehylg0Y4UvSySvOq/Y+BOyPrgpUrA7HylqvU8vIZGsRuXmspskV0Tg==", + "dev": true, + "requires": { + "@tootallnate/once": "1", + "agent-base": "6", + "debug": "4" + } + }, + "https-proxy-agent": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.0.tgz", + "integrity": "sha512-EkYm5BcKUGiduxzSt3Eppko+PiNWNEpa4ySk9vTC6wDsQJW9rHSa+UhGNJoRYp7bz6Ht1eaRIa6QaJqO5rCFbA==", + "dev": true, + "requires": { + "agent-base": "6", + "debug": "4" + } + }, + "human-signals": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", + "integrity": "sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==", + "dev": true + }, + "iconv-lite": { + "version": "0.4.24", + "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", + "integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==", + "dev": true, + "requires": { + "safer-buffer": ">= 2.1.2 < 3" + } + }, + "import-local": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.0.3.tgz", + "integrity": "sha512-bE9iaUY3CXH8Cwfan/abDKAxe1KGT9kyGsBPqf6DMK/z0a2OzAsrukeYNgIH6cH5Xr452jb1TUL8rSfCLjZ9uA==", + "dev": true, + "requires": { + "pkg-dir": "^4.2.0", + "resolve-cwd": "^3.0.0" + } + }, + "imurmurhash": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", + "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=", + "dev": true + }, + "inflight": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", + "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", + "dev": true, + "requires": { + "once": "^1.3.0", + "wrappy": "1" + } + }, + "inherits": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", + "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", + "dev": true + }, + "is-core-module": { + "version": "2.8.0", + "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.8.0.tgz", + "integrity": "sha512-vd15qHsaqrRL7dtH6QNuy0ndJmRDrS9HAM1CAiSifNUFv4x1a0CCVsj18hJ1mShxIG6T2i1sO78MkP56r0nYRw==", + "dev": true, + "requires": { + "has": "^1.0.3" + } + }, + "is-fullwidth-code-point": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", + "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", + "dev": true + }, + "is-generator-fn": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", + "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", + "dev": true + }, + "is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", + "dev": true + }, + "is-potential-custom-element-name": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-potential-custom-element-name/-/is-potential-custom-element-name-1.0.1.tgz", + "integrity": "sha512-bCYeRA2rVibKZd+s2625gGnGF/t7DSqDs4dP7CrLA1m7jKWz6pps0LpYLJN8Q64HtmPKJ1hrN3nzPNKFEKOUiQ==", + "dev": true + }, + "is-stream": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", + "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", + "dev": true + }, + "is-typedarray": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", + "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=", + "dev": true + }, + "isexe": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", + "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=", + "dev": true + }, + "istanbul-lib-coverage": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz", + "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==", + "dev": true + }, + "istanbul-lib-instrument": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-4.0.3.tgz", + "integrity": "sha512-BXgQl9kf4WTCPCCpmFGoJkz/+uhvm7h7PFKUYxh7qarQd3ER33vHG//qaE8eN25l07YqZPpHXU9I09l/RD5aGQ==", + "dev": true, + "requires": { + "@babel/core": "^7.7.5", + "@istanbuljs/schema": "^0.1.2", + "istanbul-lib-coverage": "^3.0.0", + "semver": "^6.3.0" + } + }, + "istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", + "dev": true, + "requires": { + "istanbul-lib-coverage": "^3.0.0", + "make-dir": "^3.0.0", + "supports-color": "^7.1.0" + } + }, + "istanbul-lib-source-maps": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", + "integrity": "sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==", + "dev": true, + "requires": { + "debug": "^4.1.1", + "istanbul-lib-coverage": "^3.0.0", + "source-map": "^0.6.1" + } + }, + "istanbul-reports": { + "version": "3.1.3", + "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.3.tgz", + "integrity": "sha512-x9LtDVtfm/t1GFiLl3NffC7hz+I1ragvgX1P/Lg1NlIagifZDKUkuuaAxH/qpwj2IuEfD8G2Bs/UKp+sZ/pKkg==", + "dev": true, + "requires": { + "html-escaper": "^2.0.0", + "istanbul-lib-report": "^3.0.0" + } + }, + "jest": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest/-/jest-27.4.5.tgz", + "integrity": "sha512-uT5MiVN3Jppt314kidCk47MYIRilJjA/l2mxwiuzzxGUeJIvA8/pDaJOAX5KWvjAo7SCydcW0/4WEtgbLMiJkg==", + "dev": true, + "requires": { + "@jest/core": "^27.4.5", + "import-local": "^3.0.2", + "jest-cli": "^27.4.5" + } + }, + "jest-changed-files": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-27.4.2.tgz", + "integrity": "sha512-/9x8MjekuzUQoPjDHbBiXbNEBauhrPU2ct7m8TfCg69ywt1y/N+yYwGh3gCpnqUS3klYWDU/lSNgv+JhoD2k1A==", + "dev": true, + "requires": { + "@jest/types": "^27.4.2", + "execa": "^5.0.0", + "throat": "^6.0.1" + } + }, + "jest-circus": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-circus/-/jest-circus-27.4.5.tgz", + "integrity": "sha512-eTNWa9wsvBwPykhMMShheafbwyakcdHZaEYh5iRrQ0PFJxkDP/e3U/FvzGuKWu2WpwUA3C3hPlfpuzvOdTVqnw==", + "dev": true, + "requires": { + "@jest/environment": "^27.4.4", + "@jest/test-result": "^27.4.2", + "@jest/types": "^27.4.2", + "@types/node": "*", + "chalk": "^4.0.0", + "co": "^4.6.0", + "dedent": "^0.7.0", + "expect": "^27.4.2", + "is-generator-fn": "^2.0.0", + "jest-each": "^27.4.2", + "jest-matcher-utils": "^27.4.2", + "jest-message-util": "^27.4.2", + "jest-runtime": "^27.4.5", + "jest-snapshot": "^27.4.5", + "jest-util": "^27.4.2", + "pretty-format": "^27.4.2", + "slash": "^3.0.0", + "stack-utils": "^2.0.3", + "throat": "^6.0.1" + } + }, + "jest-cli": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-27.4.5.tgz", + "integrity": "sha512-hrky3DSgE0u7sQxaCL7bdebEPHx5QzYmrGuUjaPLmPE8jx5adtvGuOlRspvMoVLTTDOHRnZDoRLYJuA+VCI7Hg==", + "dev": true, + "requires": { + "@jest/core": "^27.4.5", + "@jest/test-result": "^27.4.2", + "@jest/types": "^27.4.2", + "chalk": "^4.0.0", + "exit": "^0.1.2", + "graceful-fs": "^4.2.4", + "import-local": "^3.0.2", + "jest-config": "^27.4.5", + "jest-util": "^27.4.2", + "jest-validate": "^27.4.2", + "prompts": "^2.0.1", + "yargs": "^16.2.0" + } + }, + "jest-config": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-27.4.5.tgz", + "integrity": "sha512-t+STVJtPt+fpqQ8GBw850NtSQbnDOw/UzdPfzDaHQ48/AylQlW7LHj3dH+ndxhC1UxJ0Q3qkq7IH+nM1skwTwA==", + "dev": true, + "requires": { + "@babel/core": "^7.1.0", + "@jest/test-sequencer": "^27.4.5", + "@jest/types": "^27.4.2", + "babel-jest": "^27.4.5", + "chalk": "^4.0.0", + "ci-info": "^3.2.0", + "deepmerge": "^4.2.2", + "glob": "^7.1.1", + "graceful-fs": "^4.2.4", + "jest-circus": "^27.4.5", + "jest-environment-jsdom": "^27.4.4", + "jest-environment-node": "^27.4.4", + "jest-get-type": "^27.4.0", + "jest-jasmine2": "^27.4.5", + "jest-regex-util": "^27.4.0", + "jest-resolve": "^27.4.5", + "jest-runner": "^27.4.5", + "jest-util": "^27.4.2", + "jest-validate": "^27.4.2", + "micromatch": "^4.0.4", + "pretty-format": "^27.4.2", + "slash": "^3.0.0" + } + }, + "jest-diff": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-27.4.2.tgz", + "integrity": "sha512-ujc9ToyUZDh9KcqvQDkk/gkbf6zSaeEg9AiBxtttXW59H/AcqEYp1ciXAtJp+jXWva5nAf/ePtSsgWwE5mqp4Q==", + "dev": true, + "requires": { + "chalk": "^4.0.0", + "diff-sequences": "^27.4.0", + "jest-get-type": "^27.4.0", + "pretty-format": "^27.4.2" + } + }, + "jest-docblock": { + "version": "27.4.0", + "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-27.4.0.tgz", + "integrity": "sha512-7TBazUdCKGV7svZ+gh7C8esAnweJoG+SvcF6Cjqj4l17zA2q1cMwx2JObSioubk317H+cjcHgP+7fTs60paulg==", + "dev": true, + "requires": { + "detect-newline": "^3.0.0" + } + }, + "jest-each": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-27.4.2.tgz", + "integrity": "sha512-53V2MNyW28CTruB3lXaHNk6PkiIFuzdOC9gR3C6j8YE/ACfrPnz+slB0s17AgU1TtxNzLuHyvNlLJ+8QYw9nBg==", + "dev": true, + "requires": { + "@jest/types": "^27.4.2", + "chalk": "^4.0.0", + "jest-get-type": "^27.4.0", + "jest-util": "^27.4.2", + "pretty-format": "^27.4.2" + } + }, + "jest-environment-jsdom": { + "version": "27.4.4", + "resolved": "https://registry.npmjs.org/jest-environment-jsdom/-/jest-environment-jsdom-27.4.4.tgz", + "integrity": "sha512-cYR3ndNfHBqQgFvS1RL7dNqSvD//K56j/q1s2ygNHcfTCAp12zfIromO1w3COmXrxS8hWAh7+CmZmGCIoqGcGA==", + "dev": true, + "requires": { + "@jest/environment": "^27.4.4", + "@jest/fake-timers": "^27.4.2", + "@jest/types": "^27.4.2", + "@types/node": "*", + "jest-mock": "^27.4.2", + "jest-util": "^27.4.2", + "jsdom": "^16.6.0" + } + }, + "jest-environment-node": { + "version": "27.4.4", + "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-27.4.4.tgz", + "integrity": "sha512-D+v3lbJ2GjQTQR23TK0kY3vFVmSeea05giInI41HHOaJnAwOnmUHTZgUaZL+VxUB43pIzoa7PMwWtCVlIUoVoA==", + "dev": true, + "requires": { + "@jest/environment": "^27.4.4", + "@jest/fake-timers": "^27.4.2", + "@jest/types": "^27.4.2", + "@types/node": "*", + "jest-mock": "^27.4.2", + "jest-util": "^27.4.2" + } + }, + "jest-get-type": { + "version": "27.4.0", + "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-27.4.0.tgz", + "integrity": "sha512-tk9o+ld5TWq41DkK14L4wox4s2D9MtTpKaAVzXfr5CUKm5ZK2ExcaFE0qls2W71zE/6R2TxxrK9w2r6svAFDBQ==", + "dev": true + }, + "jest-haste-map": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-27.4.5.tgz", + "integrity": "sha512-oJm1b5qhhPs78K24EDGifWS0dELYxnoBiDhatT/FThgB9yxqUm5F6li3Pv+Q+apMBmmPNzOBnZ7ZxWMB1Leq1Q==", + "dev": true, + "requires": { + "@jest/types": "^27.4.2", + "@types/graceful-fs": "^4.1.2", + "@types/node": "*", + "anymatch": "^3.0.3", + "fb-watchman": "^2.0.0", + "fsevents": "^2.3.2", + "graceful-fs": "^4.2.4", + "jest-regex-util": "^27.4.0", + "jest-serializer": "^27.4.0", + "jest-util": "^27.4.2", + "jest-worker": "^27.4.5", + "micromatch": "^4.0.4", + "walker": "^1.0.7" + } + }, + "jest-jasmine2": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-jasmine2/-/jest-jasmine2-27.4.5.tgz", + "integrity": "sha512-oUnvwhJDj2LhOiUB1kdnJjkx8C5PwgUZQb9urF77mELH9DGR4e2GqpWQKBOYXWs5+uTN9BGDqRz3Aeg5Wts7aw==", + "dev": true, + "requires": { + "@babel/traverse": "^7.1.0", + "@jest/environment": "^27.4.4", + "@jest/source-map": "^27.4.0", + "@jest/test-result": "^27.4.2", + "@jest/types": "^27.4.2", + "@types/node": "*", + "chalk": "^4.0.0", + "co": "^4.6.0", + "expect": "^27.4.2", + "is-generator-fn": "^2.0.0", + "jest-each": "^27.4.2", + "jest-matcher-utils": "^27.4.2", + "jest-message-util": "^27.4.2", + "jest-runtime": "^27.4.5", + "jest-snapshot": "^27.4.5", + "jest-util": "^27.4.2", + "pretty-format": "^27.4.2", + "throat": "^6.0.1" + } + }, + "jest-leak-detector": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-27.4.2.tgz", + "integrity": "sha512-ml0KvFYZllzPBJWDei3mDzUhyp/M4ubKebX++fPaudpe8OsxUE+m+P6ciVLboQsrzOCWDjE20/eXew9QMx/VGw==", + "dev": true, + "requires": { + "jest-get-type": "^27.4.0", + "pretty-format": "^27.4.2" + } + }, + "jest-matcher-utils": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-27.4.2.tgz", + "integrity": "sha512-jyP28er3RRtMv+fmYC/PKG8wvAmfGcSNproVTW2Y0P/OY7/hWUOmsPfxN1jOhM+0u2xU984u2yEagGivz9OBGQ==", + "dev": true, + "requires": { + "chalk": "^4.0.0", + "jest-diff": "^27.4.2", + "jest-get-type": "^27.4.0", + "pretty-format": "^27.4.2" + } + }, + "jest-message-util": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-27.4.2.tgz", + "integrity": "sha512-OMRqRNd9E0DkBLZpFtZkAGYOXl6ZpoMtQJWTAREJKDOFa0M6ptB7L67tp+cszMBkvSgKOhNtQp2Vbcz3ZZKo/w==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.12.13", + "@jest/types": "^27.4.2", + "@types/stack-utils": "^2.0.0", + "chalk": "^4.0.0", + "graceful-fs": "^4.2.4", + "micromatch": "^4.0.4", + "pretty-format": "^27.4.2", + "slash": "^3.0.0", + "stack-utils": "^2.0.3" + } + }, + "jest-mock": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-27.4.2.tgz", + "integrity": "sha512-PDDPuyhoukk20JrQKeofK12hqtSka7mWH0QQuxSNgrdiPsrnYYLS6wbzu/HDlxZRzji5ylLRULeuI/vmZZDrYA==", + "dev": true, + "requires": { + "@jest/types": "^27.4.2", + "@types/node": "*" + } + }, + "jest-pnp-resolver": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.2.tgz", + "integrity": "sha512-olV41bKSMm8BdnuMsewT4jqlZ8+3TCARAXjZGT9jcoSnrfUnRCqnMoF9XEeoWjbzObpqF9dRhHQj0Xb9QdF6/w==", + "dev": true, + "requires": {} + }, + "jest-regex-util": { + "version": "27.4.0", + "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-27.4.0.tgz", + "integrity": "sha512-WeCpMpNnqJYMQoOjm1nTtsgbR4XHAk1u00qDoNBQoykM280+/TmgA5Qh5giC1ecy6a5d4hbSsHzpBtu5yvlbEg==", + "dev": true + }, + "jest-resolve": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-27.4.5.tgz", + "integrity": "sha512-xU3z1BuOz/hUhVUL+918KqUgK+skqOuUsAi7A+iwoUldK6/+PW+utK8l8cxIWT9AW7IAhGNXjSAh1UYmjULZZw==", + "dev": true, + "requires": { + "@jest/types": "^27.4.2", + "chalk": "^4.0.0", + "graceful-fs": "^4.2.4", + "jest-haste-map": "^27.4.5", + "jest-pnp-resolver": "^1.2.2", + "jest-util": "^27.4.2", + "jest-validate": "^27.4.2", + "resolve": "^1.20.0", + "resolve.exports": "^1.1.0", + "slash": "^3.0.0" + } + }, + "jest-resolve-dependencies": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-27.4.5.tgz", + "integrity": "sha512-elEVvkvRK51y037NshtEkEnukMBWvlPzZHiL847OrIljJ8yIsujD2GXRPqDXC4rEVKbcdsy7W0FxoZb4WmEs7w==", + "dev": true, + "requires": { + "@jest/types": "^27.4.2", + "jest-regex-util": "^27.4.0", + "jest-snapshot": "^27.4.5" + } + }, + "jest-runner": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-27.4.5.tgz", + "integrity": "sha512-/irauncTfmY1WkTaRQGRWcyQLzK1g98GYG/8QvIPviHgO1Fqz1JYeEIsSfF+9mc/UTA6S+IIHFgKyvUrtiBIZg==", + "dev": true, + "requires": { + "@jest/console": "^27.4.2", + "@jest/environment": "^27.4.4", + "@jest/test-result": "^27.4.2", + "@jest/transform": "^27.4.5", + "@jest/types": "^27.4.2", + "@types/node": "*", + "chalk": "^4.0.0", + "emittery": "^0.8.1", + "exit": "^0.1.2", + "graceful-fs": "^4.2.4", + "jest-docblock": "^27.4.0", + "jest-environment-jsdom": "^27.4.4", + "jest-environment-node": "^27.4.4", + "jest-haste-map": "^27.4.5", + "jest-leak-detector": "^27.4.2", + "jest-message-util": "^27.4.2", + "jest-resolve": "^27.4.5", + "jest-runtime": "^27.4.5", + "jest-util": "^27.4.2", + "jest-worker": "^27.4.5", + "source-map-support": "^0.5.6", + "throat": "^6.0.1" + } + }, + "jest-runtime": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-27.4.5.tgz", + "integrity": "sha512-CIYqwuJQXHQtPd/idgrx4zgJ6iCb6uBjQq1RSAGQrw2S8XifDmoM1Ot8NRd80ooAm+ZNdHVwsktIMGlA1F1FAQ==", + "dev": true, + "requires": { + "@jest/console": "^27.4.2", + "@jest/environment": "^27.4.4", + "@jest/globals": "^27.4.4", + "@jest/source-map": "^27.4.0", + "@jest/test-result": "^27.4.2", + "@jest/transform": "^27.4.5", + "@jest/types": "^27.4.2", + "@types/yargs": "^16.0.0", + "chalk": "^4.0.0", + "cjs-module-lexer": "^1.0.0", + "collect-v8-coverage": "^1.0.0", + "execa": "^5.0.0", + "exit": "^0.1.2", + "glob": "^7.1.3", + "graceful-fs": "^4.2.4", + "jest-haste-map": "^27.4.5", + "jest-message-util": "^27.4.2", + "jest-mock": "^27.4.2", + "jest-regex-util": "^27.4.0", + "jest-resolve": "^27.4.5", + "jest-snapshot": "^27.4.5", + "jest-util": "^27.4.2", + "jest-validate": "^27.4.2", + "slash": "^3.0.0", + "strip-bom": "^4.0.0", + "yargs": "^16.2.0" + } + }, + "jest-serializer": { + "version": "27.4.0", + "resolved": "https://registry.npmjs.org/jest-serializer/-/jest-serializer-27.4.0.tgz", + "integrity": "sha512-RDhpcn5f1JYTX2pvJAGDcnsNTnsV9bjYPU8xcV+xPwOXnUPOQwf4ZEuiU6G9H1UztH+OapMgu/ckEVwO87PwnQ==", + "dev": true, + "requires": { + "@types/node": "*", + "graceful-fs": "^4.2.4" + } + }, + "jest-snapshot": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-27.4.5.tgz", + "integrity": "sha512-eCi/iM1YJFrJWiT9de4+RpWWWBqsHiYxFG9V9o/n0WXs6GpW4lUt4FAHAgFPTLPqCUVzrMQmSmTZSgQzwqR7IQ==", + "dev": true, + "requires": { + "@babel/core": "^7.7.2", + "@babel/generator": "^7.7.2", + "@babel/parser": "^7.7.2", + "@babel/plugin-syntax-typescript": "^7.7.2", + "@babel/traverse": "^7.7.2", + "@babel/types": "^7.0.0", + "@jest/transform": "^27.4.5", + "@jest/types": "^27.4.2", + "@types/babel__traverse": "^7.0.4", + "@types/prettier": "^2.1.5", + "babel-preset-current-node-syntax": "^1.0.0", + "chalk": "^4.0.0", + "expect": "^27.4.2", + "graceful-fs": "^4.2.4", + "jest-diff": "^27.4.2", + "jest-get-type": "^27.4.0", + "jest-haste-map": "^27.4.5", + "jest-matcher-utils": "^27.4.2", + "jest-message-util": "^27.4.2", + "jest-resolve": "^27.4.5", + "jest-util": "^27.4.2", + "natural-compare": "^1.4.0", + "pretty-format": "^27.4.2", + "semver": "^7.3.2" + }, + "dependencies": { "semver": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", - "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true - }, - "signal-exit": { - "version": "3.0.6", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.6.tgz", - "integrity": "sha512-sDl4qMFpijcGw22U5w63KmD3cZJfBuFlVNbVMKje2keoKML7X2UzWbc4XrmEbDwg0NXJc3yv4/ox7b+JWb57kQ==", - "dev": true - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true - }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-support": { - "version": "0.5.21", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.21.tgz", - "integrity": "sha512-uBHU3L3czsIyYXKX88fdrGovxdSCoTGDRZ6SYXtSRxLZUzHg5P/66Ht6uoUlHu9EZod+inXhKo3qQgwXUT/y1w==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=", - "dev": true - }, - "stack-utils": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.5.tgz", - "integrity": "sha512-xrQcmYhOsn/1kX+Vraq+7j4oE2j/6BFscZ0etmYg81xuM8Gq0022Pxb8+IqgOFUIaxHs0KaSb7T1+OegiNrNFA==", - "dev": true, - "requires": { - "escape-string-regexp": "^2.0.0" - } - }, - "string-length": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", - "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", - "dev": true, - "requires": { - "char-regex": "^1.0.2", - "strip-ansi": "^6.0.0" - } - }, - "string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - } - }, - "strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "requires": { - "ansi-regex": "^5.0.1" - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, + "version": "7.3.5", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.5.tgz", + "integrity": "sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ==", + "dev": true, + "requires": { + "lru-cache": "^6.0.0" + } + } + } + }, + "jest-util": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-27.4.2.tgz", + "integrity": "sha512-YuxxpXU6nlMan9qyLuxHaMMOzXAl5aGZWCSzben5DhLHemYQxCc4YK+4L3ZrCutT8GPQ+ui9k5D8rUJoDioMnA==", + "dev": true, + "requires": { + "@jest/types": "^27.4.2", + "@types/node": "*", + "chalk": "^4.0.0", + "ci-info": "^3.2.0", + "graceful-fs": "^4.2.4", + "picomatch": "^2.2.3" + } + }, + "jest-validate": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-27.4.2.tgz", + "integrity": "sha512-hWYsSUej+Fs8ZhOm5vhWzwSLmVaPAxRy+Mr+z5MzeaHm9AxUpXdoVMEW4R86y5gOobVfBsMFLk4Rb+QkiEpx1A==", + "dev": true, + "requires": { + "@jest/types": "^27.4.2", + "camelcase": "^6.2.0", + "chalk": "^4.0.0", + "jest-get-type": "^27.4.0", + "leven": "^3.1.0", + "pretty-format": "^27.4.2" + }, + "dependencies": { + "camelcase": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", + "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", + "dev": true + } + } + }, + "jest-watcher": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-27.4.2.tgz", + "integrity": "sha512-NJvMVyyBeXfDezhWzUOCOYZrUmkSCiatpjpm+nFUid74OZEHk6aMLrZAukIiFDwdbqp6mTM6Ui1w4oc+8EobQg==", + "dev": true, + "requires": { + "@jest/test-result": "^27.4.2", + "@jest/types": "^27.4.2", + "@types/node": "*", + "ansi-escapes": "^4.2.1", + "chalk": "^4.0.0", + "jest-util": "^27.4.2", + "string-length": "^4.0.1" + } + }, + "jest-worker": { + "version": "27.4.5", + "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-27.4.5.tgz", + "integrity": "sha512-f2s8kEdy15cv9r7q4KkzGXvlY0JTcmCbMHZBfSQDwW77REr45IDWwd0lksDFeVHH2jJ5pqb90T77XscrjeGzzg==", + "dev": true, + "requires": { + "@types/node": "*", + "merge-stream": "^2.0.0", + "supports-color": "^8.0.0" + }, + "dependencies": { "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "supports-hyperlinks": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/supports-hyperlinks/-/supports-hyperlinks-2.2.0.tgz", - "integrity": "sha512-6sXEzV5+I5j8Bmq9/vUphGRM/RJNT9SCURJLjwfOg51heRtguGWDzcaBlgAzKhQa0EVNpPEKzQuBwZ8S8WaCeQ==", - "dev": true, - "requires": { - "has-flag": "^4.0.0", - "supports-color": "^7.0.0" - } - }, - "supports-preserve-symlinks-flag": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", - "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", - "dev": true - }, - "symbol-tree": { - "version": "3.2.4", - "resolved": "https://registry.npmjs.org/symbol-tree/-/symbol-tree-3.2.4.tgz", - "integrity": "sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw==", - "dev": true - }, - "terminal-link": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/terminal-link/-/terminal-link-2.1.1.tgz", - "integrity": "sha512-un0FmiRUQNr5PJqy9kP7c40F5BOfpGlYTrxonDChEZB7pzZxRNp/bt+ymiy9/npwXya9KH99nJ/GXFIiUkYGFQ==", - "dev": true, - "requires": { - "ansi-escapes": "^4.2.1", - "supports-hyperlinks": "^2.0.0" - } - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "throat": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/throat/-/throat-6.0.1.tgz", - "integrity": "sha512-8hmiGIJMDlwjg7dlJ4yKGLK8EsYqKgPWbG3b4wjJddKNwc7N7Dpn08Df4szr/sZdMVeOstrdYSsqzX6BYbcB+w==", - "dev": true - }, - "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", - "dev": true - }, - "to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", - "dev": true - }, - "to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "requires": { - "is-number": "^7.0.0" - } - }, - "tough-cookie": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-4.0.0.tgz", - "integrity": "sha512-tHdtEpQCMrc1YLrMaqXXcj6AxhYi/xgit6mZu1+EDWUn+qhUf8wMQoFIy9NXuq23zAwtcB0t/MjACGR18pcRbg==", - "dev": true, - "requires": { - "psl": "^1.1.33", - "punycode": "^2.1.1", - "universalify": "^0.1.2" - } - }, + "version": "8.1.1", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", + "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", + "dev": true, + "requires": { + "has-flag": "^4.0.0" + } + } + } + }, + "js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", + "dev": true + }, + "js-yaml": { + "version": "3.14.1", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", + "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", + "dev": true, + "requires": { + "argparse": "^1.0.7", + "esprima": "^4.0.0" + } + }, + "jsdom": { + "version": "16.7.0", + "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-16.7.0.tgz", + "integrity": "sha512-u9Smc2G1USStM+s/x1ru5Sxrl6mPYCbByG1U/hUmqaVsm4tbNyS7CicOSRyuGQYZhTu0h84qkZZQ/I+dzizSVw==", + "dev": true, + "requires": { + "abab": "^2.0.5", + "acorn": "^8.2.4", + "acorn-globals": "^6.0.0", + "cssom": "^0.4.4", + "cssstyle": "^2.3.0", + "data-urls": "^2.0.0", + "decimal.js": "^10.2.1", + "domexception": "^2.0.1", + "escodegen": "^2.0.0", + "form-data": "^3.0.0", + "html-encoding-sniffer": "^2.0.1", + "http-proxy-agent": "^4.0.1", + "https-proxy-agent": "^5.0.0", + "is-potential-custom-element-name": "^1.0.1", + "nwsapi": "^2.2.0", + "parse5": "6.0.1", + "saxes": "^5.0.1", + "symbol-tree": "^3.2.4", + "tough-cookie": "^4.0.0", + "w3c-hr-time": "^1.0.2", + "w3c-xmlserializer": "^2.0.0", + "webidl-conversions": "^6.1.0", + "whatwg-encoding": "^1.0.5", + "whatwg-mimetype": "^2.3.0", + "whatwg-url": "^8.5.0", + "ws": "^7.4.6", + "xml-name-validator": "^3.0.0" + } + }, + "jsesc": { + "version": "2.5.2", + "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", + "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", + "dev": true + }, + "json5": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.0.tgz", + "integrity": "sha512-f+8cldu7X/y7RAJurMEJmdoKXGB/X550w2Nr3tTbezL6RwEE/iMcm+tZnXeoZtKuOq6ft8+CqzEkrIgx1fPoQA==", + "dev": true, + "requires": { + "minimist": "^1.2.5" + } + }, + "kleur": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", + "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", + "dev": true + }, + "leven": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", + "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", + "dev": true + }, + "levn": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/levn/-/levn-0.3.0.tgz", + "integrity": "sha1-OwmSTt+fCDwEkP3UwLxEIeBHZO4=", + "dev": true, + "requires": { + "prelude-ls": "~1.1.2", + "type-check": "~0.3.2" + } + }, + "locate-path": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", + "dev": true, + "requires": { + "p-locate": "^4.1.0" + } + }, + "lodash": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==", + "dev": true + }, + "lru-cache": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", + "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", + "dev": true, + "requires": { + "yallist": "^4.0.0" + } + }, + "make-dir": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", + "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", + "dev": true, + "requires": { + "semver": "^6.0.0" + } + }, + "makeerror": { + "version": "1.0.12", + "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", + "integrity": "sha512-JmqCvUhmt43madlpFzG4BQzG2Z3m6tvQDNKdClZnO3VbIudJYmxsT0FNJMeiB2+JTSlTQTSbU8QdesVmwJcmLg==", + "dev": true, + "requires": { + "tmpl": "1.0.5" + } + }, + "merge-stream": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", + "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", + "dev": true + }, + "micromatch": { + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.4.tgz", + "integrity": "sha512-pRmzw/XUcwXGpD9aI9q/0XOwLNygjETJ8y0ao0wdqprrzDa4YnxLcz7fQRZr8voh8V10kGhABbNcHVk5wHgWwg==", + "dev": true, + "requires": { + "braces": "^3.0.1", + "picomatch": "^2.2.3" + } + }, + "mime-db": { + "version": "1.51.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.51.0.tgz", + "integrity": "sha512-5y8A56jg7XVQx2mbv1lu49NR4dokRnhZYTtL+KGfaa27uq4pSTXkwQkFJl4pkRMyNFz/EtYDSkiiEHx3F7UN6g==", + "dev": true + }, + "mime-types": { + "version": "2.1.34", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.34.tgz", + "integrity": "sha512-6cP692WwGIs9XXdOO4++N+7qjqv0rqxxVvJ3VHPh/Sc9mVZcQP+ZGhkKiTvWMQRr2tbHkJP/Yn7Y0npb3ZBs4A==", + "dev": true, + "requires": { + "mime-db": "1.51.0" + } + }, + "mimic-fn": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", + "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", + "dev": true + }, + "minimatch": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", + "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", + "dev": true, + "requires": { + "brace-expansion": "^1.1.7" + } + }, + "minimist": { + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", + "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==", + "dev": true + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", + "dev": true + }, + "natural-compare": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", + "integrity": "sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=", + "dev": true + }, + "node-fetch": { + "version": "2.6.7", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.7.tgz", + "integrity": "sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==", + "requires": { + "whatwg-url": "^5.0.0" + }, + "dependencies": { "tr46": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/tr46/-/tr46-2.1.0.tgz", - "integrity": "sha512-15Ih7phfcdP5YxqiB+iDtLoaTz4Nd35+IiAv0kQ5FNKHzXgdWqPoTIqEDDJmXceQt4JZk6lVPT8lnDlPpGDppw==", - "dev": true, - "requires": { - "punycode": "^2.1.1" - } - }, - "type-check": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.3.2.tgz", - "integrity": "sha1-WITKtRLPHTVeP7eE8wgEsrUg23I=", - "dev": true, - "requires": { - "prelude-ls": "~1.1.2" - } - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.21.3", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", - "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", - "dev": true - }, - "typedarray-to-buffer": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/typedarray-to-buffer/-/typedarray-to-buffer-3.1.5.tgz", - "integrity": "sha512-zdu8XMNEDepKKR+XYOXAVPtWui0ly0NtohUscw+UmaHiAWT8hrV1rr//H6V+0DvJ3OQ19S979M0laLfX8rm82Q==", - "dev": true, - "requires": { - "is-typedarray": "^1.0.0" - } - }, - "universalify": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz", - "integrity": "sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg==", - "dev": true - }, - "v8-to-istanbul": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-8.1.0.tgz", - "integrity": "sha512-/PRhfd8aTNp9Ggr62HPzXg2XasNFGy5PBt0Rp04du7/8GNNSgxFL6WBTkgMKSL9bFjH+8kKEG3f37FmxiTqUUA==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0", - "source-map": "^0.7.3" - }, - "dependencies": { - "source-map": { - "version": "0.7.3", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.7.3.tgz", - "integrity": "sha512-CkCj6giN3S+n9qrYiBTX5gystlENnRW5jZeNLHpe6aue+SrHcG5VYwujhW9s4dY31mEGsxBDrHR6oI69fTXsaQ==", - "dev": true - } - } - }, - "w3c-hr-time": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/w3c-hr-time/-/w3c-hr-time-1.0.2.tgz", - "integrity": "sha512-z8P5DvDNjKDoFIHK7q8r8lackT6l+jo/Ye3HOle7l9nICP9lf1Ci25fy9vHd0JOWewkIFzXIEig3TdKT7JQ5fQ==", - "dev": true, - "requires": { - "browser-process-hrtime": "^1.0.0" - } - }, - "w3c-xmlserializer": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/w3c-xmlserializer/-/w3c-xmlserializer-2.0.0.tgz", - "integrity": "sha512-4tzD0mF8iSiMiNs30BiLO3EpfGLZUT2MSX/G+o7ZywDzliWQ3OPtTZ0PTC3B3ca1UAf4cJMHB+2Bf56EriJuRA==", - "dev": true, - "requires": { - "xml-name-validator": "^3.0.0" - } - }, - "walker": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", - "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", - "dev": true, - "requires": { - "makeerror": "1.0.12" - } + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o=" }, "webidl-conversions": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-6.1.0.tgz", - "integrity": "sha512-qBIvFLGiBpLjfwmYAaHPXsn+ho5xZnGvyGvsarywGNc8VyQJUMHJ8OBKGGrPER0okBeMDaan4mNBlgBROxuI8w==", - "dev": true - }, - "whatwg-encoding": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/whatwg-encoding/-/whatwg-encoding-1.0.5.tgz", - "integrity": "sha512-b5lim54JOPN9HtzvK9HFXvBma/rnfFeqsic0hSpjtDbVxR3dJKLc+KB4V6GgiGOvl7CY/KNh8rxSo9DKQrnUEw==", - "dev": true, - "requires": { - "iconv-lite": "0.4.24" - } - }, - "whatwg-mimetype": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/whatwg-mimetype/-/whatwg-mimetype-2.3.0.tgz", - "integrity": "sha512-M4yMwr6mAnQz76TbJm914+gPpB/nCwvZbJU28cUD6dR004SAxDLOOSUaB1JDRqLtaOV/vi0IC5lEAGFgrjGv/g==", - "dev": true + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha1-JFNCdeKnvGvnvIZhHMFq4KVlSHE=" }, "whatwg-url": { - "version": "8.7.0", - "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-8.7.0.tgz", - "integrity": "sha512-gAojqb/m9Q8a5IV96E3fHJM70AzCkgt4uXYX2O7EmuyOnLrViCQlsEBmF9UQIu3/aeAIp2U17rtbpZWNntQqdg==", - "dev": true, - "requires": { - "lodash": "^4.7.0", - "tr46": "^2.1.0", - "webidl-conversions": "^6.1.0" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "requires": { - "isexe": "^2.0.0" - } - }, - "word-wrap": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz", - "integrity": "sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==", - "dev": true - }, - "wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", - "dev": true - }, - "write-file-atomic": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-3.0.3.tgz", - "integrity": "sha512-AvHcyZ5JnSfq3ioSyjrBkH9yW4m7Ayk8/9My/DD9onKeu/94fwrMocemO2QAJFAlnnDN+ZDS+ZjAR5ua1/PV/Q==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "is-typedarray": "^1.0.0", - "signal-exit": "^3.0.2", - "typedarray-to-buffer": "^3.1.5" - } - }, - "ws": { - "version": "7.5.6", - "resolved": "https://registry.npmjs.org/ws/-/ws-7.5.6.tgz", - "integrity": "sha512-6GLgCqo2cy2A2rjCNFlxQS6ZljG/coZfZXclldI8FB/1G3CCI36Zd8xy2HrFVACi8tfk5XrgLQEk+P0Tnz9UcA==", - "dev": true, - "requires": {} - }, - "xml-name-validator": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/xml-name-validator/-/xml-name-validator-3.0.0.tgz", - "integrity": "sha512-A5CUptxDsvxKJEU3yO6DuWBSJz/qizqzJKOMIfUJHETbBw/sFaDxgd6fxm1ewUaM0jZ444Fc5vC5ROYurg/4Pw==", - "dev": true - }, - "xmlchars": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/xmlchars/-/xmlchars-2.2.0.tgz", - "integrity": "sha512-JZnDKK8B0RCDw84FNdDAIpZK+JuJw+s7Lz8nksI7SIuU3UXJJslUthsi+uWBUYOwPFwW7W7PRLRfUKpxjtjFCw==", - "dev": true - }, - "y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "dev": true - }, - "yargs": { - "version": "16.2.0", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-16.2.0.tgz", - "integrity": "sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw==", - "dev": true, - "requires": { - "cliui": "^7.0.2", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.0", - "y18n": "^5.0.5", - "yargs-parser": "^20.2.2" - } - }, - "yargs-parser": { - "version": "20.2.9", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-20.2.9.tgz", - "integrity": "sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w==", - "dev": true + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha1-lmRU6HZUYuN2RNNib2dCzotwll0=", + "requires": { + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" + } + } + } + }, + "node-int64": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", + "integrity": "sha1-h6kGXNs1XTGC2PlM4RGIuCXGijs=", + "dev": true + }, + "node-releases": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.1.tgz", + "integrity": "sha512-CqyzN6z7Q6aMeF/ktcMVTzhAHCEpf8SOarwpzpf8pNBY2k5/oM34UHldUwp8VKI7uxct2HxSRdJjBaZeESzcxA==", + "dev": true + }, + "normalize-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", + "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", + "dev": true + }, + "npm-run-path": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", + "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", + "dev": true, + "requires": { + "path-key": "^3.0.0" + } + }, + "nwsapi": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/nwsapi/-/nwsapi-2.2.0.tgz", + "integrity": "sha512-h2AatdwYH+JHiZpv7pt/gSX1XoRGb7L/qSIeuqA6GwYoF9w1vP1cw42TO0aI2pNyshRK5893hNSl+1//vHK7hQ==", + "dev": true + }, + "once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", + "dev": true, + "requires": { + "wrappy": "1" + } + }, + "onetime": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", + "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", + "dev": true, + "requires": { + "mimic-fn": "^2.1.0" + } + }, + "optionator": { + "version": "0.8.3", + "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.8.3.tgz", + "integrity": "sha512-+IW9pACdk3XWmmTXG8m3upGUJst5XRGzxMRjXzAuJ1XnIFNvfhjjIuYkDvysnPQ7qzqVzLt78BCruntqRhWQbA==", + "dev": true, + "requires": { + "deep-is": "~0.1.3", + "fast-levenshtein": "~2.0.6", + "levn": "~0.3.0", + "prelude-ls": "~1.1.2", + "type-check": "~0.3.2", + "word-wrap": "~1.2.3" + } + }, + "p-limit": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", + "dev": true, + "requires": { + "p-try": "^2.0.0" + } + }, + "p-locate": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", + "dev": true, + "requires": { + "p-limit": "^2.2.0" + } + }, + "p-try": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", + "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", + "dev": true + }, + "parse5": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/parse5/-/parse5-6.0.1.tgz", + "integrity": "sha512-Ofn/CTFzRGTTxwpNEs9PP93gXShHcTq255nzRYSKe8AkVpZY7e1fpmTfOyoIvjP5HG7Z2ZM7VS9PPhQGW2pOpw==", + "dev": true + }, + "path-exists": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", + "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", + "dev": true + }, + "path-is-absolute": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", + "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", + "dev": true + }, + "path-key": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", + "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", + "dev": true + }, + "path-parse": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", + "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", + "dev": true + }, + "picocolors": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", + "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==", + "dev": true + }, + "picomatch": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", + "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==", + "dev": true + }, + "pirates": { + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.4.tgz", + "integrity": "sha512-ZIrVPH+A52Dw84R0L3/VS9Op04PuQ2SEoJL6bkshmiTic/HldyW9Tf7oH5mhJZBK7NmDx27vSMrYEXPXclpDKw==", + "dev": true + }, + "pkg-dir": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", + "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", + "dev": true, + "requires": { + "find-up": "^4.0.0" + } + }, + "prelude-ls": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.1.2.tgz", + "integrity": "sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ=", + "dev": true + }, + "pretty-format": { + "version": "27.4.2", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-27.4.2.tgz", + "integrity": "sha512-p0wNtJ9oLuvgOQDEIZ9zQjZffK7KtyR6Si0jnXULIDwrlNF8Cuir3AZP0hHv0jmKuNN/edOnbMjnzd4uTcmWiw==", + "dev": true, + "requires": { + "@jest/types": "^27.4.2", + "ansi-regex": "^5.0.1", + "ansi-styles": "^5.0.0", + "react-is": "^17.0.1" + }, + "dependencies": { + "ansi-styles": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", + "dev": true + } + } + }, + "prompts": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", + "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", + "dev": true, + "requires": { + "kleur": "^3.0.3", + "sisteransi": "^1.0.5" + } + }, + "psl": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", + "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==", + "dev": true + }, + "punycode": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", + "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", + "dev": true + }, + "react-is": { + "version": "17.0.2", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-17.0.2.tgz", + "integrity": "sha512-w2GsyukL62IJnlaff/nRegPQR94C/XXamvMWmSHRJ4y7Ts/4ocGRmTHvOs8PSE6pB3dWOrD/nueuU5sduBsQ4w==", + "dev": true + }, + "require-directory": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", + "integrity": "sha1-jGStX9MNqxyXbiNE/+f3kqam30I=", + "dev": true + }, + "resolve": { + "version": "1.21.0", + "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.21.0.tgz", + "integrity": "sha512-3wCbTpk5WJlyE4mSOtDLhqQmGFi0/TD9VPwmiolnk8U0wRgMEktqCXd3vy5buTO3tljvalNvKrjHEfrd2WpEKA==", + "dev": true, + "requires": { + "is-core-module": "^2.8.0", + "path-parse": "^1.0.7", + "supports-preserve-symlinks-flag": "^1.0.0" + } + }, + "resolve-cwd": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", + "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", + "dev": true, + "requires": { + "resolve-from": "^5.0.0" + } + }, + "resolve-from": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", + "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", + "dev": true + }, + "resolve.exports": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-1.1.0.tgz", + "integrity": "sha512-J1l+Zxxp4XK3LUDZ9m60LRJF/mAe4z6a4xyabPHk7pvK5t35dACV32iIjJDFeWZFfZlO29w6SZ67knR0tHzJtQ==", + "dev": true + }, + "rimraf": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", + "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", + "dev": true, + "requires": { + "glob": "^7.1.3" + } + }, + "safe-buffer": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", + "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==", + "dev": true + }, + "safer-buffer": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", + "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", + "dev": true + }, + "saxes": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/saxes/-/saxes-5.0.1.tgz", + "integrity": "sha512-5LBh1Tls8c9xgGjw3QrMwETmTMVk0oFgvrFSvWx62llR2hcEInrKNZ2GZCCuuy2lvWrdl5jhbpeqc5hRYKFOcw==", + "dev": true, + "requires": { + "xmlchars": "^2.2.0" + } + }, + "semver": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", + "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==", + "dev": true + }, + "shebang-command": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", + "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", + "dev": true, + "requires": { + "shebang-regex": "^3.0.0" + } + }, + "shebang-regex": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", + "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", + "dev": true + }, + "signal-exit": { + "version": "3.0.6", + "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.6.tgz", + "integrity": "sha512-sDl4qMFpijcGw22U5w63KmD3cZJfBuFlVNbVMKje2keoKML7X2UzWbc4XrmEbDwg0NXJc3yv4/ox7b+JWb57kQ==", + "dev": true + }, + "sisteransi": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", + "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", + "dev": true + }, + "slash": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", + "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", + "dev": true + }, + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", + "dev": true + }, + "source-map-support": { + "version": "0.5.21", + "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.21.tgz", + "integrity": "sha512-uBHU3L3czsIyYXKX88fdrGovxdSCoTGDRZ6SYXtSRxLZUzHg5P/66Ht6uoUlHu9EZod+inXhKo3qQgwXUT/y1w==", + "dev": true, + "requires": { + "buffer-from": "^1.0.0", + "source-map": "^0.6.0" + } + }, + "sprintf-js": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=", + "dev": true + }, + "stack-utils": { + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.5.tgz", + "integrity": "sha512-xrQcmYhOsn/1kX+Vraq+7j4oE2j/6BFscZ0etmYg81xuM8Gq0022Pxb8+IqgOFUIaxHs0KaSb7T1+OegiNrNFA==", + "dev": true, + "requires": { + "escape-string-regexp": "^2.0.0" + } + }, + "string-length": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", + "integrity": "sha512-+l6rNN5fYHNhZZy41RXsYptCjA2Igmq4EG7kZAYFQI1E1VTXarr6ZPXBg6eq7Y6eK4FEhY6AJlyuFIb/v/S0VQ==", + "dev": true, + "requires": { + "char-regex": "^1.0.2", + "strip-ansi": "^6.0.0" + } + }, + "string-width": { + "version": "4.2.3", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", + "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "dev": true, + "requires": { + "emoji-regex": "^8.0.0", + "is-fullwidth-code-point": "^3.0.0", + "strip-ansi": "^6.0.1" + } + }, + "strip-ansi": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", + "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "dev": true, + "requires": { + "ansi-regex": "^5.0.1" + } + }, + "strip-bom": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", + "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", + "dev": true + }, + "strip-final-newline": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", + "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", + "dev": true + }, + "supports-color": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", + "dev": true, + "requires": { + "has-flag": "^4.0.0" + } + }, + "supports-hyperlinks": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/supports-hyperlinks/-/supports-hyperlinks-2.2.0.tgz", + "integrity": "sha512-6sXEzV5+I5j8Bmq9/vUphGRM/RJNT9SCURJLjwfOg51heRtguGWDzcaBlgAzKhQa0EVNpPEKzQuBwZ8S8WaCeQ==", + "dev": true, + "requires": { + "has-flag": "^4.0.0", + "supports-color": "^7.0.0" + } + }, + "supports-preserve-symlinks-flag": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", + "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", + "dev": true + }, + "symbol-tree": { + "version": "3.2.4", + "resolved": "https://registry.npmjs.org/symbol-tree/-/symbol-tree-3.2.4.tgz", + "integrity": "sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw==", + "dev": true + }, + "terminal-link": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/terminal-link/-/terminal-link-2.1.1.tgz", + "integrity": "sha512-un0FmiRUQNr5PJqy9kP7c40F5BOfpGlYTrxonDChEZB7pzZxRNp/bt+ymiy9/npwXya9KH99nJ/GXFIiUkYGFQ==", + "dev": true, + "requires": { + "ansi-escapes": "^4.2.1", + "supports-hyperlinks": "^2.0.0" + } + }, + "test-exclude": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", + "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", + "dev": true, + "requires": { + "@istanbuljs/schema": "^0.1.2", + "glob": "^7.1.4", + "minimatch": "^3.0.4" + } + }, + "throat": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/throat/-/throat-6.0.1.tgz", + "integrity": "sha512-8hmiGIJMDlwjg7dlJ4yKGLK8EsYqKgPWbG3b4wjJddKNwc7N7Dpn08Df4szr/sZdMVeOstrdYSsqzX6BYbcB+w==", + "dev": true + }, + "tmpl": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", + "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==", + "dev": true + }, + "to-fast-properties": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", + "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", + "dev": true + }, + "to-regex-range": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", + "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", + "dev": true, + "requires": { + "is-number": "^7.0.0" + } + }, + "tough-cookie": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-4.0.0.tgz", + "integrity": "sha512-tHdtEpQCMrc1YLrMaqXXcj6AxhYi/xgit6mZu1+EDWUn+qhUf8wMQoFIy9NXuq23zAwtcB0t/MjACGR18pcRbg==", + "dev": true, + "requires": { + "psl": "^1.1.33", + "punycode": "^2.1.1", + "universalify": "^0.1.2" + } + }, + "tr46": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-2.1.0.tgz", + "integrity": "sha512-15Ih7phfcdP5YxqiB+iDtLoaTz4Nd35+IiAv0kQ5FNKHzXgdWqPoTIqEDDJmXceQt4JZk6lVPT8lnDlPpGDppw==", + "dev": true, + "requires": { + "punycode": "^2.1.1" + } + }, + "type-check": { + "version": "0.3.2", + "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.3.2.tgz", + "integrity": "sha1-WITKtRLPHTVeP7eE8wgEsrUg23I=", + "dev": true, + "requires": { + "prelude-ls": "~1.1.2" + } + }, + "type-detect": { + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", + "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", + "dev": true + }, + "type-fest": { + "version": "0.21.3", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", + "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", + "dev": true + }, + "typedarray-to-buffer": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/typedarray-to-buffer/-/typedarray-to-buffer-3.1.5.tgz", + "integrity": "sha512-zdu8XMNEDepKKR+XYOXAVPtWui0ly0NtohUscw+UmaHiAWT8hrV1rr//H6V+0DvJ3OQ19S979M0laLfX8rm82Q==", + "dev": true, + "requires": { + "is-typedarray": "^1.0.0" + } + }, + "universalify": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz", + "integrity": "sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg==", + "dev": true + }, + "v8-to-istanbul": { + "version": "8.1.0", + "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-8.1.0.tgz", + "integrity": "sha512-/PRhfd8aTNp9Ggr62HPzXg2XasNFGy5PBt0Rp04du7/8GNNSgxFL6WBTkgMKSL9bFjH+8kKEG3f37FmxiTqUUA==", + "dev": true, + "requires": { + "@types/istanbul-lib-coverage": "^2.0.1", + "convert-source-map": "^1.6.0", + "source-map": "^0.7.3" + }, + "dependencies": { + "source-map": { + "version": "0.7.3", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.7.3.tgz", + "integrity": "sha512-CkCj6giN3S+n9qrYiBTX5gystlENnRW5jZeNLHpe6aue+SrHcG5VYwujhW9s4dY31mEGsxBDrHR6oI69fTXsaQ==", + "dev": true } + } + }, + "w3c-hr-time": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/w3c-hr-time/-/w3c-hr-time-1.0.2.tgz", + "integrity": "sha512-z8P5DvDNjKDoFIHK7q8r8lackT6l+jo/Ye3HOle7l9nICP9lf1Ci25fy9vHd0JOWewkIFzXIEig3TdKT7JQ5fQ==", + "dev": true, + "requires": { + "browser-process-hrtime": "^1.0.0" + } + }, + "w3c-xmlserializer": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/w3c-xmlserializer/-/w3c-xmlserializer-2.0.0.tgz", + "integrity": "sha512-4tzD0mF8iSiMiNs30BiLO3EpfGLZUT2MSX/G+o7ZywDzliWQ3OPtTZ0PTC3B3ca1UAf4cJMHB+2Bf56EriJuRA==", + "dev": true, + "requires": { + "xml-name-validator": "^3.0.0" + } + }, + "walker": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", + "integrity": "sha512-ts/8E8l5b7kY0vlWLewOkDXMmPdLcVV4GmOQLyxuSswIJsweeFZtAsMF7k1Nszz+TYBQrlYRmzOnr398y1JemQ==", + "dev": true, + "requires": { + "makeerror": "1.0.12" + } + }, + "webidl-conversions": { + "version": "6.1.0", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-6.1.0.tgz", + "integrity": "sha512-qBIvFLGiBpLjfwmYAaHPXsn+ho5xZnGvyGvsarywGNc8VyQJUMHJ8OBKGGrPER0okBeMDaan4mNBlgBROxuI8w==", + "dev": true + }, + "whatwg-encoding": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/whatwg-encoding/-/whatwg-encoding-1.0.5.tgz", + "integrity": "sha512-b5lim54JOPN9HtzvK9HFXvBma/rnfFeqsic0hSpjtDbVxR3dJKLc+KB4V6GgiGOvl7CY/KNh8rxSo9DKQrnUEw==", + "dev": true, + "requires": { + "iconv-lite": "0.4.24" + } + }, + "whatwg-mimetype": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/whatwg-mimetype/-/whatwg-mimetype-2.3.0.tgz", + "integrity": "sha512-M4yMwr6mAnQz76TbJm914+gPpB/nCwvZbJU28cUD6dR004SAxDLOOSUaB1JDRqLtaOV/vi0IC5lEAGFgrjGv/g==", + "dev": true + }, + "whatwg-url": { + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-8.7.0.tgz", + "integrity": "sha512-gAojqb/m9Q8a5IV96E3fHJM70AzCkgt4uXYX2O7EmuyOnLrViCQlsEBmF9UQIu3/aeAIp2U17rtbpZWNntQqdg==", + "dev": true, + "requires": { + "lodash": "^4.7.0", + "tr46": "^2.1.0", + "webidl-conversions": "^6.1.0" + } + }, + "which": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", + "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", + "dev": true, + "requires": { + "isexe": "^2.0.0" + } + }, + "word-wrap": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz", + "integrity": "sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==", + "dev": true + }, + "wrap-ansi": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", + "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", + "dev": true, + "requires": { + "ansi-styles": "^4.0.0", + "string-width": "^4.1.0", + "strip-ansi": "^6.0.0" + } + }, + "wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", + "dev": true + }, + "write-file-atomic": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-3.0.3.tgz", + "integrity": "sha512-AvHcyZ5JnSfq3ioSyjrBkH9yW4m7Ayk8/9My/DD9onKeu/94fwrMocemO2QAJFAlnnDN+ZDS+ZjAR5ua1/PV/Q==", + "dev": true, + "requires": { + "imurmurhash": "^0.1.4", + "is-typedarray": "^1.0.0", + "signal-exit": "^3.0.2", + "typedarray-to-buffer": "^3.1.5" + } + }, + "ws": { + "version": "7.5.6", + "resolved": "https://registry.npmjs.org/ws/-/ws-7.5.6.tgz", + "integrity": "sha512-6GLgCqo2cy2A2rjCNFlxQS6ZljG/coZfZXclldI8FB/1G3CCI36Zd8xy2HrFVACi8tfk5XrgLQEk+P0Tnz9UcA==", + "dev": true, + "requires": {} + }, + "xml-name-validator": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/xml-name-validator/-/xml-name-validator-3.0.0.tgz", + "integrity": "sha512-A5CUptxDsvxKJEU3yO6DuWBSJz/qizqzJKOMIfUJHETbBw/sFaDxgd6fxm1ewUaM0jZ444Fc5vC5ROYurg/4Pw==", + "dev": true + }, + "xmlchars": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/xmlchars/-/xmlchars-2.2.0.tgz", + "integrity": "sha512-JZnDKK8B0RCDw84FNdDAIpZK+JuJw+s7Lz8nksI7SIuU3UXJJslUthsi+uWBUYOwPFwW7W7PRLRfUKpxjtjFCw==", + "dev": true + }, + "y18n": { + "version": "5.0.8", + "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", + "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", + "dev": true + }, + "yallist": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", + "dev": true + }, + "yargs": { + "version": "16.2.0", + "resolved": "https://registry.npmjs.org/yargs/-/yargs-16.2.0.tgz", + "integrity": "sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw==", + "dev": true, + "requires": { + "cliui": "^7.0.2", + "escalade": "^3.1.1", + "get-caller-file": "^2.0.5", + "require-directory": "^2.1.1", + "string-width": "^4.2.0", + "y18n": "^5.0.5", + "yargs-parser": "^20.2.2" + } + }, + "yargs-parser": { + "version": "20.2.9", + "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-20.2.9.tgz", + "integrity": "sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w==", + "dev": true } + } } diff --git a/hooks/persistence-azure-monitor/hook/package.json b/hooks/persistence-azure-monitor/hook/package.json index ad0b8e6a83..35c2de60f1 100644 --- a/hooks/persistence-azure-monitor/hook/package.json +++ b/hooks/persistence-azure-monitor/hook/package.json @@ -1,43 +1,43 @@ { - "name": "@securecodebox/hook-persistence-azure-monitor", - "version": "1.0.0", - "description": "secureCodeBox Hook to persist results to Azure Monitor.", - "homepage": "https://www.secureCodeBox.io", - "type": "module", - "repository": { - "type": "git", - "url": "git+https://github.com/secureCodeBox/secureCodeBox.git" - }, - "main": "hook.js", - "scripts": { - "test": "jest --verbose --ci --colors --coverage --passWithNoTests" - }, - "keywords": [ - "secureCodeBox", - "security", - "hook", - "azure-monitor", - "persistence" - ], - "author": { - "name": "iteratec GmbH", - "email": "securecodebox@iteratec.com", - "url": "https://www.iteratec.com" - }, - "contributors": [ - { - "name": "Max Maass", - "url": "https://github.com/malexmave" - } - ], - "bugs": { - "url": "https://github.com/secureCodeBox/secureCodeBox/issues" - }, - "license": "Apache-2.0", - "dependencies": { - "node-fetch": "2.6" - }, - "devDependencies": { - "jest": "^27.0.6" + "name": "@securecodebox/hook-persistence-azure-monitor", + "version": "1.0.0", + "description": "secureCodeBox Hook to persist results to Azure Monitor.", + "homepage": "https://www.secureCodeBox.io", + "type": "module", + "repository": { + "type": "git", + "url": "git+https://github.com/secureCodeBox/secureCodeBox.git" + }, + "main": "hook.js", + "scripts": { + "test": "jest --verbose --ci --colors --coverage --passWithNoTests" + }, + "keywords": [ + "secureCodeBox", + "security", + "hook", + "azure-monitor", + "persistence" + ], + "author": { + "name": "iteratec GmbH", + "email": "securecodebox@iteratec.com", + "url": "https://www.iteratec.com" + }, + "contributors": [ + { + "name": "Max Maass", + "url": "https://github.com/malexmave" } + ], + "bugs": { + "url": "https://github.com/secureCodeBox/secureCodeBox/issues" + }, + "license": "Apache-2.0", + "dependencies": { + "node-fetch": "2.6" + }, + "devDependencies": { + "jest": "^27.0.6" + } } diff --git a/hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/persistence/mapping/DefectDojoFindingToSecureCodeBoxMapper.java b/hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/persistence/mapping/DefectDojoFindingToSecureCodeBoxMapper.java index 3c9c1a4dfe..7791580cbc 100644 --- a/hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/persistence/mapping/DefectDojoFindingToSecureCodeBoxMapper.java +++ b/hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/persistence/mapping/DefectDojoFindingToSecureCodeBoxMapper.java @@ -87,7 +87,7 @@ public SecureCodeBoxFinding fromDefectDojoFinding(io.securecodebox.persistence.d } if (defectDojoFinding.getEndpoints() == null || defectDojoFinding.getEndpoints().isEmpty()){ - finding.setLocation("unkown"); + finding.setLocation("unknown"); } else { var endpoint = endpointService.get(defectDojoFinding.getEndpoints().get(0)); finding.setLocation(stringifyEndpoint(endpoint)); diff --git a/hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/persistence/strategies/VersionedEngagementsStrategy.java b/hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/persistence/strategies/VersionedEngagementsStrategy.java index 7e64a160bd..3928a37dcc 100644 --- a/hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/persistence/strategies/VersionedEngagementsStrategy.java +++ b/hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/persistence/strategies/VersionedEngagementsStrategy.java @@ -280,7 +280,7 @@ private long createTest(Scan scan, long engagementId, long userId) throws URISyn * @return The productName related to the given scan. */ protected String getProductName(Scan scan) { - String result = "unkown"; + String result = "unknown"; if (scan.getProductName().isPresent()) { result = scan.getProductName().get(); diff --git a/hooks/persistence-defectdojo/hook/src/main/resources/application.yaml b/hooks/persistence-defectdojo/hook/src/main/resources/application.yaml index 10dda7cadd..376cf02537 100644 --- a/hooks/persistence-defectdojo/hook/src/main/resources/application.yaml +++ b/hooks/persistence-defectdojo/hook/src/main/resources/application.yaml @@ -3,13 +3,13 @@ # SPDX-License-Identifier: Apache-2.0 spring: - main: - web-application-type: none + main: + web-application-type: none securecodebox: - persistence: - defectdojo: - url: "http://defectdojo-django.default.svc:8082" - auth: - key: "ca267cf37a368b8ae02a184164b196a25fca77de" - name: "admin" + persistence: + defectdojo: + url: "http://defectdojo-django.default.svc:8082" + auth: + key: "ca267cf37a368b8ae02a184164b196a25fca77de" + name: "admin" diff --git a/hooks/persistence-defectdojo/hook/src/test/resources/kubehunter-dd-findings.json b/hooks/persistence-defectdojo/hook/src/test/resources/kubehunter-dd-findings.json index 9ee138e593..930d32ec8d 100644 --- a/hooks/persistence-defectdojo/hook/src/test/resources/kubehunter-dd-findings.json +++ b/hooks/persistence-defectdojo/hook/src/test/resources/kubehunter-dd-findings.json @@ -6,9 +6,7 @@ "severity": "Low", "date": "2020-04-15", "unique_id_from_tool": "df9afbb5-f0c4-475b-a0e5-e3635c55917a", - "endpoints": [ - "tcp://10.1.0.1" - ] + "endpoints": ["tcp://10.1.0.1"] }, { "title": "CAP_NET_RAW Enabled", @@ -16,9 +14,7 @@ "severity": "Low", "date": "2020-04-16", "unique_id_from_tool": "341ad0c8-0f3b-47ff-9b89-83d4a7e121f7", - "endpoints": [ - "tcp://10.1.0.1" - ] + "endpoints": ["tcp://10.1.0.1"] }, { "title": "Access to pod's secrets", @@ -26,9 +22,7 @@ "severity": "Low", "date": "2020-04-17", "unique_id_from_tool": "eb0c75cf-beef-4fd8-b2ed-6e46a5afa1bc", - "endpoints": [ - "tcp://10.1.0.1" - ] + "endpoints": ["tcp://10.1.0.1"] } ] } diff --git a/hooks/persistence-elastic/dashboard-importer/dashboards/daily-summary.json b/hooks/persistence-elastic/dashboard-importer/dashboards/daily-summary.json index 08fd680b05..9855da9093 100644 --- a/hooks/persistence-elastic/dashboard-importer/dashboards/daily-summary.json +++ b/hooks/persistence-elastic/dashboard-importer/dashboards/daily-summary.json @@ -298,4 +298,4 @@ } } ] -} \ No newline at end of file +} diff --git a/hooks/persistence-elastic/dashboard-importer/dashboards/nikto-overview.json b/hooks/persistence-elastic/dashboard-importer/dashboards/nikto-overview.json index 92c19f7630..be806f72fe 100644 --- a/hooks/persistence-elastic/dashboard-importer/dashboards/nikto-overview.json +++ b/hooks/persistence-elastic/dashboard-importer/dashboards/nikto-overview.json @@ -199,4 +199,4 @@ } } ] -} \ No newline at end of file +} diff --git a/hooks/persistence-elastic/dashboard-importer/dashboards/portscan-overview.json b/hooks/persistence-elastic/dashboard-importer/dashboards/portscan-overview.json index 20d422e84e..3df6c22c48 100644 --- a/hooks/persistence-elastic/dashboard-importer/dashboards/portscan-overview.json +++ b/hooks/persistence-elastic/dashboard-importer/dashboards/portscan-overview.json @@ -205,4 +205,4 @@ } } ] -} \ No newline at end of file +} diff --git a/hooks/persistence-elastic/dashboard-importer/dashboards/ssh-overview.json b/hooks/persistence-elastic/dashboard-importer/dashboards/ssh-overview.json index fe296047d2..729c0c8749 100644 --- a/hooks/persistence-elastic/dashboard-importer/dashboards/ssh-overview.json +++ b/hooks/persistence-elastic/dashboard-importer/dashboards/ssh-overview.json @@ -4,9 +4,7 @@ { "id": "271ddac0-98d7-11ea-890b-7db8819c4f5b", "type": "dashboard", - "namespaces": [ - "scbv2-demo" - ], + "namespaces": ["scbv2-demo"], "updated_at": "2020-07-24T06:44:05.331Z", "version": "WzE5MDYsMV0=", "attributes": { @@ -106,9 +104,7 @@ { "id": "eea6d510-98cd-11ea-890b-7db8819c4f5b", "type": "visualization", - "namespaces": [ - "scbv2-demo" - ], + "namespaces": ["scbv2-demo"], "updated_at": "2020-07-24T06:32:17.680Z", "version": "WzE4NDYsMV0=", "attributes": { @@ -145,9 +141,7 @@ { "id": "12ee70d0-98cf-11ea-890b-7db8819c4f5b", "type": "visualization", - "namespaces": [ - "scbv2-demo" - ], + "namespaces": ["scbv2-demo"], "updated_at": "2020-07-24T06:32:17.680Z", "version": "WzE4MzcsMV0=", "attributes": { @@ -189,9 +183,7 @@ { "id": "f9e53480-98d7-11ea-890b-7db8819c4f5b", "type": "visualization", - "namespaces": [ - "scbv2-demo" - ], + "namespaces": ["scbv2-demo"], "updated_at": "2020-07-24T06:32:17.680Z", "version": "WzE4NDcsMV0=", "attributes": { @@ -228,9 +220,7 @@ { "id": "be883b00-98d0-11ea-890b-7db8819c4f5b", "type": "visualization", - "namespaces": [ - "scbv2-demo" - ], + "namespaces": ["scbv2-demo"], "updated_at": "2020-07-24T06:32:17.680Z", "version": "WzE4NDksMV0=", "attributes": { @@ -257,9 +247,7 @@ { "id": "5fb07c90-98d1-11ea-890b-7db8819c4f5b", "type": "visualization", - "namespaces": [ - "scbv2-demo" - ], + "namespaces": ["scbv2-demo"], "updated_at": "2020-07-24T06:32:17.680Z", "version": "WzE4NTAsMV0=", "attributes": { @@ -296,9 +284,7 @@ { "id": "18de5700-98d2-11ea-890b-7db8819c4f5b", "type": "visualization", - "namespaces": [ - "scbv2-demo" - ], + "namespaces": ["scbv2-demo"], "updated_at": "2020-07-24T06:32:17.680Z", "version": "WzE4NDAsMV0=", "attributes": { @@ -340,9 +326,7 @@ { "id": "d1eadf10-98d8-11ea-890b-7db8819c4f5b", "type": "visualization", - "namespaces": [ - "scbv2-demo" - ], + "namespaces": ["scbv2-demo"], "updated_at": "2020-07-24T06:32:17.680Z", "version": "WzE4NTEsMV0=", "attributes": { @@ -374,9 +358,7 @@ { "id": "c83ca340-98d3-11ea-890b-7db8819c4f5b", "type": "visualization", - "namespaces": [ - "scbv2-demo" - ], + "namespaces": ["scbv2-demo"], "updated_at": "2020-07-24T06:32:17.680Z", "version": "WzE4NTIsMV0=", "attributes": { @@ -423,9 +405,7 @@ { "id": "2690e460-98d4-11ea-890b-7db8819c4f5b", "type": "visualization", - "namespaces": [ - "scbv2-demo" - ], + "namespaces": ["scbv2-demo"], "updated_at": "2020-07-24T06:32:17.680Z", "version": "WzE4NDQsMV0=", "attributes": { @@ -457,9 +437,7 @@ { "id": "65c68860-98d4-11ea-890b-7db8819c4f5b", "type": "visualization", - "namespaces": [ - "scbv2-demo" - ], + "namespaces": ["scbv2-demo"], "updated_at": "2020-07-24T06:32:17.680Z", "version": "WzE4NTMsMV0=", "attributes": { @@ -486,9 +464,7 @@ { "id": "e3736260-98d4-11ea-890b-7db8819c4f5b", "type": "visualization", - "namespaces": [ - "scbv2-demo" - ], + "namespaces": ["scbv2-demo"], "updated_at": "2020-07-24T06:32:17.680Z", "version": "WzE4NTQsMV0=", "attributes": { @@ -525,9 +501,7 @@ { "id": "3da019e0-98d5-11ea-890b-7db8819c4f5b", "type": "visualization", - "namespaces": [ - "scbv2-demo" - ], + "namespaces": ["scbv2-demo"], "updated_at": "2020-07-24T06:32:17.680Z", "version": "WzE4NTUsMV0=", "attributes": { @@ -564,9 +538,7 @@ { "id": "8f4c74f0-98d5-11ea-890b-7db8819c4f5b", "type": "visualization", - "namespaces": [ - "scbv2-demo" - ], + "namespaces": ["scbv2-demo"], "updated_at": "2020-07-24T06:32:17.680Z", "version": "WzE4NTYsMV0=", "attributes": { @@ -603,9 +575,7 @@ { "id": "086ce900-98d6-11ea-890b-7db8819c4f5b", "type": "visualization", - "namespaces": [ - "scbv2-demo" - ], + "namespaces": ["scbv2-demo"], "updated_at": "2020-07-24T06:32:17.680Z", "version": "WzE4MzQsMV0=", "attributes": { @@ -642,9 +612,7 @@ { "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", "type": "index-pattern", - "namespaces": [ - "scbv2-demo" - ], + "namespaces": ["scbv2-demo"], "updated_at": "2020-07-24T06:32:17.680Z", "version": "WzE4MjEsMV0=", "attributes": { @@ -659,4 +627,4 @@ } } ] -} \ No newline at end of file +} diff --git a/hooks/persistence-elastic/dashboard-importer/dashboards/subdomain-overview.json b/hooks/persistence-elastic/dashboard-importer/dashboards/subdomain-overview.json index 53e6ab16a6..4cd9226ca3 100644 --- a/hooks/persistence-elastic/dashboard-importer/dashboards/subdomain-overview.json +++ b/hooks/persistence-elastic/dashboard-importer/dashboards/subdomain-overview.json @@ -195,9 +195,7 @@ "updated_at": "2020-10-07T06:45:26.362Z", "version": "Wzc3LDFd", "attributes": { - "columns": [ - "_source" - ], + "columns": ["_source"], "description": "", "hits": 0, "kibanaSavedObjectMeta": { @@ -244,4 +242,4 @@ } } ] -} \ No newline at end of file +} diff --git a/hooks/persistence-elastic/dashboard-importer/dashboards/tls-ssl-overview.json b/hooks/persistence-elastic/dashboard-importer/dashboards/tls-ssl-overview.json index ecbb9f7559..6324c45cb7 100644 --- a/hooks/persistence-elastic/dashboard-importer/dashboards/tls-ssl-overview.json +++ b/hooks/persistence-elastic/dashboard-importer/dashboards/tls-ssl-overview.json @@ -390,9 +390,7 @@ "updated_at": "2020-10-07T06:56:04.257Z", "version": "WzEwOCwxXQ==", "attributes": { - "columns": [ - "_source" - ], + "columns": ["_source"], "description": "", "hits": 0, "kibanaSavedObjectMeta": { @@ -429,4 +427,4 @@ } } ] -} \ No newline at end of file +} diff --git a/hooks/persistence-elastic/dashboard-importer/dashboards/wordpress-overview.json b/hooks/persistence-elastic/dashboard-importer/dashboards/wordpress-overview.json index 63d9d3bb64..1c2cb02aca 100644 --- a/hooks/persistence-elastic/dashboard-importer/dashboards/wordpress-overview.json +++ b/hooks/persistence-elastic/dashboard-importer/dashboards/wordpress-overview.json @@ -215,4 +215,4 @@ } } ] -} \ No newline at end of file +} diff --git a/hooks/persistence-elastic/dashboard-importer/dashboards/zap-overview.json b/hooks/persistence-elastic/dashboard-importer/dashboards/zap-overview.json index 97e839a8cb..8505e65991 100644 --- a/hooks/persistence-elastic/dashboard-importer/dashboards/zap-overview.json +++ b/hooks/persistence-elastic/dashboard-importer/dashboards/zap-overview.json @@ -248,4 +248,4 @@ } } ] -} \ No newline at end of file +} diff --git a/hooks/persistence-elastic/dashboard-importer/export-dashboards.sh b/hooks/persistence-elastic/dashboard-importer/export-dashboards.sh index 0d459701a2..6baa7f0dd2 100755 --- a/hooks/persistence-elastic/dashboard-importer/export-dashboards.sh +++ b/hooks/persistence-elastic/dashboard-importer/export-dashboards.sh @@ -9,7 +9,7 @@ kibanaURL=${1:-"http://localhost:5601"} exportDashboard() { local filename=$1 local id=$2 - curl ${kibanaURL}/api/kibana/dashboards/export?dashboard=${id} > ./dashboards/${filename} + curl ${kibanaURL}/api/kibana/dashboards/export?dashboard=${id} >./dashboards/${filename} } exportDashboard "daily-summary.json" "34c734b0-6e79-11ea-bdc0-35f8aa7c4664" diff --git a/hooks/persistence-elastic/dashboard-importer/import-dashboards.sh b/hooks/persistence-elastic/dashboard-importer/import-dashboards.sh index 3a95a99ee9..dcfd97b54a 100755 --- a/hooks/persistence-elastic/dashboard-importer/import-dashboards.sh +++ b/hooks/persistence-elastic/dashboard-importer/import-dashboards.sh @@ -2,20 +2,20 @@ # # SPDX-License-Identifier: Apache-2.0 - #!/usr/bin/env bash +#!/usr/bin/env bash kibanaURL=${KIBANA_URL:-"http://localhost:5601"} -echo "Waiting until kibana becomes availible" +echo "Waiting until kibana becomes available" until $(curl --output /dev/null --silent --head --fail ${kibanaURL}); do - printf '.' - sleep 5 + printf '.' + sleep 5 done echo "" -echo "Kibana is availible" +echo "Kibana is available" for filename in ./dashboards/*.json; do - echo "Importing dashboard '${filename}'" - curl -i -H "Content-Type: application/json" -H "kbn-xsrf: reporting" -X POST --data @${filename} ${kibanaURL}/api/kibana/dashboards/import - echo -e "\n\n" + echo "Importing dashboard '${filename}'" + curl -i -H "Content-Type: application/json" -H "kbn-xsrf: reporting" -X POST --data @${filename} ${kibanaURL}/api/kibana/dashboards/import + echo -e "\n\n" done diff --git a/operator/Chart.yaml b/operator/Chart.yaml index f567bc71a7..4e08183baf 100644 --- a/operator/Chart.yaml +++ b/operator/Chart.yaml @@ -158,7 +158,7 @@ annotations: - name: Homepage url: https://www.securecodebox.io - name: iteratec GmbH - url: https://www.iteratec.com + url: https://www.iteratec.com artifacthub.io/operator: "true" artifacthub.io/operatorCapabilities: Seamless Upgrades artifacthub.io/prerelease: "false" diff --git a/operator/Dockerfile b/operator/Dockerfile index 72f7c054f3..d6ffda77a4 100644 --- a/operator/Dockerfile +++ b/operator/Dockerfile @@ -27,7 +27,7 @@ RUN CGO_ENABLED=0 go build -a -o manager main.go # Refer to https://github.com/GoogleContainerTools/distroless for more details FROM gcr.io/distroless/static:nonroot -ENV VERSION=unkown +ENV VERSION=unknown ENV TELEMETRY_ENABLED "true" WORKDIR / diff --git a/operator/config/crd/kustomization.yaml b/operator/config/crd/kustomization.yaml index 5f3e625579..d527ecae61 100644 --- a/operator/config/crd/kustomization.yaml +++ b/operator/config/crd/kustomization.yaml @@ -6,12 +6,12 @@ # since it depends on service name and namespace that are out of this kustomize package. # It should be run by config/default resources: -- bases/execution.securecodebox.io_scans.yaml -- bases/execution.securecodebox.io_scantypes.yaml -- bases/execution.securecodebox.io_parsedefinitions.yaml -- bases/execution.securecodebox.io_scancompletionhooks.yaml -- bases/cascading.securecodebox.io_cascadingrules.yaml -- bases/execution.securecodebox.io_scheduledscans.yaml + - bases/execution.securecodebox.io_scans.yaml + - bases/execution.securecodebox.io_scantypes.yaml + - bases/execution.securecodebox.io_parsedefinitions.yaml + - bases/execution.securecodebox.io_scancompletionhooks.yaml + - bases/cascading.securecodebox.io_cascadingrules.yaml + - bases/execution.securecodebox.io_scheduledscans.yaml #+kubebuilder:scaffold:crdkustomizeresource patchesStrategicMerge: @@ -37,4 +37,4 @@ patchesStrategicMerge: # the following config is for teaching kustomize how to do kustomization for CRDs. configurations: -- kustomizeconfig.yaml + - kustomizeconfig.yaml diff --git a/operator/config/crd/kustomizeconfig.yaml b/operator/config/crd/kustomizeconfig.yaml index b30e04dec3..8dd4fc814a 100644 --- a/operator/config/crd/kustomizeconfig.yaml +++ b/operator/config/crd/kustomizeconfig.yaml @@ -4,20 +4,20 @@ # This file is for teaching kustomize how to substitute name and namespace reference in CRD nameReference: -- kind: Service - version: v1 - fieldSpecs: - - kind: CustomResourceDefinition + - kind: Service version: v1 - group: apiextensions.k8s.io - path: spec/conversion/webhook/clientConfig/service/name + fieldSpecs: + - kind: CustomResourceDefinition + version: v1 + group: apiextensions.k8s.io + path: spec/conversion/webhook/clientConfig/service/name namespace: -- kind: CustomResourceDefinition - version: v1 - group: apiextensions.k8s.io - path: spec/conversion/webhook/clientConfig/service/namespace - create: false + - kind: CustomResourceDefinition + version: v1 + group: apiextensions.k8s.io + path: spec/conversion/webhook/clientConfig/service/namespace + create: false varReference: -- path: metadata/annotations + - path: metadata/annotations diff --git a/operator/config/default/kustomization.yaml b/operator/config/default/kustomization.yaml index 47e9f355cb..13dc63b1ea 100644 --- a/operator/config/default/kustomization.yaml +++ b/operator/config/default/kustomization.yaml @@ -17,9 +17,9 @@ namePrefix: operator- # someName: someValue bases: -- ../crd -- ../rbac -- ../manager + - ../crd + - ../rbac + - ../manager # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml #- ../webhook @@ -29,10 +29,10 @@ bases: #- ../prometheus patchesStrategicMerge: -# Protect the /metrics endpoint by putting it behind auth. -# If you want your controller-manager to expose the /metrics -# endpoint w/o any authn/z, please comment the following line. -- manager_auth_proxy_patch.yaml + # Protect the /metrics endpoint by putting it behind auth. + # If you want your controller-manager to expose the /metrics + # endpoint w/o any authn/z, please comment the following line. + - manager_auth_proxy_patch.yaml # Mount the controller config file for loading manager configurations # through a ComponentConfig type diff --git a/operator/config/default/manager_auth_proxy_patch.yaml b/operator/config/default/manager_auth_proxy_patch.yaml index 9c7ddba2b1..32b43c2942 100644 --- a/operator/config/default/manager_auth_proxy_patch.yaml +++ b/operator/config/default/manager_auth_proxy_patch.yaml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -# This patch inject a sidecar container which is a HTTP proxy for the +# This patch inject a sidecar container which is a HTTP proxy for the # controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. apiVersion: apps/v1 kind: Deployment @@ -13,18 +13,18 @@ spec: template: spec: containers: - - name: kube-rbac-proxy - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 - args: - - "--secure-listen-address=0.0.0.0:8443" - - "--upstream=http://127.0.0.1:8080/" - - "--logtostderr=true" - - "--v=10" - ports: - - containerPort: 8443 - name: https - - name: manager - args: - - "--health-probe-bind-address=:8081" - - "--metrics-bind-address=127.0.0.1:8080" - - "--leader-elect" + - name: kube-rbac-proxy + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 + args: + - "--secure-listen-address=0.0.0.0:8443" + - "--upstream=http://127.0.0.1:8080/" + - "--logtostderr=true" + - "--v=10" + ports: + - containerPort: 8443 + name: https + - name: manager + args: + - "--health-probe-bind-address=:8081" + - "--metrics-bind-address=127.0.0.1:8080" + - "--leader-elect" diff --git a/operator/config/default/manager_config_patch.yaml b/operator/config/default/manager_config_patch.yaml index b6a879aa46..5e13c8a0e8 100644 --- a/operator/config/default/manager_config_patch.yaml +++ b/operator/config/default/manager_config_patch.yaml @@ -11,14 +11,14 @@ spec: template: spec: containers: - - name: manager - args: - - "--config=controller_manager_config.yaml" - volumeMounts: - - name: manager-config - mountPath: /controller_manager_config.yaml - subPath: controller_manager_config.yaml + - name: manager + args: + - "--config=controller_manager_config.yaml" + volumeMounts: + - name: manager-config + mountPath: /controller_manager_config.yaml + subPath: controller_manager_config.yaml volumes: - - name: manager-config - configMap: - name: manager-config + - name: manager-config + configMap: + name: manager-config diff --git a/operator/config/manager/kustomization.yaml b/operator/config/manager/kustomization.yaml index c2c33660fb..d455579b11 100644 --- a/operator/config/manager/kustomization.yaml +++ b/operator/config/manager/kustomization.yaml @@ -3,12 +3,12 @@ # SPDX-License-Identifier: Apache-2.0 resources: -- manager.yaml + - manager.yaml generatorOptions: disableNameSuffixHash: true configMapGenerator: -- name: manager-config - files: - - controller_manager_config.yaml + - name: manager-config + files: + - controller_manager_config.yaml diff --git a/operator/config/manager/manager.yaml b/operator/config/manager/manager.yaml index 65a92e0831..99f4b25737 100644 --- a/operator/config/manager/manager.yaml +++ b/operator/config/manager/manager.yaml @@ -29,32 +29,32 @@ spec: securityContext: runAsNonRoot: true containers: - - command: - - /manager - args: - - --leader-elect - image: controller:latest - name: manager - securityContext: - allowPrivilegeEscalation: false - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - limits: - cpu: 100m - memory: 30Mi - requests: - cpu: 100m - memory: 20Mi + - command: + - /manager + args: + - --leader-elect + image: controller:latest + name: manager + securityContext: + allowPrivilegeEscalation: false + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 100m + memory: 30Mi + requests: + cpu: 100m + memory: 20Mi serviceAccountName: controller-manager terminationGracePeriodSeconds: 10 diff --git a/operator/config/prometheus/kustomization.yaml b/operator/config/prometheus/kustomization.yaml index aaba225dbd..11af4f65da 100644 --- a/operator/config/prometheus/kustomization.yaml +++ b/operator/config/prometheus/kustomization.yaml @@ -3,4 +3,4 @@ # SPDX-License-Identifier: Apache-2.0 resources: -- monitor.yaml + - monitor.yaml diff --git a/operator/config/rbac/auth_proxy_client_clusterrole.yaml b/operator/config/rbac/auth_proxy_client_clusterrole.yaml index 6d63201ce6..563155ec7f 100644 --- a/operator/config/rbac/auth_proxy_client_clusterrole.yaml +++ b/operator/config/rbac/auth_proxy_client_clusterrole.yaml @@ -7,7 +7,7 @@ kind: ClusterRole metadata: name: metrics-reader rules: -- nonResourceURLs: - - "/metrics" - verbs: - - get + - nonResourceURLs: + - "/metrics" + verbs: + - get diff --git a/operator/config/rbac/auth_proxy_role.yaml b/operator/config/rbac/auth_proxy_role.yaml index 5ec88dcca4..fda97db057 100644 --- a/operator/config/rbac/auth_proxy_role.yaml +++ b/operator/config/rbac/auth_proxy_role.yaml @@ -7,15 +7,15 @@ kind: ClusterRole metadata: name: proxy-role rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create diff --git a/operator/config/rbac/auth_proxy_role_binding.yaml b/operator/config/rbac/auth_proxy_role_binding.yaml index 1d52aa5c7c..7a3b7242de 100644 --- a/operator/config/rbac/auth_proxy_role_binding.yaml +++ b/operator/config/rbac/auth_proxy_role_binding.yaml @@ -11,6 +11,6 @@ roleRef: kind: ClusterRole name: proxy-role subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system + - kind: ServiceAccount + name: controller-manager + namespace: system diff --git a/operator/config/rbac/auth_proxy_service.yaml b/operator/config/rbac/auth_proxy_service.yaml index 019cc18dc9..dbb1a72b43 100644 --- a/operator/config/rbac/auth_proxy_service.yaml +++ b/operator/config/rbac/auth_proxy_service.yaml @@ -11,8 +11,8 @@ metadata: namespace: system spec: ports: - - name: https - port: 8443 - targetPort: https + - name: https + port: 8443 + targetPort: https selector: control-plane: controller-manager diff --git a/operator/config/rbac/cascadingrule_editor_role.yaml b/operator/config/rbac/cascadingrule_editor_role.yaml index e365d6021e..487dcdb21e 100644 --- a/operator/config/rbac/cascadingrule_editor_role.yaml +++ b/operator/config/rbac/cascadingrule_editor_role.yaml @@ -8,21 +8,21 @@ kind: ClusterRole metadata: name: cascadingrule-editor-role rules: -- apiGroups: - - cascading.securecodebox.io - resources: - - cascadingrules - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - cascading.securecodebox.io - resources: - - cascadingrules/status - verbs: - - get + - apiGroups: + - cascading.securecodebox.io + resources: + - cascadingrules + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - cascading.securecodebox.io + resources: + - cascadingrules/status + verbs: + - get diff --git a/operator/config/rbac/cascadingrule_viewer_role.yaml b/operator/config/rbac/cascadingrule_viewer_role.yaml index f8c5e82949..7723fd6513 100644 --- a/operator/config/rbac/cascadingrule_viewer_role.yaml +++ b/operator/config/rbac/cascadingrule_viewer_role.yaml @@ -8,17 +8,17 @@ kind: ClusterRole metadata: name: cascadingrule-viewer-role rules: -- apiGroups: - - cascading.securecodebox.io - resources: - - cascadingrules - verbs: - - get - - list - - watch -- apiGroups: - - cascading.securecodebox.io - resources: - - cascadingrules/status - verbs: - - get + - apiGroups: + - cascading.securecodebox.io + resources: + - cascadingrules + verbs: + - get + - list + - watch + - apiGroups: + - cascading.securecodebox.io + resources: + - cascadingrules/status + verbs: + - get diff --git a/operator/config/rbac/kustomization.yaml b/operator/config/rbac/kustomization.yaml index dc31a5d2fb..ce0e1a4157 100644 --- a/operator/config/rbac/kustomization.yaml +++ b/operator/config/rbac/kustomization.yaml @@ -3,20 +3,20 @@ # SPDX-License-Identifier: Apache-2.0 resources: -# All RBAC will be applied under this service account in -# the deployment namespace. You may comment out this resource -# if your manager will use a service account that exists at -# runtime. Be sure to update RoleBinding and ClusterRoleBinding -# subjects if changing service account names. -- service_account.yaml -- role.yaml -- role_binding.yaml -- leader_election_role.yaml -- leader_election_role_binding.yaml -# Comment the following 4 lines if you want to disable -# the auth proxy (https://github.com/brancz/kube-rbac-proxy) -# which protects your /metrics endpoint. -- auth_proxy_service.yaml -- auth_proxy_role.yaml -- auth_proxy_role_binding.yaml -- auth_proxy_client_clusterrole.yaml + # All RBAC will be applied under this service account in + # the deployment namespace. You may comment out this resource + # if your manager will use a service account that exists at + # runtime. Be sure to update RoleBinding and ClusterRoleBinding + # subjects if changing service account names. + - service_account.yaml + - role.yaml + - role_binding.yaml + - leader_election_role.yaml + - leader_election_role_binding.yaml + # Comment the following 4 lines if you want to disable + # the auth proxy (https://github.com/brancz/kube-rbac-proxy) + # which protects your /metrics endpoint. + - auth_proxy_service.yaml + - auth_proxy_role.yaml + - auth_proxy_role_binding.yaml + - auth_proxy_client_clusterrole.yaml diff --git a/operator/config/rbac/leader_election_role.yaml b/operator/config/rbac/leader_election_role.yaml index 6efd65a7d3..35ee462bcc 100644 --- a/operator/config/rbac/leader_election_role.yaml +++ b/operator/config/rbac/leader_election_role.yaml @@ -8,34 +8,34 @@ kind: Role metadata: name: leader-election-role rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch diff --git a/operator/config/rbac/leader_election_role_binding.yaml b/operator/config/rbac/leader_election_role_binding.yaml index ddd50b6ca2..87d45b3105 100644 --- a/operator/config/rbac/leader_election_role_binding.yaml +++ b/operator/config/rbac/leader_election_role_binding.yaml @@ -11,6 +11,6 @@ roleRef: kind: Role name: leader-election-role subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system + - kind: ServiceAccount + name: controller-manager + namespace: system diff --git a/operator/config/rbac/parsedefinition_editor_role.yaml b/operator/config/rbac/parsedefinition_editor_role.yaml index a6468109ba..e3bbe6ad24 100644 --- a/operator/config/rbac/parsedefinition_editor_role.yaml +++ b/operator/config/rbac/parsedefinition_editor_role.yaml @@ -8,21 +8,21 @@ kind: ClusterRole metadata: name: parsedefinition-editor-role rules: -- apiGroups: - - execution.securecodebox.io - resources: - - parsedefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - execution.securecodebox.io - resources: - - parsedefinitions/status - verbs: - - get + - apiGroups: + - execution.securecodebox.io + resources: + - parsedefinitions + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - execution.securecodebox.io + resources: + - parsedefinitions/status + verbs: + - get diff --git a/operator/config/rbac/parsedefinition_viewer_role.yaml b/operator/config/rbac/parsedefinition_viewer_role.yaml index ffd2cb7348..4bc72d0428 100644 --- a/operator/config/rbac/parsedefinition_viewer_role.yaml +++ b/operator/config/rbac/parsedefinition_viewer_role.yaml @@ -8,17 +8,17 @@ kind: ClusterRole metadata: name: parsedefinition-viewer-role rules: -- apiGroups: - - execution.securecodebox.io - resources: - - parsedefinitions - verbs: - - get - - list - - watch -- apiGroups: - - execution.securecodebox.io - resources: - - parsedefinitions/status - verbs: - - get + - apiGroups: + - execution.securecodebox.io + resources: + - parsedefinitions + verbs: + - get + - list + - watch + - apiGroups: + - execution.securecodebox.io + resources: + - parsedefinitions/status + verbs: + - get diff --git a/operator/config/rbac/role_binding.yaml b/operator/config/rbac/role_binding.yaml index aa7e8255ed..2a3c402cee 100644 --- a/operator/config/rbac/role_binding.yaml +++ b/operator/config/rbac/role_binding.yaml @@ -11,6 +11,6 @@ roleRef: kind: ClusterRole name: manager-role subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system + - kind: ServiceAccount + name: controller-manager + namespace: system diff --git a/operator/config/rbac/scan_editor_role.yaml b/operator/config/rbac/scan_editor_role.yaml index f084311de9..a5e1b07573 100644 --- a/operator/config/rbac/scan_editor_role.yaml +++ b/operator/config/rbac/scan_editor_role.yaml @@ -8,21 +8,21 @@ kind: ClusterRole metadata: name: scan-editor-role rules: -- apiGroups: - - execution.securecodebox.io - resources: - - scans - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - execution.securecodebox.io - resources: - - scans/status - verbs: - - get + - apiGroups: + - execution.securecodebox.io + resources: + - scans + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - execution.securecodebox.io + resources: + - scans/status + verbs: + - get diff --git a/operator/config/rbac/scan_viewer_role.yaml b/operator/config/rbac/scan_viewer_role.yaml index 5d7ef5bed5..9301ae9b61 100644 --- a/operator/config/rbac/scan_viewer_role.yaml +++ b/operator/config/rbac/scan_viewer_role.yaml @@ -8,17 +8,17 @@ kind: ClusterRole metadata: name: scan-viewer-role rules: -- apiGroups: - - execution.securecodebox.io - resources: - - scans - verbs: - - get - - list - - watch -- apiGroups: - - execution.securecodebox.io - resources: - - scans/status - verbs: - - get + - apiGroups: + - execution.securecodebox.io + resources: + - scans + verbs: + - get + - list + - watch + - apiGroups: + - execution.securecodebox.io + resources: + - scans/status + verbs: + - get diff --git a/operator/config/rbac/scancompletionhook_editor_role.yaml b/operator/config/rbac/scancompletionhook_editor_role.yaml index b4aeede228..f24ca2b342 100644 --- a/operator/config/rbac/scancompletionhook_editor_role.yaml +++ b/operator/config/rbac/scancompletionhook_editor_role.yaml @@ -8,21 +8,21 @@ kind: ClusterRole metadata: name: scancompletionhook-editor-role rules: -- apiGroups: - - execution.securecodebox.io - resources: - - scancompletionhooks - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - execution.securecodebox.io - resources: - - scancompletionhooks/status - verbs: - - get + - apiGroups: + - execution.securecodebox.io + resources: + - scancompletionhooks + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - execution.securecodebox.io + resources: + - scancompletionhooks/status + verbs: + - get diff --git a/operator/config/rbac/scancompletionhook_viewer_role.yaml b/operator/config/rbac/scancompletionhook_viewer_role.yaml index 4b2ee56528..5d33eb6c85 100644 --- a/operator/config/rbac/scancompletionhook_viewer_role.yaml +++ b/operator/config/rbac/scancompletionhook_viewer_role.yaml @@ -8,17 +8,17 @@ kind: ClusterRole metadata: name: scancompletionhook-viewer-role rules: -- apiGroups: - - execution.securecodebox.io - resources: - - scancompletionhooks - verbs: - - get - - list - - watch -- apiGroups: - - execution.securecodebox.io - resources: - - scancompletionhooks/status - verbs: - - get + - apiGroups: + - execution.securecodebox.io + resources: + - scancompletionhooks + verbs: + - get + - list + - watch + - apiGroups: + - execution.securecodebox.io + resources: + - scancompletionhooks/status + verbs: + - get diff --git a/operator/config/rbac/scantype_editor_role.yaml b/operator/config/rbac/scantype_editor_role.yaml index 3cc7613a67..53ed4ac2b6 100644 --- a/operator/config/rbac/scantype_editor_role.yaml +++ b/operator/config/rbac/scantype_editor_role.yaml @@ -8,21 +8,21 @@ kind: ClusterRole metadata: name: scantype-editor-role rules: -- apiGroups: - - execution.securecodebox.io - resources: - - scantypes - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - execution.securecodebox.io - resources: - - scantypes/status - verbs: - - get + - apiGroups: + - execution.securecodebox.io + resources: + - scantypes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - execution.securecodebox.io + resources: + - scantypes/status + verbs: + - get diff --git a/operator/config/rbac/scantype_viewer_role.yaml b/operator/config/rbac/scantype_viewer_role.yaml index 917a64bea7..eac6ba3875 100644 --- a/operator/config/rbac/scantype_viewer_role.yaml +++ b/operator/config/rbac/scantype_viewer_role.yaml @@ -8,17 +8,17 @@ kind: ClusterRole metadata: name: scantype-viewer-role rules: -- apiGroups: - - execution.securecodebox.io - resources: - - scantypes - verbs: - - get - - list - - watch -- apiGroups: - - execution.securecodebox.io - resources: - - scantypes/status - verbs: - - get + - apiGroups: + - execution.securecodebox.io + resources: + - scantypes + verbs: + - get + - list + - watch + - apiGroups: + - execution.securecodebox.io + resources: + - scantypes/status + verbs: + - get diff --git a/operator/config/rbac/scheduledscan_editor_role.yaml b/operator/config/rbac/scheduledscan_editor_role.yaml index 1f182e57af..2237f02799 100644 --- a/operator/config/rbac/scheduledscan_editor_role.yaml +++ b/operator/config/rbac/scheduledscan_editor_role.yaml @@ -8,21 +8,21 @@ kind: ClusterRole metadata: name: scheduledscan-editor-role rules: -- apiGroups: - - execution.securecodebox.io - resources: - - scheduledscans - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - execution.securecodebox.io - resources: - - scheduledscans/status - verbs: - - get + - apiGroups: + - execution.securecodebox.io + resources: + - scheduledscans + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - execution.securecodebox.io + resources: + - scheduledscans/status + verbs: + - get diff --git a/operator/config/rbac/scheduledscan_viewer_role.yaml b/operator/config/rbac/scheduledscan_viewer_role.yaml index 3387642230..9772f30875 100644 --- a/operator/config/rbac/scheduledscan_viewer_role.yaml +++ b/operator/config/rbac/scheduledscan_viewer_role.yaml @@ -8,17 +8,17 @@ kind: ClusterRole metadata: name: scheduledscan-viewer-role rules: -- apiGroups: - - execution.securecodebox.io - resources: - - scheduledscans - verbs: - - get - - list - - watch -- apiGroups: - - execution.securecodebox.io - resources: - - scheduledscans/status - verbs: - - get + - apiGroups: + - execution.securecodebox.io + resources: + - scheduledscans + verbs: + - get + - list + - watch + - apiGroups: + - execution.securecodebox.io + resources: + - scheduledscans/status + verbs: + - get diff --git a/operator/controllers/execution/scans/parse_reconciler.go b/operator/controllers/execution/scans/parse_reconciler.go index 418b2e6cc6..5fc7d72b4e 100644 --- a/operator/controllers/execution/scans/parse_reconciler.go +++ b/operator/controllers/execution/scans/parse_reconciler.go @@ -182,7 +182,7 @@ func (r *ScanReconciler) startParser(scan *executionv1.Scan) error { parseDefinition.Spec.Volumes..., ) - // Set affinity based on scan, if defined, or parseDefinition if not overriden by scan + // Set affinity based on scan, if defined, or parseDefinition if not overridden by scan if scan.Spec.Affinity != nil { job.Spec.Template.Spec.Affinity = scan.Spec.Affinity } else { diff --git a/operator/controllers/execution/scans/scan_reconciler.go b/operator/controllers/execution/scans/scan_reconciler.go index 3a9990b805..2a7287fe35 100644 --- a/operator/controllers/execution/scans/scan_reconciler.go +++ b/operator/controllers/execution/scans/scan_reconciler.go @@ -185,7 +185,7 @@ func (r *ScanReconciler) constructJobForScan(scan *executionv1.Scan, scanType *e Spec: *scanType.Spec.JobTemplate.Spec.DeepCopy(), } - //add recommened kubernetes "managed by" label, to tell the SCB container autodiscovery to ignore the scan pod + //add recommend kubernetes "managed by" label, to tell the SCB container autodiscovery to ignore the scan pod podLabels := job.Spec.Template.Labels if podLabels == nil { podLabels = make(map[string]string) diff --git a/operator/crds/cascading.securecodebox.io_cascadingrules.yaml b/operator/crds/cascading.securecodebox.io_cascadingrules.yaml index 364e303db9..4023a1acd2 100644 --- a/operator/crds/cascading.securecodebox.io_cascadingrules.yaml +++ b/operator/crds/cascading.securecodebox.io_cascadingrules.yaml @@ -19,4185 +19,4752 @@ spec: singular: cascadingrule scope: Namespaced versions: - - additionalPrinterColumns: - - description: Which Scanner is started when the CascadingRule applies - jsonPath: .spec.scanSpec.scanType - name: Starts - type: string - - description: Indicates how invasive the Scanner is. Can be either 'invasive' - or 'non-invasive' - jsonPath: .metadata.labels.securecodebox\.io/invasive - name: Invasiveness - type: string - - description: Indicates how much ressource the Scanner consumes. Can be either - 'light' or 'medium' - jsonPath: .metadata.labels.securecodebox\.io/intensive - name: Intensiveness - type: string - name: v1 - schema: - openAPIV3Schema: - description: CascadingRule is the Schema for the cascadingrules API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CascadingRuleSpec defines the desired state of CascadingRule - properties: - matches: - description: Matches defines to which findings the CascadingRule should - apply - properties: - anyOf: - items: - description: MatchesRule is a generic map which is used to model - the structure of a finding for which the CascadingRule should - take effect - properties: - attributes: - additionalProperties: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - category: - type: string + - additionalPrinterColumns: + - description: Which Scanner is started when the CascadingRule applies + jsonPath: .spec.scanSpec.scanType + name: Starts + type: string + - description: + Indicates how invasive the Scanner is. Can be either 'invasive' + or 'non-invasive' + jsonPath: .metadata.labels.securecodebox\.io/invasive + name: Invasiveness + type: string + - description: + Indicates how much ressource the Scanner consumes. Can be either + 'light' or 'medium' + jsonPath: .metadata.labels.securecodebox\.io/intensive + name: Intensiveness + type: string + name: v1 + schema: + openAPIV3Schema: + description: CascadingRule is the Schema for the cascadingrules API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: CascadingRuleSpec defines the desired state of CascadingRule + properties: + matches: + description: + Matches defines to which findings the CascadingRule should + apply + properties: + anyOf: + items: description: - type: string - location: - type: string - name: - type: string - osi_layer: - type: string - severity: - type: string - type: object - type: array - type: object - scanAnnotations: - additionalProperties: - type: string - description: ScanAnnotations define additional annotations for cascading - scans - type: object - scanLabels: - additionalProperties: - type: string - description: ScanLabels define additional labels for cascading scans - type: object - scanSpec: - description: ScanSpec defines how the cascaded scan should look like - properties: - affinity: - description: 'Affinity allows to specify a node affinity, to control - on which nodes you want a scan to run. See: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/' - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for - the pod. + MatchesRule is a generic map which is used to model + the structure of a finding for which the CascadingRule should + take effect properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods - to nodes that satisfy the affinity expressions specified - by this field, but it may choose a node that violates - one or more of the expressions. The node that is most - preferred is the one with the greatest sum of weights, - i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum by iterating - through the elements of this field and adding "weight" - to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - items: - description: An empty preferred scheduling term matches - all objects with implicit weight 0 (i.e. it's a no-op). - A null preferred scheduling term matches no objects - (i.e. is also a no-op). - properties: - preference: - description: A node selector term, associated with - the corresponding weight. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. - items: + attributes: + additionalProperties: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + type: object + category: + type: string + description: + type: string + location: + type: string + name: + type: string + osi_layer: + type: string + severity: + type: string + type: object + type: array + type: object + scanAnnotations: + additionalProperties: + type: string + description: + ScanAnnotations define additional annotations for cascading + scans + type: object + scanLabels: + additionalProperties: + type: string + description: ScanLabels define additional labels for cascading scans + type: object + scanSpec: + description: ScanSpec defines how the cascaded scan should look like + properties: + affinity: + description: + "Affinity allows to specify a node affinity, to control + on which nodes you want a scan to run. See: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/" + properties: + nodeAffinity: + description: + Describes node affinity scheduling rules for + the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: + The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: + An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects + (i.e. is also a no-op). + properties: + preference: + description: + A node selector term, associated with + the corresponding weight. + properties: + matchExpressions: + description: + A list of node selector requirements + by node's labels. + items: + description: + A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + The label key that the selector + applies to. type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. - items: + operator: + description: + Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - description: Weight associated with matching the - corresponding nodeSelectorTerm, in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by - this field are not met at scheduling time, the pod will - not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point - during pod execution (e.g. due to an update), the system - may or may not try to eventually evict the pod from - its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. - The terms are ORed. - items: - description: A null or empty node selector term - matches no objects. The requirements of them are - ANDed. The TopologySelectorTerm type implements - a subset of the NodeSelectorTerm. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. - items: + values: + description: + An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: + A list of node selector requirements + by node's fields. + items: + description: + A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + The label key that the selector + applies to. type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. - items: + operator: + description: + Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - description: Describes pod affinity scheduling rules (e.g. - co-locate this pod in the same node, zone, etc. as some - other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods - to nodes that satisfy the affinity expressions specified - by this field, but it may choose a node that violates - one or more of the expressions. The node that is most - preferred is the one with the greatest sum of weights, - i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum by iterating - through the elements of this field and adding "weight" - to the sum if the node has pods which matches the corresponding - podAffinityTerm; the node(s) with the highest sum are - the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. + values: + description: + An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: type: string - values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by - this field and the ones listed in the namespaces - field. null selector and null or empty namespaces - list means "this pod's namespace". An empty - selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. + type: array + type: object + weight: + description: + Weight associated with matching the + corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: + If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from + its node. + properties: + nodeSelectorTerms: + description: + Required. A list of node selector terms. + The terms are ORed. + items: + description: + A null or empty node selector term + matches no objects. The requirements of them are + ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: + A list of node selector requirements + by node's labels. + items: + description: + A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + The label key that the selector + applies to. + type: string + operator: + description: + Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: + An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: type: string - operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: + A list of node selector requirements + by node's fields. + items: + description: + A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + The label key that the selector + applies to. + type: string + operator: + description: + Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: + An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: type: string - values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. type: object - type: object - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. - The term is applied to the union of the namespaces - listed in this field and the ones selected - by namespaceSelector. null or empty namespaces - list and null namespaceSelector means "this - pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the - pods matching the labelSelector in the specified - namespaces, where co-located is defined as - running on a node whose value of the label - with key topologyKey matches that of any node - on which any of the selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with matching the - corresponding podAffinityTerm, in the range 1-100. - format: int32 - type: integer + type: array + type: object + type: array required: - - podAffinityTerm - - weight + - nodeSelectorTerms type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by - this field are not met at scheduling time, the pod will - not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point - during pod execution (e.g. due to a pod label update), - the system may or may not try to eventually evict the - pod from its node. When there are multiple elements, - the lists of nodes corresponding to each podAffinityTerm - are intersected, i.e. all terms must be satisfied. - items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not - co-located (anti-affinity) with, where co-located - is defined as running on a node whose value of the - label with key matches that of any node - on which a pod of the set of pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + type: object + podAffinity: + description: + Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: + The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: + The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: + Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: + A label query over a set of resources, + in this case pods. properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. + matchExpressions: + description: + matchExpressions is a list + of label selector requirements. The requirements + are ANDed. items: - type: string + description: + A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: + key is the label key + that the selector applies to. + type: string + operator: + description: + operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: + values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. + matchExpressions: + description: + matchExpressions is a list + of label selector requirements. The requirements + are ANDed. items: - type: string + description: + A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: + key is the label key + that the selector applies to. + type: string + operator: + description: + operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: + values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: + namespaces: + description: + namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules - (e.g. avoid putting this pod in the same node, zone, etc. - as some other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods - to nodes that satisfy the anti-affinity expressions - specified by this field, but it may choose a node that - violates one or more of the expressions. The node that - is most preferred is the one with the greatest sum of - weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - anti-affinity expressions, etc.), compute a sum by iterating - through the elements of this field and adding "weight" - to the sum if the node has pods which matches the corresponding - podAffinityTerm; the node(s) with the highest sum are - the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. + required: + - topologyKey + type: object + weight: + description: + weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: + If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to a pod label update), + the system may or may not try to eventually evict the + pod from its node. When there are multiple elements, + the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: + Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: + A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: type: string - values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by - this field and the ones listed in the namespaces - field. null selector and null or empty namespaces - list means "this pod's namespace". An empty - selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: type: string - values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. type: object - type: object - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. - The term is applied to the union of the namespaces - listed in this field and the ones selected - by namespaceSelector. null or empty namespaces - list and null namespaceSelector means "this - pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the - pods matching the labelSelector in the specified - namespaces, where co-located is defined as - running on a node whose value of the label - with key topologyKey matches that of any node - on which any of the selected pods is running. - Empty topologyKey is not allowed. + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaces: + description: + namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: type: string - required: + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: - topologyKey - type: object - weight: - description: weight associated with matching the - corresponding podAffinityTerm, in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified - by this field are not met at scheduling time, the pod - will not be scheduled onto the node. If the anti-affinity - requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod - label update), the system may or may not try to eventually - evict the pod from its node. When there are multiple - elements, the lists of nodes corresponding to each podAffinityTerm - are intersected, i.e. all terms must be satisfied. - items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not - co-located (anti-affinity) with, where co-located - is defined as running on a node whose value of the - label with key matches that of any node - on which a pod of the set of pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + type: object + type: array + type: object + podAntiAffinity: + description: + Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, etc. + as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: + The scheduler will prefer to schedule pods + to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node that + violates one or more of the expressions. The node that + is most preferred is the one with the greatest sum of + weights, i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + anti-affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: + The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: + Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: + A label query over a set of resources, + in this case pods. properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. + matchExpressions: + description: + matchExpressions is a list + of label selector requirements. The requirements + are ANDed. items: - type: string + description: + A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: + key is the label key + that the selector applies to. + type: string + operator: + description: + operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: + values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. + matchExpressions: + description: + matchExpressions is a list + of label selector requirements. The requirements + are ANDed. items: - type: string + description: + A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: + key is the label key + that the selector applies to. + type: string + operator: + description: + operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: + values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: + namespaces: + description: + namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". - items: + required: + - topologyKey + type: object + weight: + description: + weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: + If the anti-affinity requirements specified + by this field are not met at scheduling time, the pod + will not be scheduled onto the node. If the anti-affinity + requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod + label update), the system may or may not try to eventually + evict the pod from its node. When there are multiple + elements, the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: + Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: + A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaces: + description: + namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. + required: + - topologyKey + type: object + type: array + type: object + type: object + cascades: + description: + CascadeSpec describes how and when cascading scans + should be generated. + properties: + inheritAffinity: + default: true + description: + InheritAffinity defines whether cascading scans + should inherit affinity from the parent scan. + type: boolean + inheritAnnotations: + default: true + description: + InheritAnnotations defines whether cascading + scans should inherit annotations from the parent scan + type: boolean + inheritEnv: + default: false + description: + InheritEnv defines whether cascading scans should + inherit environment variables from the parent scan + type: boolean + inheritHookSelector: + default: false + description: + InheritHookSelector defines whether cascading + scans should inherit hookSelector from the parent scan. + type: boolean + inheritInitContainers: + default: false + description: + InheritInitContainers defines whether cascading + scans should inherit initContainers from the parent scan. + Usually only useful when combined with inheritVolumes. + type: boolean + inheritLabels: + default: true + description: + InheritLabels defines whether cascading scans + should inherit labels from the parent scan + type: boolean + inheritTolerations: + default: true + description: + InheritTolerations defines whether cascading + scans should inherit tolerations from the parent scan. + type: boolean + inheritVolumes: + default: false + description: + InheritVolumes defines whether cascading scans + should inherit volumes and volume mounts from the parent + scan + type: boolean + matchExpressions: + description: + matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: + A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: + key is the label key that the selector + applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: + values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - cascades: - description: CascadeSpec describes how and when cascading scans - should be generated. - properties: - inheritAffinity: - default: true - description: InheritAffinity defines whether cascading scans - should inherit affinity from the parent scan. - type: boolean - inheritAnnotations: - default: true - description: InheritAnnotations defines whether cascading - scans should inherit annotations from the parent scan - type: boolean - inheritEnv: - default: false - description: InheritEnv defines whether cascading scans should - inherit environment variables from the parent scan - type: boolean - inheritHookSelector: - default: false - description: InheritHookSelector defines whether cascading - scans should inherit hookSelector from the parent scan. - type: boolean - inheritInitContainers: - default: false - description: InheritInitContainers defines whether cascading - scans should inherit initContainers from the parent scan. - Usually only useful when combined with inheritVolumes. - type: boolean - inheritLabels: - default: true - description: InheritLabels defines whether cascading scans - should inherit labels from the parent scan - type: boolean - inheritTolerations: - default: true - description: InheritTolerations defines whether cascading - scans should inherit tolerations from the parent scan. - type: boolean - inheritVolumes: - default: false - description: InheritVolumes defines whether cascading scans - should inherit volumes and volume mounts from the parent - scan - type: boolean - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that relates - the key and values. + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + scopeLimiter: + description: + InheritLabels defines whether cascading scans + should inherit labels from the parent scan properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, - Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If - the operator is In or NotIn, the values array must - be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced - during a strategic merge patch. + allOf: + description: + AllOf is a list of label selector requirements. + The requirements are ANDed. items: - type: string + description: + ScopeLimiterRequirement is a selector that + contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: + key is the label key that the selector + applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. + type: string + values: + description: values is an array of string values. + items: + type: string + type: array + required: + - key + - operator + - values + type: object + type: array + anyOf: + description: + AnyOf is a list of label selector requirements. + The requirements are ANDed. + items: + description: + ScopeLimiterRequirement is a selector that + contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: + key is the label key that the selector + applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. + type: string + values: + description: values is an array of string values. + items: + type: string + type: array + required: + - key + - operator + - values + type: object + type: array + noneOf: + description: + NoneOf is a list of label selector requirements. + The requirements are ANDed. + items: + description: + ScopeLimiterRequirement is a selector that + contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: + key is the label key that the selector + applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. + type: string + values: + description: values is an array of string values. + items: + type: string + type: array + required: + - key + - operator + - values + type: object type: array - required: - - key - - operator + validOnMissingRender: + default: false + description: + ValidOnMissingRender defines whether if a + templating variable is not present, that condition should + match + type: boolean type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A - single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only - "value". The requirements are ANDed. - type: object - scopeLimiter: - description: InheritLabels defines whether cascading scans - should inherit labels from the parent scan + type: object + env: + description: + Env allows to specify environment vars for the scanner + container. These will be merged will the env vars specified + for the first container of the pod defined in the ScanType + items: + description: + EnvVar represents an environment variable present + in a Container. properties: - allOf: - description: AllOf is a list of label selector requirements. - The requirements are ANDed. - items: - description: ScopeLimiterRequirement is a selector that - contains values, a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. - type: string - values: - description: values is an array of string values. - items: + name: + description: + Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: + 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. If + a variable cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced to a single + $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: + Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. type: string - type: array - required: - - key - - operator - - values - type: object - type: array - anyOf: - description: AnyOf is a list of label selector requirements. - The requirements are ANDed. - items: - description: ScopeLimiterRequirement is a selector that - contains values, a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. - type: string - values: - description: values is an array of string values. - items: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" type: string - type: array - required: + optional: + description: + Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: + "Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['']`, + `metadata.annotations['']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs." + properties: + apiVersion: + description: + Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: + Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: + "Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: + "Container name: required for volumes, + optional for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: string + required: + - resource + type: object + secretKeyRef: + description: + Selects a key of a secret in the pod's + namespace + properties: + key: + description: + The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: + Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + hookSelector: + description: + HookSelector allows to specify a LabelSelector with + which the hooks are selected. + properties: + matchExpressions: + description: + matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: + A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: + key is the label key that the selector + applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: + values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: - key - operator - - values - type: object + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + initContainers: + description: + InitContainers allows to specify init containers + for the scan container, to pre-load data into them. + items: + description: + A single application container that you want to + run within a pod. + properties: + args: + description: + 'Arguments to the entrypoint. The container + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot + be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string type: array - noneOf: - description: NoneOf is a list of label selector requirements. - The requirements are ANDed. + command: + description: + 'Entrypoint array. Not executed within a shell. + The container image''s ENTRYPOINT is used if this is not + provided. Variable references $(VAR_NAME) are expanded + using the container''s environment. If a variable cannot + be resolved, the reference in the input string will be + unchanged. Double $$ are reduced to a single $, which + allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". Escaped + references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' items: - description: ScopeLimiterRequirement is a selector that - contains values, a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. - type: string - values: - description: values is an array of string values. - items: - type: string - type: array - required: - - key - - operator - - values - type: object + type: string type: array - validOnMissingRender: - default: false - description: ValidOnMissingRender defines whether if a - templating variable is not present, that condition should - match - type: boolean - type: object - type: object - env: - description: Env allows to specify environment vars for the scanner - container. These will be merged will the env vars specified - for the first container of the pod defined in the ScanType - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in - the container and any service environment variables. If - a variable cannot be resolved, the reference in the input - string will be unchanged. Double $$ are reduced to a single - $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless - of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. + env: + description: + List of environment variables to set in the + container. Cannot be updated. + items: + description: + EnvVar represents an environment variable + present in a Container. properties: - key: - description: The key to select. - type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the pod: supports metadata.name, - metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". + description: + Name of the environment variable. Must + be a C_IDENTIFIER. type: string - fieldPath: - description: Path of the field to select in the - specified API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, requests.memory - and requests.ephemeral-storage) are currently supported.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of the - exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' + value: + description: + 'Variable references $(VAR_NAME) are + expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". Escaped + references will never be expanded, regardless of + whether the variable exists or not. Defaults to + "".' type: string + valueFrom: + description: + Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + optional: + description: + Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: + "Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['']`, + `metadata.annotations['']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs." + properties: + apiVersion: + description: + Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: + Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: + "Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported." + properties: + containerName: + description: + "Container name: required for + volumes, optional for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: string + required: + - resource + type: object + secretKeyRef: + description: + Selects a key of a secret in the + pod's namespace + properties: + key: + description: + The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + optional: + description: + Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object required: - - resource + - name type: object - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace + type: array + envFrom: + description: + List of sources to populate environment variables + in the container. The keys defined within a source must + be a C_IDENTIFIER. All invalid keys will be reported as + an event when the container is starting. When a key exists + in multiple sources, the value associated with the last + source will take precedence. Values defined by an Env + with a duplicate key will take precedence. Cannot be updated. + items: + description: + EnvFromSource represents the source of a + set of ConfigMaps properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: + Specify whether the ConfigMap must + be defined + type: boolean + type: object + prefix: + description: + An optional identifier to prepend to + each key in the ConfigMap. Must be a C_IDENTIFIER. type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key + secretRef: + description: The Secret to select from + properties: + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: + Specify whether the Secret must be + defined + type: boolean + type: object type: object - type: object - required: - - name - type: object - type: array - hookSelector: - description: HookSelector allows to specify a LabelSelector with - which the hooks are selected. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, - Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If - the operator is In or NotIn, the values array must - be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced - during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A - single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only - "value". The requirements are ANDed. - type: object - type: object - initContainers: - description: InitContainers allows to specify init containers - for the scan container, to pre-load data into them. - items: - description: A single application container that you want to - run within a pod. - properties: - args: - description: 'Arguments to the entrypoint. The container - image''s CMD is used if this is not provided. Variable - references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the reference - in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) - syntax: i.e. "$$(VAR_NAME)" will produce the string literal - "$(VAR_NAME)". Escaped references will never be expanded, - regardless of whether the variable exists or not. Cannot - be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: + type: array + image: + description: + "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets." type: string - type: array - command: - description: 'Entrypoint array. Not executed within a shell. - The container image''s ENTRYPOINT is used if this is not - provided. Variable references $(VAR_NAME) are expanded - using the container''s environment. If a variable cannot - be resolved, the reference in the input string will be - unchanged. Double $$ are reduced to a single $, which - allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". Escaped - references will never be expanded, regardless of whether - the variable exists or not. Cannot be updated. More info: - https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: + imagePullPolicy: + description: + "Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: string - type: array - env: - description: List of environment variables to set in the - container. Cannot be updated. - items: - description: EnvVar represents an environment variable - present in a Container. + lifecycle: + description: + Actions that the management system should take + in response to container lifecycle events. Cannot be updated. properties: - name: - description: Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are - expanded using the previously defined environment - variables in the container and any service environment - variables. If a variable cannot be resolved, the - reference in the input string will be unchanged. - Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". Escaped - references will never be expanded, regardless of - whether the variable exists or not. Defaults to - "".' - type: string - valueFrom: - description: Source for the environment variable's - value. Cannot be used if value is not empty. + postStart: + description: + "PostStart is called immediately after + a container is created. If the handler fails, the + container is terminated and restarted according to + its restart policy. Other management of the container + blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: + HTTPGet specifies the http request + to perform. properties: - key: - description: The key to select. + host: + description: + Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to + the host. Defaults to HTTP. type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean required: - - key + - port type: object - fieldRef: - description: 'Selects a field of the pod: supports - metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' + tcpSocket: + description: + Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of this + field and lifecycle hooks will fail in runtime + when tcp handler is specified. properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in - the specified API version. + host: + description: + "Optional: Host name to connect + to, defaults to the pod IP." type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - fieldPath + - port + type: object + type: object + preStop: + description: + "PreStop is called immediately before a + container is terminated due to an API request or management + event such as liveness/startup probe failure, preemption, + resource contention, etc. The handler is not called + if the container crashes or exits. The Pod's termination + grace period countdown begins before the PreStop hook + is executed. Regardless of the outcome of the handler, + the container will eventually terminate within the + Pod's termination grace period (unless delayed by + finalizers). Other management of the container blocks + until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array type: object - resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' + httpGet: + description: + HTTPGet specifies the http request + to perform. properties: - containerName: - description: 'Container name: required for - volumes, optional for env vars' + host: + description: + Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. type: string - divisor: + port: anyOf: - - type: integer - - type: string - description: Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' + scheme: + description: + Scheme to use for connecting to + the host. Defaults to HTTP. type: string required: - - resource + - port type: object - secretKeyRef: - description: Selects a key of a secret in the - pod's namespace + tcpSocket: + description: + Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of this + field and lifecycle hooks will fail in runtime + when tcp handler is specified. properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. + host: + description: + "Optional: Host name to connect + to, defaults to the pod IP." type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - key + - port type: object type: object - required: - - name type: object - type: array - envFrom: - description: List of sources to populate environment variables - in the container. The keys defined within a source must - be a C_IDENTIFIER. All invalid keys will be reported as - an event when the container is starting. When a key exists - in multiple sources, the value associated with the last - source will take precedence. Values defined by an Env - with a duplicate key will take precedence. Cannot be updated. - items: - description: EnvFromSource represents the source of a - set of ConfigMaps + livenessProbe: + description: + "Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: - configMapRef: - description: The ConfigMap to select from + exec: + description: Exec specifies the action to take. properties: - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap must - be defined - type: boolean + command: + description: + Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array type: object - prefix: - description: An optional identifier to prepend to - each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from + failureThreshold: + description: + Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving a GRPC + port. This is a beta field and requires enabling GRPCContainerProbe + feature gate. properties: - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + port: + description: + Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." type: string - optional: - description: Specify whether the Secret must be - defined - type: boolean - type: object - type: object - type: array - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management - to default or override container images in workload controllers - like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - lifecycle: - description: Actions that the management system should take - in response to container lifecycle events. Cannot be updated. - properties: - postStart: - description: 'PostStart is called immediately after - a container is created. If the handler fails, the - container is terminated and restarted according to - its restart policy. Other management of the container - blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') in - the container's filesystem. The command is - simply exec'd, it is not run inside a shell, - so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is - treated as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom - header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to - the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: + required: - port - type: object - type: object - preStop: - description: 'PreStop is called immediately before a - container is terminated due to an API request or management - event such as liveness/startup probe failure, preemption, - resource contention, etc. The handler is not called - if the container crashes or exits. The Pod''s termination - grace period countdown begins before the PreStop hook - is executed. Regardless of the outcome of the handler, - the container will eventually terminate within the - Pod''s termination grace period (unless delayed by - finalizers). Other management of the container blocks - until the hook completes or until the termination - grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') in - the container's filesystem. The command is - simply exec'd, it is not run inside a shell, - so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is - treated as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom - header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: + Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: - name - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to - the host. Defaults to HTTP. - type: string - required: + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: + type: object + initialDelaySeconds: + description: + "Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: + "Optional: Host name to connect to, + defaults to the pod IP." + type: string + port: + anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: - port - type: object - type: object - type: object - livenessProbe: - description: 'Periodic probe of container liveness. Container - will be restarted if the probe fails. Cannot be updated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a GRPC - port. This is a beta field and requires enabling GRPCContainerProbe - feature gate. + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + name: + description: + Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: + List of ports to expose from the container. + Exposing a port here gives the system additional information + about the network connections a container uses, but is + primarily informational. Not specifying a port here DOES + NOT prevent that port from being exposed. Any port which + is listening on the default "0.0.0.0" address inside a + container will be accessible from the network. Cannot + be updated. + items: + description: + ContainerPort represents a network port in + a single container. properties: - port: - description: Port number of the gRPC service. Number - must be in the range 1 to 65535. + containerPort: + description: + Number of port to expose on the pod's + IP address. This must be a valid port number, 0 + < x < 65536. format: int32 type: integer - service: - description: "Service is the name of the service - to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. + hostIP: + description: + What host IP to bind the external port + to. type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + hostPort: + description: + Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, this + must match ContainerPort. Most containers do not + need this. + format: int32 + type: integer + name: + description: + If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a + pod must have a unique name. Name for the port that + can be referred to by services. type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum - value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect to, - defaults to the pod IP.' + protocol: + default: TCP + description: + Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true required: - - port + - containerPort type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and - the time when the processes are forcibly halted with - a kill signal. Set this value longer than the expected - cleanup time for your process. If this value is nil, - the pod's terminationGracePeriodSeconds will be used. - Otherwise, this value overrides the value provided - by the pod spec. Value must be non-negative integer. - The value zero indicates stop immediately via the - kill signal (no opportunity to shut down). This is - a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - name: - description: Name of the container specified as a DNS_LABEL. - Each container in a pod must have a unique name (DNS_LABEL). - Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. - Exposing a port here gives the system additional information - about the network connections a container uses, but is - primarily informational. Not specifying a port here DOES - NOT prevent that port from being exposed. Any port which - is listening on the default "0.0.0.0" address inside a - container will be accessible from the network. Cannot - be updated. - items: - description: ContainerPort represents a network port in - a single container. + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: + "Periodic probe of container service readiness. + Container will be removed from service endpoints if the + probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: - containerPort: - description: Number of port to expose on the pod's - IP address. This must be a valid port number, 0 - < x < 65536. + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: + Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. format: int32 type: integer - hostIP: - description: What host IP to bind the external port - to. - type: string - hostPort: - description: Number of port to expose on the host. - If specified, this must be a valid port number, - 0 < x < 65536. If HostNetwork is specified, this - must match ContainerPort. Most containers do not - need this. - format: int32 + grpc: + description: + GRPC specifies an action involving a GRPC + port. This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: + Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: + Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: + "Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 type: integer - name: - description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in a - pod must have a unique name. Name for the port that - can be referred to by services. - type: string - protocol: - default: TCP - description: Protocol for port. Must be UDP, TCP, - or SCTP. Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. - Container will be removed from service endpoints if the - probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. - items: + periodSeconds: + description: + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: + "Optional: Host name to connect to, + defaults to the pod IP." type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a GRPC - port. This is a beta field and requires enabling GRPCContainerProbe - feature gate. - properties: - port: - description: Port number of the gRPC service. Number - must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of the service - to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + resources: + description: + "Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + properties: + limits: + additionalProperties: anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum - value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect to, - defaults to the pod IP.' - type: string - port: + description: + "Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + requests: + additionalProperties: anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and - the time when the processes are forcibly halted with - a kill signal. Set this value longer than the expected - cleanup time for your process. If this value is nil, - the pod's terminationGracePeriodSeconds will be used. - Otherwise, this value overrides the value provided - by the pod spec. Value must be non-negative integer. - The value zero indicates stop immediately via the - kill signal (no opportunity to shut down). This is - a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by this container. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of - compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - securityContext: - description: 'SecurityContext defines the security options - the container should be run with. If set, the fields of - SecurityContext override the equivalent fields of PodSecurityContext. - More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether - a process can gain more privileges than its parent - process. This bool directly controls if the no_new_privs - flag will be set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run as Privileged - 2) has CAP_SYS_ADMIN Note that this field cannot be - set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running - containers. Defaults to the default set of capabilities - granted by the container runtime. Note that this field - cannot be set when spec.os.name is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type + description: + "Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + type: object + securityContext: + description: + "SecurityContext defines the security options + the container should be run with. If set, the fields of + SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + properties: + allowPrivilegeEscalation: + description: + "AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent + process. This bool directly controls if the no_new_privs + flag will be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be + set when spec.os.name is windows." + type: boolean + capabilities: + description: + The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this field + cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: + Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: + Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: + Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: + procMount denotes the type of proc mount + to use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: + Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: + The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set + when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: + Indicates that the container must run as + a non-root user. If true, the Kubelet will validate + the image at runtime to ensure that it does not run + as UID 0 (root) and fail to start the container if + it does. If unset or false, no such validation will + be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: + The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + seLinuxOptions: + description: + The SELinux context to be applied to the + container. If unspecified, the container runtime will + allocate a random SELinux context for each container. May + also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is + windows. + properties: + level: + description: + Level is SELinux level label that applies + to the container. type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type + role: + description: + Role is a SELinux role label that applies + to the container. type: string - type: array - type: object - privileged: - description: Run container in privileged mode. Processes - in privileged containers are essentially equivalent - to root on the host. Defaults to false. Note that - this field cannot be set when spec.os.name is windows. - type: boolean - procMount: - description: procMount denotes the type of proc mount - to use for the containers. The default is DefaultProcMount - which uses the container runtime defaults for readonly - paths and masked paths. This requires the ProcMountType - feature flag to be enabled. Note that this field cannot - be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only - root filesystem. Default is false. Note that this - field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container - process. Uses runtime default if unset. May also be - set in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be set - when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run as - a non-root user. If true, the Kubelet will validate - the image at runtime to ensure that it does not run - as UID 0 (root) and fail to start the container if - it does. If unset or false, no such validation will - be performed. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container - process. Defaults to user specified in image metadata - if unspecified. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name - is windows. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to the - container. If unspecified, the container runtime will - allocate a random SELinux context for each container. May - also be set in PodSecurityContext. If set in both - SecurityContext and PodSecurityContext, the value - specified in SecurityContext takes precedence. Note - that this field cannot be set when spec.os.name is - windows. - properties: - level: - description: Level is SELinux level label that applies - to the container. - type: string - role: - description: Role is a SELinux role label that applies - to the container. - type: string - type: - description: Type is a SELinux type label that applies - to the container. - type: string - user: - description: User is a SELinux user label that applies - to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by this container. - If seccomp options are provided at both the pod & - container level, the container options override the - pod options. Note that this field cannot be set when - spec.os.name is windows. + type: + description: + Type is a SELinux type label that applies + to the container. + type: string + user: + description: + User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: + The seccomp options to use by this container. + If seccomp options are provided at both the pod & + container level, the container options override the + pod options. Note that this field cannot be set when + spec.os.name is windows. + properties: + localhostProfile: + description: + localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative to + the kubelet's configured seccomp profile location. + Must only be set if type is "Localhost". + type: string + type: + description: + "type indicates which kind of seccomp + profile will be applied. Valid options are: \n + Localhost - a profile defined in a file on the + node should be used. RuntimeDefault - the container + runtime default profile should be used. Unconfined + - no profile should be applied." + type: string + required: + - type + type: object + windowsOptions: + description: + The Windows specific settings applied to + all containers. If unspecified, the options from the + PodSecurityContext will be used. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set + when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: + GMSACredentialSpec is where the GMSA + admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec + named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: + GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: + HostProcess determines if a container + should be run as a 'Host Process' container. This + field is alpha-level and will only be honored + by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the feature + flag will result in errors when validating the + Pod. All of a Pod's containers must have the same + effective HostProcess value (it is not allowed + to have a mix of HostProcess containers and non-HostProcess + containers). In addition, if HostProcess is true + then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: + The UserName in Windows to run the + entrypoint of the container process. Defaults + to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: + "StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed + until this completes successfully. If this probe fails, + the Pod will be restarted, just as if the livenessProbe + failed. This can be used to provide different probe parameters + at the beginning of a Pod's lifecycle, when it might + take a long time to load data or warm a cache, than during + steady-state operation. This cannot be updated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: + Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving a GRPC + port. This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: + Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: + Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: + "Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: + "Optional: Host name to connect to, + defaults to the pod IP." + type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + stdin: + description: + Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, + reads from stdin in the container will always result in + EOF. Default is false. + type: boolean + stdinOnce: + description: + Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce is + set to true, stdin is opened on container start, is empty + until the first client attaches to stdin, and then remains + open and accepts data until the client disconnects, at + which time stdin is closed and remains closed until the + container is restarted. If this flag is false, a container + processes that reads from stdin will never receive an + EOF. Default is false + type: boolean + terminationMessagePath: + description: + "Optional: Path at which the file to which + the container's termination message will be written is + mounted into the container's filesystem. Message written + is intended to be brief final status, such as an assertion + failure message. Will be truncated by the node if greater + than 4096 bytes. The total message length across all containers + will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated." + type: string + terminationMessagePolicy: + description: + Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last chunk + of container log output if the termination message file + is empty and the container exited with an error. The log + output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: + Whether this container should allocate a TTY + for itself, also requires 'stdin' to be true. Default + is false. + type: boolean + volumeDevices: + description: + volumeDevices is the list of block devices + to be used by the container. + items: + description: + volumeDevice describes a mapping of a raw + block device within a container. properties: - localhostProfile: - description: localhostProfile indicates a profile - defined in a file on the node should be used. - The profile must be preconfigured on the node - to work. Must be a descending path, relative to - the kubelet's configured seccomp profile location. - Must only be set if type is "Localhost". + devicePath: + description: + devicePath is the path inside of the + container that the device will be mapped to. type: string - type: - description: "type indicates which kind of seccomp - profile will be applied. Valid options are: \n - Localhost - a profile defined in a file on the - node should be used. RuntimeDefault - the container - runtime default profile should be used. Unconfined - - no profile should be applied." + name: + description: + name must match the name of a persistentVolumeClaim + in the pod type: string required: - - type - type: object - windowsOptions: - description: The Windows specific settings applied to - all containers. If unspecified, the options from the - PodSecurityContext will be used. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be set - when spec.os.name is linux. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA - admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec - named by the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name - of the GMSA credential spec to use. - type: string - hostProcess: - description: HostProcess determines if a container - should be run as a 'Host Process' container. This - field is alpha-level and will only be honored - by components that enable the WindowsHostProcessContainers - feature flag. Setting this field without the feature - flag will result in errors when validating the - Pod. All of a Pod's containers must have the same - effective HostProcess value (it is not allowed - to have a mix of HostProcess containers and non-HostProcess - containers). In addition, if HostProcess is true - then HostNetwork must also be set to true. - type: boolean - runAsUserName: - description: The UserName in Windows to run the - entrypoint of the container process. Defaults - to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set - in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - type: string - type: object - type: object - startupProbe: - description: 'StartupProbe indicates that the Pod has successfully - initialized. If specified, no other probes are executed - until this completes successfully. If this probe fails, - the Pod will be restarted, just as if the livenessProbe - failed. This can be used to provide different probe parameters - at the beginning of a Pod''s lifecycle, when it might - take a long time to load data or warm a cache, than during - steady-state operation. This cannot be updated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. - items: - type: string - type: array + - devicePath + - name type: object - failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a GRPC - port. This is a beta field and requires enabling GRPCContainerProbe - feature gate. + type: array + volumeMounts: + description: + Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: + VolumeMount describes a mounting of a Volume + within a container. properties: - port: - description: Port number of the gRPC service. Number - must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of the service - to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." + mountPath: + description: + Path within the container at which the + volume should be mounted. Must not contain ':'. type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. + mountPropagation: + description: + mountPropagation determines how mounts + are propagated from the host to container and the + other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. + name: + description: This must match the Name of a Volume. type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + readOnly: + description: + Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to false. + type: boolean + subPath: + description: + Path within the volume from which the + container's volume should be mounted. Defaults to + "" (volume's root). type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum - value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect to, - defaults to the pod IP.' + subPathExpr: + description: + Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable + references $(VAR_NAME) are expanded using the container's + environment. Defaults to "" (volume's root). SubPathExpr + and SubPath are mutually exclusive. type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true required: - - port + - mountPath + - name type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and - the time when the processes are forcibly halted with - a kill signal. Set this value longer than the expected - cleanup time for your process. If this value is nil, - the pod's terminationGracePeriodSeconds will be used. - Otherwise, this value overrides the value provided - by the pod spec. Value must be non-negative integer. - The value zero indicates stop immediately via the - kill signal (no opportunity to shut down). This is - a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate a buffer - for stdin in the container runtime. If this is not set, - reads from stdin in the container will always result in - EOF. Default is false. - type: boolean - stdinOnce: - description: Whether the container runtime should close - the stdin channel after it has been opened by a single - attach. When stdin is true the stdin stream will remain - open across multiple attach sessions. If stdinOnce is - set to true, stdin is opened on container start, is empty - until the first client attaches to stdin, and then remains - open and accepts data until the client disconnects, at - which time stdin is closed and remains closed until the - container is restarted. If this flag is false, a container - processes that reads from stdin will never receive an - EOF. Default is false - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file to which - the container''s termination message will be written is - mounted into the container''s filesystem. Message written - is intended to be brief final status, such as an assertion - failure message. Will be truncated by the node if greater - than 4096 bytes. The total message length across all containers - will be limited to 12kb. Defaults to /dev/termination-log. - Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should - be populated. File will use the contents of terminationMessagePath - to populate the container status message on both success - and failure. FallbackToLogsOnError will use the last chunk - of container log output if the termination message file - is empty and the container exited with an error. The log - output is limited to 2048 bytes or 80 lines, whichever - is smaller. Defaults to File. Cannot be updated. - type: string - tty: - description: Whether this container should allocate a TTY - for itself, also requires 'stdin' to be true. Default - is false. - type: boolean - volumeDevices: - description: volumeDevices is the list of block devices - to be used by the container. - items: - description: volumeDevice describes a mapping of a raw - block device within a container. - properties: - devicePath: - description: devicePath is the path inside of the - container that the device will be mapped to. - type: string - name: - description: name must match the name of a persistentVolumeClaim - in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's filesystem. - Cannot be updated. - items: - description: VolumeMount describes a mounting of a Volume - within a container. - properties: - mountPath: - description: Path within the container at which the - volume should be mounted. Must not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how mounts - are propagated from the host to container and the - other way around. When not set, MountPropagationNone - is used. This field is beta in 1.10. - type: string - name: - description: This must match the Name of a Volume. + type: array + workingDir: + description: + Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + parameters: + description: All CLI parameters to configure the scan container. + items: + type: string + type: array + scanType: + description: The name of the scanType which should be started. + type: string + tolerations: + description: + Tolerations are a different way to control on which + nodes your scan is executed. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + items: + description: + The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: + Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: + Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: + Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: + TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: + Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + volumeMounts: + description: + VolumeMounts allows to specify volume mounts for + the scan container. + items: + description: + VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: + Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: + mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationNone is used. This + field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: + Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: + Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: + Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: Volumes allows to specify volumes for the scan container. + items: + description: + Volume represents a named volume in a pod that + may be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: + "awsElasticBlockStore represents an AWS Disk + resource that is attached to a kubelet's host machine + and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + properties: + fsType: + description: + 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from + compromising the machine' type: string + partition: + description: + 'partition is the partition in the volume + that you want to mount. If omitted, the default is + to mount by volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, the volume + partition for /dev/sda is "0" (or you can leave the + property empty).' + format: int32 + type: integer readOnly: - description: Mounted read-only if true, read-write - otherwise (false or unspecified). Defaults to false. + description: + "readOnly value true will force the readOnly + setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: boolean - subPath: - description: Path within the volume from which the - container's volume should be mounted. Defaults to - "" (volume's root). + volumeID: + description: + "volumeID is unique ID of the persistent + disk resource in AWS (Amazon EBS volume). More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + type: string + required: + - volumeID + type: object + azureDisk: + description: + azureDisk represents an Azure Data Disk mount + on the host and bind mount to the pod. + properties: + cachingMode: + description: + "cachingMode is the Host Caching mode: + None, Read Only, Read Write." + type: string + diskName: + description: + diskName is the Name of the data disk in + the blob storage + type: string + diskURI: + description: + diskURI is the URI of data disk in the + blob storage type: string - subPathExpr: - description: Expanded path within the volume from - which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable - references $(VAR_NAME) are expanded using the container's - environment. Defaults to "" (volume's root). SubPathExpr - and SubPath are mutually exclusive. + fsType: + description: + fsType is Filesystem type to mount. Must + be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. type: string + kind: + description: + "kind expected values are Shared: multiple + blob disks per storage account Dedicated: single + blob disk per storage account Managed: azure managed + data disk (only in managed availability set). defaults + to shared" + type: string + readOnly: + description: + readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean required: - - mountPath - - name + - diskName + - diskURI type: object - type: array - workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which might - be configured in the container image. Cannot be updated. - type: string - required: - - name - type: object - type: array - parameters: - description: All CLI parameters to configure the scan container. - items: - type: string - type: array - scanType: - description: The name of the scanType which should be started. - type: string - tolerations: - description: Tolerations are a different way to control on which - nodes your scan is executed. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ - items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . - properties: - effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. - type: string - operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. - type: string - type: object - type: array - volumeMounts: - description: VolumeMounts allows to specify volume mounts for - the scan container. - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: Path within the container at which the volume - should be mounted. Must not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how mounts are - propagated from the host to container and the other way - around. When not set, MountPropagationNone is used. This - field is beta in 1.10. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). - type: string - subPathExpr: - description: Expanded path within the volume from which - the container's volume should be mounted. Behaves similarly - to SubPath but environment variable references $(VAR_NAME) - are expanded using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath are mutually - exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: Volumes allows to specify volumes for the scan container. - items: - description: Volume represents a named volume in a pod that - may be accessed by any container in the pod. - properties: - awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - properties: - fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default is - to mount by volume name. Examples: For volume /dev/sda1, - you specify the partition as "1". Similarly, the volume - partition for /dev/sda is "0" (or you can leave the - property empty).' - format: int32 - type: integer - readOnly: - description: 'readOnly value true will force the readOnly - setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: boolean - volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: string - required: - - volumeID - type: object - azureDisk: - description: azureDisk represents an Azure Data Disk mount - on the host and bind mount to the pod. - properties: - cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' - type: string - diskName: - description: diskName is the Name of the data disk in - the blob storage - type: string - diskURI: - description: diskURI is the URI of data disk in the - blob storage - type: string - fsType: - description: fsType is Filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. - type: string - kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure managed - data disk (only in managed availability set). defaults - to shared' - type: string - readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts. - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. - properties: - readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts. - type: boolean - secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key - type: string - shareName: - description: shareName is the azure share Name - type: string - required: - - secretName - - shareName - type: object - cephfs: - description: cephFS represents a Ceph FS mount on the host - that shares a pod's lifetime - properties: - monitors: - description: 'monitors is Required: Monitors is a collection - of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - items: + azureFile: + description: + azureFile represents an Azure File Service + mount on the host and bind mount to the pod. + properties: + readOnly: + description: + readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: + secretName is the name of secret that + contains Azure Storage Account Name and Key type: string - type: array - path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default is /' - type: string - readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: boolean - secretFile: - description: 'secretFile is Optional: SecretFile is - the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - secretRef: - description: 'secretRef is Optional: SecretRef is reference - to the authentication secret for User, default is - empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - type: object - user: - description: 'user is optional: User is the rados user - name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - required: - - monitors - type: object - cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - properties: - fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: boolean - secretRef: - description: 'secretRef is optional: points to a secret - object containing parameters used to connect to OpenStack.' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + shareName: + description: shareName is the azure share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: + cephFS represents a Ceph FS mount on the host + that shares a pod's lifetime + properties: + monitors: + description: + "monitors is Required: Monitors is a collection + of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + items: type: string - type: object - volumeID: - description: 'volumeID used to identify the volume in - cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - required: - - volumeID - type: object - configMap: - description: configMap represents a configMap that should - populate this volume - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used - to set permissions on created files by default. Must - be an octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within the path - are not affected by this setting. This might be in - conflict with other options that affect the file mode, - like fsGroup, and the result can be other mode bits - set.' - format: int32 - type: integer - items: - description: items if unspecified, each key-value pair - in the Data field of the referenced ConfigMap will - be projected into the volume as a file whose name - is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If a - key is specified which is not present in the ConfigMap, - the volume setup will error unless it is marked optional. - Paths must be relative and may not contain the '..' - path or start with '..'. - items: - description: Maps a string key to a path within a - volume. + type: array + path: + description: + "path is Optional: Used as the mounted + root, rather than the full Ceph tree, default is /" + type: string + readOnly: + description: + "readOnly is Optional: Defaults to false + (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + type: boolean + secretFile: + description: + "secretFile is Optional: SecretFile is + the path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + type: string + secretRef: + description: + "secretRef is Optional: SecretRef is reference + to the authentication secret for User, default is + empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: - key: - description: key is the key to project. + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" type: string - mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal values - for mode bits. If not specified, the volume - defaultMode will be used. This might be in conflict - with other options that affect the file mode, - like fsGroup, and the result can be other mode - bits set.' - format: int32 - type: integer - path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. + type: object + user: + description: + "user is optional: User is the rados user + name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + type: string + required: + - monitors + type: object + cinder: + description: + "cinder represents a cinder volume attached + and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + properties: + fsType: + description: + 'fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: + "readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + type: boolean + secretRef: + description: + "secretRef is optional: points to a secret + object containing parameters used to connect to OpenStack." + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" type: string - required: - - key - - path type: object - type: array - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap - or its keys must be defined - type: boolean - type: object - csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). - properties: - driver: - description: driver is the name of the CSI driver that - handles this volume. Consult with your admin for the - correct name as registered in the cluster. - type: string - fsType: - description: fsType to mount. Ex. "ext4", "xfs", "ntfs". - If not provided, the empty value is passed to the - associated CSI driver which will determine the default - filesystem to apply. - type: string - nodePublishSecretRef: - description: nodePublishSecretRef is a reference to - the secret object containing sensitive information - to pass to the CSI driver to complete the CSI NodePublishVolume - and NodeUnpublishVolume calls. This field is optional, - and may be empty if no secret is required. If the - secret object contains more than one secret, all secret - references are passed. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - type: object - readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). - type: boolean - volumeAttributes: - additionalProperties: + volumeID: + description: + "volumeID used to identify the volume in + cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. Consult - your driver's documentation for supported values. - type: object - required: - - driver - type: object - downwardAPI: - description: downwardAPI represents downward API about the - pod that should populate this volume - properties: - defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits used - to set permissions on created files by default. Must - be an octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within the path - are not affected by this setting. This might be in - conflict with other options that affect the file mode, - like fsGroup, and the result can be other mode bits - set.' - format: int32 - type: integer - items: - description: Items is a list of downward API volume - file + required: + - volumeID + type: object + configMap: + description: + configMap represents a configMap that should + populate this volume + properties: + defaultMode: + description: + "defaultMode is optional: mode bits used + to set permissions on created files by default. Must + be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within the path + are not affected by this setting. This might be in + conflict with other options that affect the file mode, + like fsGroup, and the result can be other mode bits + set." + format: int32 + type: integer items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field + description: + items if unspecified, each key-value pair + in the Data field of the referenced ConfigMap will + be projected into the volume as a file whose name + is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. If a + key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. + Paths must be relative and may not contain the '..' + path or start with '..'. + items: + description: + Maps a string key to a path within a + volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode bits used + to set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal values + for mode bits. If not specified, the volume + defaultMode will be used. This might be in conflict + with other options that affect the file mode, + like fsGroup, and the result can be other mode + bits set." + format: int32 + type: integer + path: + description: + path is the relative path of the + file to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + optional: + description: + optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + csi: + description: + csi (Container Storage Interface) represents + ephemeral storage that is handled by certain external + CSI drivers (Beta feature). + properties: + driver: + description: + driver is the name of the CSI driver that + handles this volume. Consult with your admin for the + correct name as registered in the cluster. + type: string + fsType: + description: + fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the + associated CSI driver which will determine the default + filesystem to apply. + type: string + nodePublishSecretRef: + description: + nodePublishSecretRef is a reference to + the secret object containing sensitive information + to pass to the CSI driver to complete the CSI NodePublishVolume + and NodeUnpublishVolume calls. This field is optional, + and may be empty if no secret is required. If the + secret object contains more than one secret, all secret + references are passed. properties: - fieldRef: - description: 'Required: Selects a field of the - pod: only annotations, labels, name and namespace - are supported.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: mode bits used to set - permissions on this file, must be an octal value - between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict with - other options that affect the file mode, like - fsGroup, and the result can be other mode bits - set.' - format: int32 - type: integer - path: - description: 'Required: Path is the relative - path name of the file to be created. Must not - be absolute or contain the ''..'' path. Must - be utf-8 encoded. The first item of the relative - path must not start with ''..''' + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" type: string - resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' - properties: - containerName: - description: 'Container name: required for - volumes, optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - required: - - path type: object - type: array - type: object - emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - properties: - medium: - description: 'medium represents what type of storage - medium should back this directory. The default is - "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The size - limit is also applicable for memory medium. The maximum - usage on memory medium EmptyDir would be the minimum - value between the SizeLimit specified here and the - sum of memory limits of all containers in a pod. The - default is nil which means that the limit is undefined. - More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - description: "ephemeral represents a volume that is handled - by a cluster storage driver. The volume's lifecycle is - tied to the pod that defines it - it will be created before - the pod starts, and deleted when the pod is removed. \n - Use this if: a) the volume is only needed while the pod - runs, b) features of normal volumes like restoring from - snapshot or capacity tracking are needed, c) the storage - driver is specified through a storage class, and d) the - storage driver supports dynamic volume provisioning through - \ a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that persist - for longer than the lifecycle of an individual pod. \n - Use CSI for light-weight local ephemeral volumes if the - CSI driver is meant to be used that way - see the documentation - of the driver for more information. \n A pod can use both - types of ephemeral volumes and persistent volumes at the - same time." - properties: - volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC - to provision the volume. The pod in which this EphemeralVolumeSource - is embedded will be the owner of the PVC, i.e. the - PVC will be deleted together with the pod. The name - of the PVC will be `-` where - `` is the name from the `PodSpec.Volumes` - array entry. Pod validation will reject the pod if - the concatenated name is not valid for a PVC (for - example, too long). \n An existing PVC with that name - that is not owned by the pod will *not* be used for - the pod to avoid using an unrelated volume by mistake. - Starting the pod is then blocked until the unrelated - PVC is removed. If such a pre-created PVC is meant - to be used by the pod, the PVC has to updated with - an owner reference to the pod once the pod exists. - Normally this should not be necessary, but it may - be useful when manually reconstructing a broken cluster. - \n This field is read-only and no changes will be - made by Kubernetes to the PVC after it has been created. - \n Required, must not be nil." - properties: - metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be rejected - during validation. - type: object - spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into the - PVC that gets created from this template. The - same fields as in a PersistentVolumeClaim are - also valid here. + readOnly: + description: + readOnly specifies a read-only configuration + for the volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: + volumeAttributes stores driver-specific + properties that are passed to the CSI driver. Consult + your driver's documentation for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: + downwardAPI represents downward API about the + pod that should populate this volume + properties: + defaultMode: + description: + "Optional: mode bits to use on created + files by default. Must be a Optional: mode bits used + to set permissions on created files by default. Must + be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within the path + are not affected by this setting. This might be in + conflict with other options that affect the file mode, + like fsGroup, and the result can be other mode bits + set." + format: int32 + type: integer + items: + description: + Items is a list of downward API volume + file + items: + description: + DownwardAPIVolumeFile represents information + to create the file containing the pod field properties: - accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' - items: - type: string - type: array - dataSource: - description: 'dataSource field can be used to - specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, it - will create a new volume based on the contents - of the specified data source. If the AnyVolumeDataSource - feature gate is enabled, this field will always - have the same contents as the DataSourceRef - field.' + fieldRef: + description: + "Required: Selects a field of the + pod: only annotations, labels, name and namespace + are supported." properties: - apiGroup: - description: APIGroup is the group for the - resource being referenced. If APIGroup - is not specified, the specified Kind must - be in the core API group. For any other - third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource - being referenced + apiVersion: + description: + Version of the schema the FieldPath + is written in terms of, defaults to "v1". type: string - name: - description: Name is the name of resource - being referenced + fieldPath: + description: + Path of the field to select in + the specified API version. type: string required: - - kind - - name + - fieldPath type: object - dataSourceRef: - description: 'dataSourceRef specifies the object - from which to populate the volume with data, - if a non-empty volume is desired. This may - be any local object from a non-empty API group - (non core object) or a PersistentVolumeClaim - object. When this field is specified, volume - binding will only succeed if the type of the - specified object matches some installed volume - populator or dynamic provisioner. This field - will replace the functionality of the DataSource - field and as such if both fields are non-empty, - they must have the same value. For backwards - compatibility, both fields (DataSource and - DataSourceRef) will be set to the same value - automatically if one of them is empty and - the other is non-empty. There are two important - differences between DataSource and DataSourceRef: - * While DataSource only allows two specific - types of objects, DataSourceRef allows any - non-core object, as well as PersistentVolumeClaim - objects. * While DataSource ignores disallowed - values (dropping them), DataSourceRef preserves - all values, and generates an error if a disallowed - value is specified. (Beta) Using this field - requires the AnyVolumeDataSource feature gate - to be enabled.' + mode: + description: + "Optional: mode bits used to set + permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode + bits. If not specified, the volume defaultMode + will be used. This might be in conflict with + other options that affect the file mode, like + fsGroup, and the result can be other mode bits + set." + format: int32 + type: integer + path: + description: + "Required: Path is the relative + path name of the file to be created. Must not + be absolute or contain the '..' path. Must + be utf-8 encoded. The first item of the relative + path must not start with '..'" + type: string + resourceFieldRef: + description: + "Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported." properties: - apiGroup: - description: APIGroup is the group for the - resource being referenced. If APIGroup - is not specified, the specified Kind must - be in the core API group. For any other - third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource - being referenced - type: string - name: - description: Name is the name of resource - being referenced + containerName: + description: + "Container name: required for + volumes, optional for env vars" type: string - required: - - kind - - name - type: object - resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to specify - resource requirements that are lower than - previous value but must still be higher than - capacity recorded in the status field of the - claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: + divisor: + anyOf: - type: integer - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. - If Requests is omitted for a container, - it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - selector: - description: selector is a label query over - volumes to consider for binding. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. - type: object + description: + Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: string + required: + - resource type: object - storageClassName: - description: 'storageClassName is the name of - the StorageClass required by the claim. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' - type: string - volumeMode: - description: volumeMode defines what type of - volume is required by the claim. Value of - Filesystem is implied when not included in - claim spec. - type: string - volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. - type: string + required: + - path type: object - required: - - spec - type: object - type: object - fc: - description: fc represents a Fibre Channel resource that - is attached to a kubelet's host machine and then exposed - to the pod. - properties: - fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. TODO: how do we prevent - errors in the filesystem from compromising the machine' - type: string - lun: - description: 'lun is Optional: FC target lun number' - format: int32 - type: integer - readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' - type: boolean - targetWWNs: - description: 'targetWWNs is Optional: FC target worldwide - names (WWNs)' - items: - type: string - type: array - wwids: - description: 'wwids Optional: FC volume world wide identifiers - (wwids) Either wwids or combination of targetWWNs - and lun must be set, but not both simultaneously.' - items: - type: string - type: array - type: object - flexVolume: - description: flexVolume represents a generic volume resource - that is provisioned/attached using an exec based plugin. - properties: - driver: - description: driver is the name of the driver to use - for this volume. - type: string - fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". The default filesystem - depends on FlexVolume script. - type: string - options: - additionalProperties: + type: array + type: object + emptyDir: + description: + "emptyDir represents a temporary directory + that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + properties: + medium: + description: + 'medium represents what type of storage + medium should back this directory. The default is + "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More + info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string - description: 'options is Optional: this field holds - extra command options if any.' - type: object - readOnly: - description: 'readOnly is Optional: defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' - type: boolean - secretRef: - description: 'secretRef is Optional: secretRef is reference - to the secret object containing sensitive information - to pass to the plugin scripts. This may be empty if - no secret object is specified. If the secret object - contains more than one secret, all secrets are passed - to the plugin scripts.' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - type: object - required: - - driver - type: object - flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running - properties: - datasetName: - description: datasetName is Name of the dataset stored - as metadata -> name on the dataset for Flocker should - be considered as deprecated - type: string - datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset - type: string - type: object - gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk resource - that is attached to a kubelet''s host machine and then - exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - properties: - fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default is - to mount by volume name. Examples: For volume /dev/sda1, - you specify the partition as "1". Similarly, the volume - partition for /dev/sda is "0" (or you can leave the - property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - format: int32 - type: integer - pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More info: - https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: string - readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More info: - https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: boolean - required: - - pdName - type: object - gitRepo: - description: 'gitRepo represents a git repository at a particular - revision. DEPRECATED: GitRepo is deprecated. To provision - a container with a git repo, mount an EmptyDir into an - InitContainer that clones the repo using git, then mount - the EmptyDir into the Pod''s container.' - properties: - directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is supplied, - the volume directory will be the git repository. Otherwise, - if specified, the volume will contain the git repository - in the subdirectory with the given name. - type: string - repository: - description: repository is the URL - type: string - revision: - description: revision is the commit hash for the specified - revision. - type: string - required: - - repository - type: object - glusterfs: - description: 'glusterfs represents a Glusterfs mount on - the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' - properties: - endpoints: - description: 'endpoints is the endpoint name that details - Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - path: - description: 'path is the Glusterfs volume path. More - info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. Defaults - to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: boolean - required: - - endpoints - - path - type: object - hostPath: - description: 'hostPath represents a pre-existing file or - directory on the host machine that is directly exposed - to the container. This is generally used for system agents - or other privileged things that are allowed to see the - host machine. Most containers will NOT need this. More - info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host - directory mounts and who can/can not mount host directories - as read/write.' - properties: - path: - description: 'path of the directory on the host. If - the path is a symlink, it will follow the link to - the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - type: - description: 'type for HostPath Volume Defaults to "" - More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - required: - - path - type: object - iscsi: - description: 'iscsi represents an ISCSI Disk resource that - is attached to a kubelet''s host machine and then exposed - to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' - properties: - chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication - type: boolean - chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication - type: boolean - fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. - type: string - iqn: - description: iqn is the target iSCSI Qualified Name. - type: string - iscsiInterface: - description: iscsiInterface is the interface Name that - uses an iSCSI transport. Defaults to 'default' (tcp). - type: string - lun: - description: lun represents iSCSI Target Lun number. - format: int32 - type: integer - portals: - description: portals is the iSCSI Target Portal List. - The portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports 860 - and 3260). - items: - type: string - type: array - readOnly: - description: readOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. - type: boolean - secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - type: object - targetPortal: - description: targetPortal is iSCSI Target Portal. The - Portal is either an IP or ip_addr:port if the port - is other than default (typically TCP ports 860 and - 3260). - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - description: 'name of the volume. Must be a DNS_LABEL and - unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - nfs: - description: 'nfs represents an NFS mount on the host that - shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - properties: - path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: boolean - server: - description: 'server is the hostname or IP address of - the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - properties: - claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - type: string - readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine - properties: - fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. - type: string - pdID: - description: pdID is the ID that identifies Photon Controller - persistent disk - type: string - required: - - pdID - type: object - portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine - properties: - fsType: - description: fSType represents the filesystem type to - mount Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs". Implicitly inferred - to be "ext4" if unspecified. - type: string - readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts. - type: boolean - volumeID: - description: volumeID uniquely identifies a Portworx - volume - type: string - required: - - volumeID - type: object - projected: - description: projected items for all in one resources secrets, - configmaps, and downward API - properties: - defaultMode: - description: defaultMode are the mode bits used to set - permissions on created files by default. Must be an - octal value between 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode bits. - Directories within the path are not affected by this - setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set. - format: int32 - type: integer - sources: - description: sources is the list of volume projections - items: - description: Projection that may be projected along - with other supported volume types + sizeLimit: + anyOf: + - type: integer + - type: string + description: + "sizeLimit is the total amount of local + storage required for this EmptyDir volume. The size + limit is also applicable for memory medium. The maximum + usage on memory medium EmptyDir would be the minimum + value between the SizeLimit specified here and the + sum of memory limits of all containers in a pod. The + default is nil which means that the limit is undefined. + More info: http://kubernetes.io/docs/user-guide/volumes#emptydir" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: + "ephemeral represents a volume that is handled + by a cluster storage driver. The volume's lifecycle is + tied to the pod that defines it - it will be created before + the pod starts, and deleted when the pod is removed. \n + Use this if: a) the volume is only needed while the pod + runs, b) features of normal volumes like restoring from + snapshot or capacity tracking are needed, c) the storage + driver is specified through a storage class, and d) the + storage driver supports dynamic volume provisioning through + \ a PersistentVolumeClaim (see EphemeralVolumeSource + for more information on the connection between this + volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim + or one of the vendor-specific APIs for volumes that persist + for longer than the lifecycle of an individual pod. \n + Use CSI for light-weight local ephemeral volumes if the + CSI driver is meant to be used that way - see the documentation + of the driver for more information. \n A pod can use both + types of ephemeral volumes and persistent volumes at the + same time." + properties: + volumeClaimTemplate: + description: + "Will be used to create a stand-alone PVC + to provision the volume. The pod in which this EphemeralVolumeSource + is embedded will be the owner of the PVC, i.e. the + PVC will be deleted together with the pod. The name + of the PVC will be `-` where + `` is the name from the `PodSpec.Volumes` + array entry. Pod validation will reject the pod if + the concatenated name is not valid for a PVC (for + example, too long). \n An existing PVC with that name + that is not owned by the pod will *not* be used for + the pod to avoid using an unrelated volume by mistake. + Starting the pod is then blocked until the unrelated + PVC is removed. If such a pre-created PVC is meant + to be used by the pod, the PVC has to updated with + an owner reference to the pod once the pod exists. + Normally this should not be necessary, but it may + be useful when manually reconstructing a broken cluster. + \n This field is read-only and no changes will be + made by Kubernetes to the PVC after it has been created. + \n Required, must not be nil." properties: - configMap: - description: configMap information about the configMap - data to project - properties: - items: - description: items if unspecified, each key-value - pair in the Data field of the referenced - ConfigMap will be projected into the volume - as a file whose name is the key and content - is the value. If specified, the listed keys - will be projected into the specified paths, - and unlisted keys will not be present. If - a key is specified which is not present - in the ConfigMap, the volume setup will - error unless it is marked optional. Paths - must be relative and may not contain the - '..' path or start with '..'. - items: - description: Maps a string key to a path - within a volume. - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode - bits used to set permissions on this - file. Must be an octal value between - 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. If not - specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the - file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path - of the file to map the key to. May - not be an absolute path. May not contain - the path element '..'. May not start - with the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - optional: - description: optional specify whether the - ConfigMap or its keys must be defined - type: boolean + metadata: + description: + May contain labels and annotations + that will be copied into the PVC when creating + it. No other fields are allowed and will be rejected + during validation. type: object - downwardAPI: - description: downwardAPI information about the - downwardAPI data to project + spec: + description: + The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into the + PVC that gets created from this template. The + same fields as in a PersistentVolumeClaim are + also valid here. properties: - items: - description: Items is a list of DownwardAPIVolume - file + accessModes: + description: + "accessModes contains the desired + access modes the volume should have. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field - properties: - fieldRef: - description: 'Required: Selects a field - of the pod: only annotations, labels, - name and namespace are supported.' - properties: - apiVersion: - description: Version of the schema - the FieldPath is written in terms - of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to - select in the specified API version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: mode bits used - to set permissions on this file, must - be an octal value between 0000 and - 0777 or a decimal value between 0 - and 511. YAML accepts both octal and - decimal values, JSON requires decimal - values for mode bits. If not specified, - the volume defaultMode will be used. - This might be in conflict with other - options that affect the file mode, - like fsGroup, and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: 'Required: Path is the - relative path name of the file to - be created. Must not be absolute or - contain the ''..'' path. Must be utf-8 - encoded. The first item of the relative - path must not start with ''..''' - type: string - resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) - are currently supported.' + type: string + type: array + dataSource: + description: + "dataSource field can be used to + specify either: * An existing VolumeSnapshot + object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller + can support the specified data source, it + will create a new volume based on the contents + of the specified data source. If the AnyVolumeDataSource + feature gate is enabled, this field will always + have the same contents as the DataSourceRef + field." + properties: + apiGroup: + description: + APIGroup is the group for the + resource being referenced. If APIGroup + is not specified, the specified Kind must + be in the core API group. For any other + third-party types, APIGroup is required. + type: string + kind: + description: + Kind is the type of resource + being referenced + type: string + name: + description: + Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + dataSourceRef: + description: + "dataSourceRef specifies the object + from which to populate the volume with data, + if a non-empty volume is desired. This may + be any local object from a non-empty API group + (non core object) or a PersistentVolumeClaim + object. When this field is specified, volume + binding will only succeed if the type of the + specified object matches some installed volume + populator or dynamic provisioner. This field + will replace the functionality of the DataSource + field and as such if both fields are non-empty, + they must have the same value. For backwards + compatibility, both fields (DataSource and + DataSourceRef) will be set to the same value + automatically if one of them is empty and + the other is non-empty. There are two important + differences between DataSource and DataSourceRef: + * While DataSource only allows two specific + types of objects, DataSourceRef allows any + non-core object, as well as PersistentVolumeClaim + objects. * While DataSource ignores disallowed + values (dropping them), DataSourceRef preserves + all values, and generates an error if a disallowed + value is specified. (Beta) Using this field + requires the AnyVolumeDataSource feature gate + to be enabled." + properties: + apiGroup: + description: + APIGroup is the group for the + resource being referenced. If APIGroup + is not specified, the specified Kind must + be in the core API group. For any other + third-party types, APIGroup is required. + type: string + kind: + description: + Kind is the type of resource + being referenced + type: string + name: + description: + Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + resources: + description: + "resources represents the minimum + resources the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify + resource requirements that are lower than + previous value but must still be higher than + capacity recorded in the status field of the + claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: + "Limits describes the maximum + amount of compute resources allowed. More + info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: + "Requests describes the minimum + amount of compute resources required. + If Requests is omitted for a container, + it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + type: object + selector: + description: + selector is a label query over + volumes to consider for binding. + properties: + matchExpressions: + description: + matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: + A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. properties: - containerName: - description: 'Container name: required - for volumes, optional for env - vars' + key: + description: + key is the label key + that the selector applies to. type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' + operator: + description: + operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. type: string + values: + description: + values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array required: - - resource + - key + - operator type: object - required: - - path - type: object - type: array - type: object - secret: - description: secret information about the secret - data to project - properties: - items: - description: items if unspecified, each key-value - pair in the Data field of the referenced - Secret will be projected into the volume - as a file whose name is the key and content - is the value. If specified, the listed keys - will be projected into the specified paths, - and unlisted keys will not be present. If - a key is specified which is not present - in the Secret, the volume setup will error - unless it is marked optional. Paths must - be relative and may not contain the '..' - path or start with '..'. - items: - description: Maps a string key to a path - within a volume. - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode - bits used to set permissions on this - file. Must be an octal value between - 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. If not - specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the - file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path - of the file to map the key to. May - not be an absolute path. May not contain - the path element '..'. May not start - with the string '..'. + type: array + matchLabels: + additionalProperties: type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + storageClassName: + description: + "storageClassName is the name of + the StorageClass required by the claim. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: string - optional: - description: optional field specify whether - the Secret or its key must be defined - type: boolean - type: object - serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project - properties: - audience: - description: audience is the intended audience - of the token. A recipient of a token must - identify itself with an identifier specified - in the audience of the token, and otherwise - should reject the token. The audience defaults - to the identifier of the apiserver. + volumeMode: + description: + volumeMode defines what type of + volume is required by the claim. Value of + Filesystem is implied when not included in + claim spec. type: string - expirationSeconds: - description: expirationSeconds is the requested - duration of validity of the service account - token. As the token approaches expiration, - the kubelet volume plugin will proactively - rotate the service account token. The kubelet - will start trying to rotate the token if - the token is older than 80 percent of its - time to live or if the token is older than - 24 hours.Defaults to 1 hour and must be - at least 10 minutes. - format: int64 - type: integer - path: - description: path is the path relative to - the mount point of the file to project the - token into. + volumeName: + description: + volumeName is the binding reference + to the PersistentVolume backing this claim. type: string - required: - - path type: object + required: + - spec type: object - type: array - type: object - quobyte: - description: quobyte represents a Quobyte mount on the host - that shares a pod's lifetime - properties: - group: - description: group to map volume access to Default is - no group - type: string - readOnly: - description: readOnly here will force the Quobyte volume - to be mounted with read-only permissions. Defaults - to false. - type: boolean - registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string as - host:port pair (multiple entries are separated with - commas) which acts as the central registry for volumes - type: string - tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned Quobyte - volumes, value is set by the plugin - type: string - user: - description: user to map volume access to Defaults to - serivceaccount user - type: string - volume: - description: volume is a string that references an already - created Quobyte volume by name. - type: string - required: - - registry - - volume - type: object - rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' - properties: - fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - image: - description: 'image is the rados image name. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - keyring: - description: 'keyring is the path to key ring for RBDUser. - Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - items: + type: object + fc: + description: + fc represents a Fibre Channel resource that + is attached to a kubelet's host machine and then exposed + to the pod. + properties: + fsType: + description: + 'fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. TODO: how do we prevent + errors in the filesystem from compromising the machine' type: string - type: array - pool: - description: 'pool is the rados pool name. Default is - rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: boolean - secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + lun: + description: "lun is Optional: FC target lun number" + format: int32 + type: integer + readOnly: + description: + "readOnly is Optional: Defaults to false + (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts." + type: boolean + targetWWNs: + description: + "targetWWNs is Optional: FC target worldwide + names (WWNs)" + items: type: string - type: object - user: - description: 'user is the rados user name. Default is - admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - required: - - image - - monitors - type: object - scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. - properties: - fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". - type: string - gateway: - description: gateway is the host address of the ScaleIO - API Gateway. - type: string - protectionDomain: - description: protectionDomain is the name of the ScaleIO - Protection Domain for the configured storage. - type: string - readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: secretRef references to the secret for - ScaleIO user and other sensitive information. If this - is not provided, Login operation will fail. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + type: array + wwids: + description: + "wwids Optional: FC volume world wide identifiers + (wwids) Either wwids or combination of targetWWNs + and lun must be set, but not both simultaneously." + items: type: string - type: object - sslEnabled: - description: sslEnabled Flag enable/disable SSL communication - with Gateway, default false - type: boolean - storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. - type: string - storagePool: - description: storagePool is the ScaleIO Storage Pool - associated with the protection domain. - type: string - system: - description: system is the name of the storage system - as configured in ScaleIO. - type: string - volumeName: - description: volumeName is the name of a volume already - created in the ScaleIO system that is associated with - this volume source. - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - description: 'secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used - to set permissions on created files by default. Must - be an octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within the path - are not affected by this setting. This might be in - conflict with other options that affect the file mode, - like fsGroup, and the result can be other mode bits - set.' - format: int32 - type: integer - items: - description: items If unspecified, each key-value pair - in the Data field of the referenced Secret will be - projected into the volume as a file whose name is - the key and content is the value. If specified, the - listed keys will be projected into the specified paths, - and unlisted keys will not be present. If a key is - specified which is not present in the Secret, the - volume setup will error unless it is marked optional. - Paths must be relative and may not contain the '..' - path or start with '..'. - items: - description: Maps a string key to a path within a - volume. + type: array + type: object + flexVolume: + description: + flexVolume represents a generic volume resource + that is provisioned/attached using an exec based plugin. + properties: + driver: + description: + driver is the name of the driver to use + for this volume. + type: string + fsType: + description: + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". The default filesystem + depends on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: + "options is Optional: this field holds + extra command options if any." + type: object + readOnly: + description: + "readOnly is Optional: defaults to false + (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts." + type: boolean + secretRef: + description: + "secretRef is Optional: secretRef is reference + to the secret object containing sensitive information + to pass to the plugin scripts. This may be empty if + no secret object is specified. If the secret object + contains more than one secret, all secrets are passed + to the plugin scripts." properties: - key: - description: key is the key to project. + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" type: string - mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal values - for mode bits. If not specified, the volume - defaultMode will be used. This might be in conflict - with other options that affect the file mode, - like fsGroup, and the result can be other mode - bits set.' - format: int32 - type: integer - path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. + type: object + required: + - driver + type: object + flocker: + description: + flocker represents a Flocker volume attached + to a kubelet's host machine. This depends on the Flocker + control service being running + properties: + datasetName: + description: + datasetName is Name of the dataset stored + as metadata -> name on the dataset for Flocker should + be considered as deprecated + type: string + datasetUUID: + description: + datasetUUID is the UUID of the dataset. + This is unique identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: + "gcePersistentDisk represents a GCE Disk resource + that is attached to a kubelet's host machine and then + exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + properties: + fsType: + description: + 'fsType is filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: + 'partition is the partition in the volume + that you want to mount. If omitted, the default is + to mount by volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, the volume + partition for /dev/sda is "0" (or you can leave the + property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: + "pdName is unique name of the PD resource + in GCE. Used to identify the disk in GCE. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + type: string + readOnly: + description: + "readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + type: boolean + required: + - pdName + type: object + gitRepo: + description: + "gitRepo represents a git repository at a particular + revision. DEPRECATED: GitRepo is deprecated. To provision + a container with a git repo, mount an EmptyDir into an + InitContainer that clones the repo using git, then mount + the EmptyDir into the Pod's container." + properties: + directory: + description: + directory is the target directory name. + Must not contain or start with '..'. If '.' is supplied, + the volume directory will be the git repository. Otherwise, + if specified, the volume will contain the git repository + in the subdirectory with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: + revision is the commit hash for the specified + revision. + type: string + required: + - repository + type: object + glusterfs: + description: + "glusterfs represents a Glusterfs mount on + the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + properties: + endpoints: + description: + "endpoints is the endpoint name that details + Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + type: string + path: + description: + "path is the Glusterfs volume path. More + info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + type: string + readOnly: + description: + "readOnly here will force the Glusterfs + volume to be mounted with read-only permissions. Defaults + to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: + "hostPath represents a pre-existing file or + directory on the host machine that is directly exposed + to the container. This is generally used for system agents + or other privileged things that are allowed to see the + host machine. Most containers will NOT need this. More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use host + directory mounts and who can/can not mount host directories + as read/write." + properties: + path: + description: + "path of the directory on the host. If + the path is a symlink, it will follow the link to + the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + type: string + type: + description: + 'type for HostPath Volume Defaults to "" + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: + "iscsi represents an ISCSI Disk resource that + is attached to a kubelet's host machine and then exposed + to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" + properties: + chapAuthDiscovery: + description: + chapAuthDiscovery defines whether support + iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: + chapAuthSession defines whether support + iSCSI Session CHAP authentication + type: boolean + fsType: + description: + 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + initiatorName: + description: + initiatorName is the custom iSCSI Initiator + Name. If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified Name. + type: string + iscsiInterface: + description: + iscsiInterface is the interface Name that + uses an iSCSI transport. Defaults to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: + portals is the iSCSI Target Portal List. + The portal is either an IP or ip_addr:port if the + port is other than default (typically TCP ports 860 + and 3260). + items: + type: string + type: array + readOnly: + description: + readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: + secretRef is the CHAP Secret for iSCSI + target and initiator authentication + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" type: string - required: - - key - - path type: object - type: array - optional: - description: optional field specify whether the Secret - or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in - the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - type: object - storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. - properties: - fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. - type: string - readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: secretRef specifies the secret to use for - obtaining the StorageOS API credentials. If not specified, - default values will be attempted. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + targetPortal: + description: + targetPortal is iSCSI Target Portal. The + Portal is either an IP or ip_addr:port if the port + is other than default (typically TCP ports 860 and + 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: + "name of the volume. Must be a DNS_LABEL and + unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: string + nfs: + description: + "nfs represents an NFS mount on the host that + shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + properties: + path: + description: + "path that is exported by the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + type: string + readOnly: + description: + "readOnly here will force the NFS export + to be mounted with read-only permissions. Defaults + to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + type: boolean + server: + description: + "server is the hostname or IP address of + the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: + "persistentVolumeClaimVolumeSource represents + a reference to a PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + properties: + claimName: + description: + "claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + type: string + readOnly: + description: + readOnly Will force the ReadOnly setting + in VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: + photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host + machine + properties: + fsType: + description: + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + pdID: + description: + pdID is the ID that identifies Photon Controller + persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: + portworxVolume represents a portworx volume + attached and mounted on kubelets host machine + properties: + fsType: + description: + fSType represents the filesystem type to + mount Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + readOnly: + description: + readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: + volumeID uniquely identifies a Portworx + volume + type: string + required: + - volumeID + type: object + projected: + description: + projected items for all in one resources secrets, + configmaps, and downward API + properties: + defaultMode: + description: + defaultMode are the mode bits used to set + permissions on created files by default. Must be an + octal value between 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode bits. + Directories within the path are not affected by this + setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: + Projection that may be projected along + with other supported volume types + properties: + configMap: + description: + configMap information about the configMap + data to project + properties: + items: + description: + items if unspecified, each key-value + pair in the Data field of the referenced + ConfigMap will be projected into the volume + as a file whose name is the key and content + is the value. If specified, the listed keys + will be projected into the specified paths, + and unlisted keys will not be present. If + a key is specified which is not present + in the ConfigMap, the volume setup will + error unless it is marked optional. Paths + must be relative and may not contain the + '..' path or start with '..'. + items: + description: + Maps a string key to a path + within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode + bits used to set permissions on this + file. Must be an octal value between + 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal + and decimal values, JSON requires + decimal values for mode bits. If not + specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the + file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + path: + description: + path is the relative path + of the file to map the key to. May + not be an absolute path. May not contain + the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + optional: + description: + optional specify whether the + ConfigMap or its keys must be defined + type: boolean + type: object + downwardAPI: + description: + downwardAPI information about the + downwardAPI data to project + properties: + items: + description: + Items is a list of DownwardAPIVolume + file + items: + description: + DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: + "Required: Selects a field + of the pod: only annotations, labels, + name and namespace are supported." + properties: + apiVersion: + description: + Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: + Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: + "Optional: mode bits used + to set permissions on this file, must + be an octal value between 0000 and + 0777 or a decimal value between 0 + and 511. YAML accepts both octal and + decimal values, JSON requires decimal + values for mode bits. If not specified, + the volume defaultMode will be used. + This might be in conflict with other + options that affect the file mode, + like fsGroup, and the result can be + other mode bits set." + format: int32 + type: integer + path: + description: + "Required: Path is the + relative path name of the file to + be created. Must not be absolute or + contain the '..' path. Must be utf-8 + encoded. The first item of the relative + path must not start with '..'" + type: string + resourceFieldRef: + description: + "Selects a resource of + the container: only resources limits + and requests (limits.cpu, limits.memory, + requests.cpu and requests.memory) + are currently supported." + properties: + containerName: + description: + "Container name: required + for volumes, optional for env + vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: + "Required: resource + to select" + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + description: + secret information about the secret + data to project + properties: + items: + description: + items if unspecified, each key-value + pair in the Data field of the referenced + Secret will be projected into the volume + as a file whose name is the key and content + is the value. If specified, the listed keys + will be projected into the specified paths, + and unlisted keys will not be present. If + a key is specified which is not present + in the Secret, the volume setup will error + unless it is marked optional. Paths must + be relative and may not contain the '..' + path or start with '..'. + items: + description: + Maps a string key to a path + within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode + bits used to set permissions on this + file. Must be an octal value between + 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal + and decimal values, JSON requires + decimal values for mode bits. If not + specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the + file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + path: + description: + path is the relative path + of the file to map the key to. May + not be an absolute path. May not contain + the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + optional: + description: + optional field specify whether + the Secret or its key must be defined + type: boolean + type: object + serviceAccountToken: + description: + serviceAccountToken is information + about the serviceAccountToken data to project + properties: + audience: + description: + audience is the intended audience + of the token. A recipient of a token must + identify itself with an identifier specified + in the audience of the token, and otherwise + should reject the token. The audience defaults + to the identifier of the apiserver. + type: string + expirationSeconds: + description: + expirationSeconds is the requested + duration of validity of the service account + token. As the token approaches expiration, + the kubelet volume plugin will proactively + rotate the service account token. The kubelet + will start trying to rotate the token if + the token is older than 80 percent of its + time to live or if the token is older than + 24 hours.Defaults to 1 hour and must be + at least 10 minutes. + format: int64 + type: integer + path: + description: + path is the path relative to + the mount point of the file to project the + token into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: + quobyte represents a Quobyte mount on the host + that shares a pod's lifetime + properties: + group: + description: + group to map volume access to Default is + no group + type: string + readOnly: + description: + readOnly here will force the Quobyte volume + to be mounted with read-only permissions. Defaults + to false. + type: boolean + registry: + description: + registry represents a single or multiple + Quobyte Registry services specified as a string as + host:port pair (multiple entries are separated with + commas) which acts as the central registry for volumes + type: string + tenant: + description: + tenant owning the given Quobyte volume + in the Backend Used with dynamically provisioned Quobyte + volumes, value is set by the plugin + type: string + user: + description: + user to map volume access to Defaults to + serivceaccount user + type: string + volume: + description: + volume is a string that references an already + created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: + "rbd represents a Rados Block Device mount + on the host that shares a pod's lifetime. More info: + https://examples.k8s.io/volumes/rbd/README.md" + properties: + fsType: + description: + 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + image: + description: + "image is the rados image name. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + keyring: + description: + "keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + monitors: + description: + "monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + items: type: string - type: object - volumeName: - description: volumeName is the human-readable name of - the StorageOS volume. Volume names are only unique - within a namespace. - type: string - volumeNamespace: - description: volumeNamespace specifies the scope of - the volume within StorageOS. If no namespace is specified - then the Pod's namespace will be used. This allows - the Kubernetes name scoping to be mirrored within - StorageOS for tighter integration. Set VolumeName - to any name to override the default behaviour. Set - to "default" if you are not using namespaces within - StorageOS. Namespaces that do not pre-exist within - StorageOS will be created. - type: string - type: object - vsphereVolume: - description: vsphereVolume represents a vSphere volume attached - and mounted on kubelets host machine - properties: - fsType: - description: fsType is filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. - type: string - storagePolicyID: - description: storagePolicyID is the storage Policy Based - Management (SPBM) profile ID associated with the StoragePolicyName. - type: string - storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. - type: string - volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - type: object - required: - - matches - - scanSpec - type: object - status: - description: CascadingRuleStatus defines the observed state of CascadingRule - type: object - type: object - served: true - storage: true - subresources: {} + type: array + pool: + description: + "pool is the rados pool name. Default is + rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + readOnly: + description: + "readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: boolean + secretRef: + description: + "secretRef is name of the authentication + secret for RBDUser. If provided overrides keyring. + Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + type: object + user: + description: + "user is the rados user name. Default is + admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + required: + - image + - monitors + type: object + scaleIO: + description: + scaleIO represents a ScaleIO persistent volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: + gateway is the host address of the ScaleIO + API Gateway. + type: string + protectionDomain: + description: + protectionDomain is the name of the ScaleIO + Protection Domain for the configured storage. + type: string + readOnly: + description: + readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: + secretRef references to the secret for + ScaleIO user and other sensitive information. If this + is not provided, Login operation will fail. + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + type: object + sslEnabled: + description: + sslEnabled Flag enable/disable SSL communication + with Gateway, default false + type: boolean + storageMode: + description: + storageMode indicates whether the storage + for a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: + storagePool is the ScaleIO Storage Pool + associated with the protection domain. + type: string + system: + description: + system is the name of the storage system + as configured in ScaleIO. + type: string + volumeName: + description: + volumeName is the name of a volume already + created in the ScaleIO system that is associated with + this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: + "secret represents a secret that should populate + this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + properties: + defaultMode: + description: + "defaultMode is Optional: mode bits used + to set permissions on created files by default. Must + be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within the path + are not affected by this setting. This might be in + conflict with other options that affect the file mode, + like fsGroup, and the result can be other mode bits + set." + format: int32 + type: integer + items: + description: + items If unspecified, each key-value pair + in the Data field of the referenced Secret will be + projected into the volume as a file whose name is + the key and content is the value. If specified, the + listed keys will be projected into the specified paths, + and unlisted keys will not be present. If a key is + specified which is not present in the Secret, the + volume setup will error unless it is marked optional. + Paths must be relative and may not contain the '..' + path or start with '..'. + items: + description: + Maps a string key to a path within a + volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode bits used + to set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal values + for mode bits. If not specified, the volume + defaultMode will be used. This might be in conflict + with other options that affect the file mode, + like fsGroup, and the result can be other mode + bits set." + format: int32 + type: integer + path: + description: + path is the relative path of the + file to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: + optional field specify whether the Secret + or its keys must be defined + type: boolean + secretName: + description: + "secretName is the name of the secret in + the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + type: string + type: object + storageos: + description: + storageOS represents a StorageOS volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + readOnly: + description: + readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: + secretRef specifies the secret to use for + obtaining the StorageOS API credentials. If not specified, + default values will be attempted. + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + type: object + volumeName: + description: + volumeName is the human-readable name of + the StorageOS volume. Volume names are only unique + within a namespace. + type: string + volumeNamespace: + description: + volumeNamespace specifies the scope of + the volume within StorageOS. If no namespace is specified + then the Pod's namespace will be used. This allows + the Kubernetes name scoping to be mirrored within + StorageOS for tighter integration. Set VolumeName + to any name to override the default behaviour. Set + to "default" if you are not using namespaces within + StorageOS. Namespaces that do not pre-exist within + StorageOS will be created. + type: string + type: object + vsphereVolume: + description: + vsphereVolume represents a vSphere volume attached + and mounted on kubelets host machine + properties: + fsType: + description: + fsType is filesystem type to mount. Must + be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + storagePolicyID: + description: + storagePolicyID is the storage Policy Based + Management (SPBM) profile ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: + storagePolicyName is the storage Policy + Based Management (SPBM) profile name. + type: string + volumePath: + description: + volumePath is the path that identifies + vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + type: object + required: + - matches + - scanSpec + type: object + status: + description: CascadingRuleStatus defines the observed state of CascadingRule + type: object + type: object + served: true + storage: true + subresources: {} status: acceptedNames: kind: "" diff --git a/operator/crds/execution.securecodebox.io_parsedefinitions.yaml b/operator/crds/execution.securecodebox.io_parsedefinitions.yaml index 2122031446..4d0cf5c056 100644 --- a/operator/crds/execution.securecodebox.io_parsedefinitions.yaml +++ b/operator/crds/execution.securecodebox.io_parsedefinitions.yaml @@ -19,2571 +19,2934 @@ spec: singular: parsedefinition scope: Namespaced versions: - - additionalPrinterColumns: - - description: Scanner Container Image - jsonPath: .spec.image - name: Image - type: string - name: v1 - schema: - openAPIV3Schema: - description: ParseDefinition is the Schema for the parsedefinitions API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ParseDefinitionSpec defines the desired state of ParseDefinition - properties: - affinity: - description: 'Affinity allows to specify a node affinity, to control - on which nodes you want a parser to run. See: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/' - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for the - pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to - nodes that satisfy the affinity expressions specified by - this field, but it may choose a node that violates one or - more of the expressions. The node that is most preferred - is the one with the greatest sum of weights, i.e. for each - node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of - this field and adding "weight" to the sum if the node matches - the corresponding matchExpressions; the node(s) with the - highest sum are the most preferred. - items: - description: An empty preferred scheduling term matches - all objects with implicit weight 0 (i.e. it's a no-op). - A null preferred scheduling term matches no objects (i.e. - is also a no-op). - properties: - preference: - description: A node selector term, associated with the - corresponding weight. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: + - additionalPrinterColumns: + - description: Scanner Container Image + jsonPath: .spec.image + name: Image + type: string + name: v1 + schema: + openAPIV3Schema: + description: ParseDefinition is the Schema for the parsedefinitions API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ParseDefinitionSpec defines the desired state of ParseDefinition + properties: + affinity: + description: + "Affinity allows to specify a node affinity, to control + on which nodes you want a parser to run. See: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/" + properties: + nodeAffinity: + description: + Describes node affinity scheduling rules for the + pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: + The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node matches + the corresponding matchExpressions; the node(s) with the + highest sum are the most preferred. + items: + description: + An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects (i.e. + is also a no-op). + properties: + preference: + description: + A node selector term, associated with the + corresponding weight. + properties: + matchExpressions: + description: + A list of node selector requirements + by node's labels. + items: + description: + A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + The label key that the selector + applies to. type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: + operator: + description: + Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - description: Weight associated with matching the corresponding - nodeSelectorTerm, in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this - field are not met at scheduling time, the pod will not be - scheduled onto the node. If the affinity requirements specified - by this field cease to be met at some point during pod execution - (e.g. due to an update), the system may or may not try to - eventually evict the pod from its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. - The terms are ORed. - items: - description: A null or empty node selector term matches - no objects. The requirements of them are ANDed. The - TopologySelectorTerm type implements a subset of the - NodeSelectorTerm. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: + values: + description: + An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: + A list of node selector requirements + by node's fields. + items: + description: + A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + The label key that the selector + applies to. type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: + operator: + description: + Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - description: Describes pod affinity scheduling rules (e.g. co-locate - this pod in the same node, zone, etc. as some other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to - nodes that satisfy the affinity expressions specified by - this field, but it may choose a node that violates one or - more of the expressions. The node that is most preferred - is the one with the greatest sum of weights, i.e. for each - node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of - this field and adding "weight" to the sum if the node has - pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + values: + description: + An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. + type: array + type: object + weight: + description: + Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: + If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to an update), the system may or may not try to + eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: + Required. A list of node selector terms. + The terms are ORed. + items: + description: + A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: + A list of node selector requirements + by node's labels. + items: + description: + A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + The label key that the selector + applies to. + type: string + operator: + description: + Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: + An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: + A list of node selector requirements + by node's fields. + items: + description: + A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + The label key that the selector + applies to. + type: string + operator: + description: + Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: + An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. type: object - type: object - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with matching the corresponding - podAffinityTerm, in the range 1-100. - format: int32 - type: integer + type: array + type: object + type: array required: - - podAffinityTerm - - weight + - nodeSelectorTerms type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this - field are not met at scheduling time, the pod will not be - scheduled onto the node. If the affinity requirements specified - by this field cease to be met at some point during pod execution - (e.g. due to a pod label update), the system may or may - not try to eventually evict the pod from its node. When - there are multiple elements, the lists of nodes corresponding - to each podAffinityTerm are intersected, i.e. all terms - must be satisfied. - items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not co-located - (anti-affinity) with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which a pod of the set of - pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + type: object + podAffinity: + description: + Describes pod affinity scheduling rules (e.g. co-locate + this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: + The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: + The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: + Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: + A label query over a set of resources, + in this case pods. properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. items: - type: string + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied to the - union of the namespaces selected by this field and - the ones listed in the namespaces field. null selector - and null or empty namespaces list means "this pod's - namespace". An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. items: - type: string + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: + namespaces: + description: + namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - namespaces: - description: namespaces specifies a static list of namespace - names that the term applies to. The term is applied - to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. null or - empty namespaces list and null namespaceSelector means - "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where - co-located is defined as running on a node whose value - of the label with key topologyKey matches that of - any node on which any of the selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules (e.g. - avoid putting this pod in the same node, zone, etc. as some - other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to - nodes that satisfy the anti-affinity expressions specified - by this field, but it may choose a node that violates one - or more of the expressions. The node that is most preferred - is the one with the greatest sum of weights, i.e. for each - node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of - this field and adding "weight" to the sum if the node has - pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + required: + - topologyKey + type: object + weight: + description: + weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: + If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may + not try to eventually evict the pod from its node. When + there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms + must be satisfied. + items: + description: + Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: + A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: + A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + key is the label key that the + selector applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: + A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + key is the label key that the + selector applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. type: object - type: object - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + namespaces: + description: + namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: type: string - required: + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: - topologyKey - type: object - weight: - description: weight associated with matching the corresponding - podAffinityTerm, in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified by - this field are not met at scheduling time, the pod will - not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during - pod execution (e.g. due to a pod label update), the system - may or may not try to eventually evict the pod from its - node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. - all terms must be satisfied. - items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not co-located - (anti-affinity) with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which a pod of the set of - pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + type: object + type: array + type: object + podAntiAffinity: + description: + Describes pod anti-affinity scheduling rules (e.g. + avoid putting this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: + The scheduler will prefer to schedule pods to + nodes that satisfy the anti-affinity expressions specified + by this field, but it may choose a node that violates one + or more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: + The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: + Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: + A label query over a set of resources, + in this case pods. properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. items: - type: string + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied to the - union of the namespaces selected by this field and - the ones listed in the namespaces field. null selector - and null or empty namespaces list means "this pod's - namespace". An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. items: - type: string - type: array - required: - - key - - operator + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - namespaces: - description: namespaces specifies a static list of namespace - names that the term applies to. The term is applied - to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. null or - empty namespaces list and null namespaceSelector means - "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where - co-located is defined as running on a node whose value - of the label with key topologyKey matches that of - any node on which any of the selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - env: - description: Env allows to specify environment vars for the parser - container. - items: - description: EnvVar represents an environment variable present in - a Container. - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using - the previously defined environment variables in the container - and any service environment variables. If a variable cannot - be resolved, the reference in the input string will be unchanged. - Double $$ are reduced to a single $, which allows for escaping - the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the - string literal "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable exists or - not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot - be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key - must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the pod: supports metadata.name, - metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, - status.podIP, status.podIPs.' - properties: - apiVersion: - description: Version of the schema the FieldPath is - written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the specified - API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, requests.memory - and requests.ephemeral-storage) are currently supported.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of the exposed - resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - image: - description: Image is the reference to the parser container image - which ca transform the raw scan report into findings - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent - otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - imagePullSecrets: - description: ImagePullSecrets used to access private parser images - items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - type: array - scopeLimiterAliases: - additionalProperties: - type: string - type: object - tolerations: - description: Tolerations are a different way to control on which nodes - your parser is executed. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ - items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . - properties: - effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. - type: string - operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. - format: int64 - type: integer - value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. - type: string - type: object - type: array - ttlSecondsAfterFinished: - description: TTLSecondsAfterFinished configures the ttlSecondsAfterFinished - field for the created parse job - format: int32 - nullable: true - type: integer - volumeMounts: - description: VolumeMounts allows to specify volume mounts for the - parser container. - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: Path within the container at which the volume should - be mounted. Must not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how mounts are propagated - from the host to container and the other way around. When - not set, MountPropagationNone is used. This field is beta - in 1.10. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). - type: string - subPathExpr: - description: Expanded path within the volume from which the - container's volume should be mounted. Behaves similarly to - SubPath but environment variable references $(VAR_NAME) are - expanded using the container's environment. Defaults to "" - (volume's root). SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: Volumes allows to specify volumes for the parser container. - items: - description: Volume represents a named volume in a pod that may - be accessed by any container in the pod. - properties: - awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS Disk resource - that is attached to a kubelet''s host machine and then exposed - to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - properties: - fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - partition: - description: 'partition is the partition in the volume that - you want to mount. If omitted, the default is to mount - by volume name. Examples: For volume /dev/sda1, you specify - the partition as "1". Similarly, the volume partition - for /dev/sda is "0" (or you can leave the property empty).' - format: int32 - type: integer - readOnly: - description: 'readOnly value true will force the readOnly - setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: boolean - volumeID: - description: 'volumeID is unique ID of the persistent disk - resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: string - required: - - volumeID - type: object - azureDisk: - description: azureDisk represents an Azure Data Disk mount on - the host and bind mount to the pod. - properties: - cachingMode: - description: 'cachingMode is the Host Caching mode: None, - Read Only, Read Write.' - type: string - diskName: - description: diskName is the Name of the data disk in the - blob storage - type: string - diskURI: - description: diskURI is the URI of data disk in the blob - storage - type: string - fsType: - description: fsType is Filesystem type to mount. Must be - a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single blob - disk per storage account Managed: azure managed data - disk (only in managed availability set). defaults to shared' - type: string - readOnly: - description: readOnly Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - description: azureFile represents an Azure File Service mount - on the host and bind mount to the pod. - properties: - readOnly: - description: readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - secretName: - description: secretName is the name of secret that contains - Azure Storage Account Name and Key - type: string - shareName: - description: shareName is the azure share Name - type: string - required: - - secretName - - shareName - type: object - cephfs: - description: cephFS represents a Ceph FS mount on the host that - shares a pod's lifetime - properties: - monitors: - description: 'monitors is Required: Monitors is a collection - of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - items: - type: string - type: array - path: - description: 'path is Optional: Used as the mounted root, - rather than the full Ceph tree, default is /' - type: string - readOnly: - description: 'readOnly is Optional: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: boolean - secretFile: - description: 'secretFile is Optional: SecretFile is the - path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - secretRef: - description: 'secretRef is Optional: SecretRef is reference - to the authentication secret for User, default is empty. - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - user: - description: 'user is optional: User is the rados user name, - default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - required: - - monitors - type: object - cinder: - description: 'cinder represents a cinder volume attached and - mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - properties: - fsType: - description: 'fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred to - be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - readOnly: - description: 'readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: boolean - secretRef: - description: 'secretRef is optional: points to a secret - object containing parameters used to connect to OpenStack.' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - volumeID: - description: 'volumeID used to identify the volume in cinder. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - required: - - volumeID - type: object - configMap: - description: configMap represents a configMap that should populate - this volume - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to - set permissions on created files by default. Must be an - octal value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. Defaults to - 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: items if unspecified, each key-value pair in - the Data field of the referenced ConfigMap will be projected - into the volume as a file whose name is the key and content - is the value. If specified, the listed keys will be projected - into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in - the ConfigMap, the volume setup will error unless it is - marked optional. Paths must be relative and may not contain - the '..' path or start with '..'. - items: - description: Maps a string key to a path within a volume. - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to - set permissions on this file. Must be an octal value - between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. If not - specified, the volume defaultMode will be used. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of the file - to map the key to. May not be an absolute path. - May not contain the path element '..'. May not start - with the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its - keys must be defined - type: boolean - type: object - csi: - description: csi (Container Storage Interface) represents ephemeral - storage that is handled by certain external CSI drivers (Beta - feature). - properties: - driver: - description: driver is the name of the CSI driver that handles - this volume. Consult with your admin for the correct name - as registered in the cluster. - type: string - fsType: - description: fsType to mount. Ex. "ext4", "xfs", "ntfs". - If not provided, the empty value is passed to the associated - CSI driver which will determine the default filesystem - to apply. - type: string - nodePublishSecretRef: - description: nodePublishSecretRef is a reference to the - secret object containing sensitive information to pass - to the CSI driver to complete the CSI NodePublishVolume - and NodeUnpublishVolume calls. This field is optional, - and may be empty if no secret is required. If the secret - object contains more than one secret, all secret references - are passed. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). - type: boolean - volumeAttributes: - additionalProperties: - type: string - description: volumeAttributes stores driver-specific properties - that are passed to the CSI driver. Consult your driver's - documentation for supported values. - type: object - required: - - driver - type: object - downwardAPI: - description: downwardAPI represents downward API about the pod - that should populate this volume - properties: - defaultMode: - description: 'Optional: mode bits to use on created files - by default. Must be a Optional: mode bits used to set - permissions on created files by default. Must be an octal - value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. Defaults to - 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: Items is a list of downward API volume file - items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field - properties: - fieldRef: - description: 'Required: Selects a field of the pod: - only annotations, labels, name and namespace are - supported.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the - specified API version. + namespaces: + description: + namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. type: string required: - - fieldPath + - topologyKey type: object - mode: - description: 'Optional: mode bits used to set permissions - on this file, must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON requires - decimal values for mode bits. If not specified, - the volume defaultMode will be used. This might - be in conflict with other options that affect the - file mode, like fsGroup, and the result can be other - mode bits set.' + weight: + description: + weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. format: int32 type: integer - path: - description: 'Required: Path is the relative path - name of the file to be created. Must not be absolute - or contain the ''..'' path. Must be utf-8 encoded. - The first item of the relative path must not start - with ''..''' - type: string - resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of the - exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object required: - - path + - podAffinityTerm + - weight type: object type: array - type: object - emptyDir: - description: 'emptyDir represents a temporary directory that - shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - properties: - medium: - description: 'medium represents what type of storage medium - should back this directory. The default is "" which means - to use the node''s default medium. Must be an empty string - (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - description: 'sizeLimit is the total amount of local storage - required for this EmptyDir volume. The size limit is also - applicable for memory medium. The maximum usage on memory - medium EmptyDir would be the minimum value between the - SizeLimit specified here and the sum of memory limits - of all containers in a pod. The default is nil which means - that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - description: "ephemeral represents a volume that is handled - by a cluster storage driver. The volume's lifecycle is tied - to the pod that defines it - it will be created before the - pod starts, and deleted when the pod is removed. \n Use this - if: a) the volume is only needed while the pod runs, b) features - of normal volumes like restoring from snapshot or capacity - \ tracking are needed, c) the storage driver is specified - through a storage class, and d) the storage driver supports - dynamic volume provisioning through a PersistentVolumeClaim - (see EphemeralVolumeSource for more information on the - connection between this volume type and PersistentVolumeClaim). - \n Use PersistentVolumeClaim or one of the vendor-specific - APIs for volumes that persist for longer than the lifecycle - of an individual pod. \n Use CSI for light-weight local ephemeral - volumes if the CSI driver is meant to be used that way - see - the documentation of the driver for more information. \n A - pod can use both types of ephemeral volumes and persistent - volumes at the same time." - properties: - volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to - provision the volume. The pod in which this EphemeralVolumeSource - is embedded will be the owner of the PVC, i.e. the PVC - will be deleted together with the pod. The name of the - PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. - Pod validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too long). \n - An existing PVC with that name that is not owned by the - pod will *not* be used for the pod to avoid using an unrelated - volume by mistake. Starting the pod is then blocked until - the unrelated PVC is removed. If such a pre-created PVC - is meant to be used by the pod, the PVC has to updated - with an owner reference to the pod once the pod exists. - Normally this should not be necessary, but it may be useful - when manually reconstructing a broken cluster. \n This - field is read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, must - not be nil." - properties: - metadata: - description: May contain labels and annotations that - will be copied into the PVC when creating it. No other - fields are allowed and will be rejected during validation. - type: object - spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into the PVC - that gets created from this template. The same fields - as in a PersistentVolumeClaim are also valid here. - properties: - accessModes: - description: 'accessModes contains the desired access - modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' - items: - type: string - type: array - dataSource: - description: 'dataSource field can be used to specify - either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) If the - provisioner or an external controller can support - the specified data source, it will create a new - volume based on the contents of the specified - data source. If the AnyVolumeDataSource feature - gate is enabled, this field will always have the - same contents as the DataSourceRef field.' - properties: - apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API - group. For any other third-party types, APIGroup - is required. - type: string - kind: - description: Kind is the type of resource being - referenced - type: string - name: - description: Name is the name of resource being - referenced - type: string - required: - - kind - - name - type: object - dataSourceRef: - description: 'dataSourceRef specifies the object - from which to populate the volume with data, if - a non-empty volume is desired. This may be any - local object from a non-empty API group (non core - object) or a PersistentVolumeClaim object. When - this field is specified, volume binding will only - succeed if the type of the specified object matches - some installed volume populator or dynamic provisioner. - This field will replace the functionality of the - DataSource field and as such if both fields are - non-empty, they must have the same value. For - backwards compatibility, both fields (DataSource - and DataSourceRef) will be set to the same value - automatically if one of them is empty and the - other is non-empty. There are two important differences - between DataSource and DataSourceRef: * While - DataSource only allows two specific types of objects, - DataSourceRef allows any non-core object, as - well as PersistentVolumeClaim objects. * While - DataSource ignores disallowed values (dropping - them), DataSourceRef preserves all values, and - generates an error if a disallowed value is specified. - (Beta) Using this field requires the AnyVolumeDataSource - feature gate to be enabled.' - properties: - apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API - group. For any other third-party types, APIGroup - is required. - type: string - kind: - description: Kind is the type of resource being - referenced - type: string - name: - description: Name is the name of resource being - referenced - type: string - required: - - kind - - name - type: object - resources: - description: 'resources represents the minimum resources - the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to specify - resource requirements that are lower than previous - value but must still be higher than capacity recorded - in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. If Requests - is omitted for a container, it defaults to - Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - selector: - description: selector is a label query over volumes - to consider for binding. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - storageClassName: - description: 'storageClassName is the name of the - StorageClass required by the claim. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' - type: string - volumeMode: - description: volumeMode defines what type of volume - is required by the claim. Value of Filesystem - is implied when not included in claim spec. - type: string - volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. - type: string - type: object - required: - - spec - type: object - type: object - fc: - description: fc represents a Fibre Channel resource that is - attached to a kubelet's host machine and then exposed to the - pod. - properties: - fsType: - description: 'fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. TODO: how do we prevent errors in the - filesystem from compromising the machine' - type: string - lun: - description: 'lun is Optional: FC target lun number' - format: int32 - type: integer - readOnly: - description: 'readOnly is Optional: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts.' - type: boolean - targetWWNs: - description: 'targetWWNs is Optional: FC target worldwide - names (WWNs)' - items: - type: string - type: array - wwids: - description: 'wwids Optional: FC volume world wide identifiers - (wwids) Either wwids or combination of targetWWNs and - lun must be set, but not both simultaneously.' - items: - type: string - type: array - type: object - flexVolume: - description: flexVolume represents a generic volume resource - that is provisioned/attached using an exec based plugin. - properties: - driver: - description: driver is the name of the driver to use for - this volume. - type: string - fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". The default filesystem depends - on FlexVolume script. - type: string - options: - additionalProperties: - type: string - description: 'options is Optional: this field holds extra - command options if any.' - type: object - readOnly: - description: 'readOnly is Optional: defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts.' - type: boolean - secretRef: - description: 'secretRef is Optional: secretRef is reference - to the secret object containing sensitive information - to pass to the plugin scripts. This may be empty if no - secret object is specified. If the secret object contains - more than one secret, all secrets are passed to the plugin - scripts.' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - required: - - driver - type: object - flocker: - description: flocker represents a Flocker volume attached to - a kubelet's host machine. This depends on the Flocker control - service being running - properties: - datasetName: - description: datasetName is Name of the dataset stored as - metadata -> name on the dataset for Flocker should be - considered as deprecated - type: string - datasetUUID: - description: datasetUUID is the UUID of the dataset. This - is unique identifier of a Flocker dataset - type: string - type: object - gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk resource - that is attached to a kubelet''s host machine and then exposed - to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - properties: - fsType: - description: 'fsType is filesystem type of the volume that - you want to mount. Tip: Ensure that the filesystem type - is supported by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - partition: - description: 'partition is the partition in the volume that - you want to mount. If omitted, the default is to mount - by volume name. Examples: For volume /dev/sda1, you specify - the partition as "1". Similarly, the volume partition - for /dev/sda is "0" (or you can leave the property empty). - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - format: int32 - type: integer - pdName: - description: 'pdName is unique name of the PD resource in - GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: string - readOnly: - description: 'readOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: boolean - required: - - pdName - type: object - gitRepo: - description: 'gitRepo represents a git repository at a particular - revision. DEPRECATED: GitRepo is deprecated. To provision - a container with a git repo, mount an EmptyDir into an InitContainer - that clones the repo using git, then mount the EmptyDir into - the Pod''s container.' - properties: - directory: - description: directory is the target directory name. Must - not contain or start with '..'. If '.' is supplied, the - volume directory will be the git repository. Otherwise, - if specified, the volume will contain the git repository - in the subdirectory with the given name. - type: string - repository: - description: repository is the URL - type: string - revision: - description: revision is the commit hash for the specified - revision. - type: string - required: - - repository - type: object - glusterfs: - description: 'glusterfs represents a Glusterfs mount on the - host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' - properties: - endpoints: - description: 'endpoints is the endpoint name that details - Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - path: - description: 'path is the Glusterfs volume path. More info: - https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - readOnly: - description: 'readOnly here will force the Glusterfs volume - to be mounted with read-only permissions. Defaults to - false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: boolean - required: - - endpoints - - path - type: object - hostPath: - description: 'hostPath represents a pre-existing file or directory - on the host machine that is directly exposed to the container. - This is generally used for system agents or other privileged - things that are allowed to see the host machine. Most containers - will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host directory - mounts and who can/can not mount host directories as read/write.' - properties: - path: - description: 'path of the directory on the host. If the - path is a symlink, it will follow the link to the real - path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - type: - description: 'type for HostPath Volume Defaults to "" More - info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - required: - - path - type: object - iscsi: - description: 'iscsi represents an ISCSI Disk resource that is - attached to a kubelet''s host machine and then exposed to - the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' - properties: - chapAuthDiscovery: - description: chapAuthDiscovery defines whether support iSCSI - Discovery CHAP authentication - type: boolean - chapAuthSession: - description: chapAuthSession defines whether support iSCSI - Session CHAP authentication - type: boolean - fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. - type: string - iqn: - description: iqn is the target iSCSI Qualified Name. - type: string - iscsiInterface: - description: iscsiInterface is the interface Name that uses - an iSCSI transport. Defaults to 'default' (tcp). - type: string - lun: - description: lun represents iSCSI Target Lun number. - format: int32 - type: integer - portals: - description: portals is the iSCSI Target Portal List. The - portal is either an IP or ip_addr:port if the port is - other than default (typically TCP ports 860 and 3260). - items: - type: string - type: array - readOnly: - description: readOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. - type: boolean - secretRef: - description: secretRef is the CHAP Secret for iSCSI target - and initiator authentication - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - targetPortal: - description: targetPortal is iSCSI Target Portal. The Portal - is either an IP or ip_addr:port if the port is other than - default (typically TCP ports 860 and 3260). - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - description: 'name of the volume. Must be a DNS_LABEL and unique - within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - nfs: - description: 'nfs represents an NFS mount on the host that shares - a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - properties: - path: - description: 'path that is exported by the NFS server. More - info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - readOnly: - description: 'readOnly here will force the NFS export to - be mounted with read-only permissions. Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: boolean - server: - description: 'server is the hostname or IP address of the - NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents a - reference to a PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - properties: - claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - type: string - readOnly: - description: readOnly Will force the ReadOnly setting in - VolumeMounts. Default false. - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host machine - properties: - fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - pdID: - description: pdID is the ID that identifies Photon Controller - persistent disk - type: string - required: - - pdID - type: object - portworxVolume: - description: portworxVolume represents a portworx volume attached - and mounted on kubelets host machine - properties: - fsType: - description: fSType represents the filesystem type to mount - Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - readOnly: - description: readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - volumeID: - description: volumeID uniquely identifies a Portworx volume - type: string - required: - - volumeID - type: object - projected: - description: projected items for all in one resources secrets, - configmaps, and downward API - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions - on created files by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON requires decimal - values for mode bits. Directories within the path are - not affected by this setting. This might be in conflict - with other options that affect the file mode, like fsGroup, - and the result can be other mode bits set. - format: int32 - type: integer - sources: - description: sources is the list of volume projections + requiredDuringSchedulingIgnoredDuringExecution: + description: + If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its + node. When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, i.e. + all terms must be satisfied. items: - description: Projection that may be projected along with - other supported volume types + description: + Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running properties: - configMap: - description: configMap information about the configMap - data to project + labelSelector: + description: + A label query over a set of resources, + in this case pods. properties: - items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the ConfigMap, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain the - '..' path or start with '..'. + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are ANDed. items: - description: Maps a string key to a path within - a volume. + description: + A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. properties: key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. + description: + key is the label key that the + selector applies to. type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: optional specify whether the ConfigMap - or its keys must be defined - type: boolean - type: object - downwardAPI: - description: downwardAPI information about the downwardAPI - data to project - properties: - items: - description: Items is a list of DownwardAPIVolume - file - items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field - properties: - fieldRef: - description: 'Required: Selects a field - of the pod: only annotations, labels, - name and namespace are supported.' - properties: - apiVersion: - description: Version of the schema the - FieldPath is written in terms of, - defaults to "v1". - type: string - fieldPath: - description: Path of the field to select - in the specified API version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: mode bits used to - set permissions on this file, must be - an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML - accepts both octal and decimal values, - JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can - be other mode bits set.' - format: int32 - type: integer - path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' - path. Must be utf-8 encoded. The first - item of the relative path must not start - with ''..''' + operator: + description: + operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. type: string - resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and requests - (limits.cpu, limits.memory, requests.cpu - and requests.memory) are currently supported.' - properties: - containerName: - description: 'Container name: required - for volumes, optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format - of the exposed resources, defaults - to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to - select' - type: string - required: - - resource - type: object + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array required: - - path + - key + - operator type: object type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object type: object - secret: - description: secret information about the secret data - to project + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. properties: - items: - description: items if unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the Secret, the volume setup - will error unless it is marked optional. Paths - must be relative and may not contain the '..' - path or start with '..'. + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are ANDed. items: - description: Maps a string key to a path within - a volume. + description: + A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. properties: key: - description: key is the key to project. + description: + key is the label key that the + selector applies to. type: string - mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. + operator: + description: + operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array required: - - key - - path + - key + - operator type: object type: array - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: optional field specify whether the - Secret or its key must be defined - type: boolean - type: object - serviceAccountToken: - description: serviceAccountToken is information about - the serviceAccountToken data to project - properties: - audience: - description: audience is the intended audience - of the token. A recipient of a token must identify - itself with an identifier specified in the audience - of the token, and otherwise should reject the - token. The audience defaults to the identifier - of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested - duration of validity of the service account - token. As the token approaches expiration, the - kubelet volume plugin will proactively rotate - the service account token. The kubelet will - start trying to rotate the token if the token - is older than 80 percent of its time to live - or if the token is older than 24 hours.Defaults - to 1 hour and must be at least 10 minutes. - format: int64 - type: integer - path: - description: path is the path relative to the - mount point of the file to project the token - into. - type: string - required: - - path + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object type: object + namespaces: + description: + namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey type: object type: array type: object - quobyte: - description: quobyte represents a Quobyte mount on the host - that shares a pod's lifetime - properties: - group: - description: group to map volume access to Default is no - group - type: string - readOnly: - description: readOnly here will force the Quobyte volume - to be mounted with read-only permissions. Defaults to - false. - type: boolean - registry: - description: registry represents a single or multiple Quobyte - Registry services specified as a string as host:port pair - (multiple entries are separated with commas) which acts - as the central registry for volumes - type: string - tenant: - description: tenant owning the given Quobyte volume in the - Backend Used with dynamically provisioned Quobyte volumes, - value is set by the plugin - type: string - user: - description: user to map volume access to Defaults to serivceaccount - user - type: string - volume: - description: volume is a string that references an already - created Quobyte volume by name. - type: string - required: - - registry - - volume - type: object - rbd: - description: 'rbd represents a Rados Block Device mount on the - host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' - properties: - fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - image: - description: 'image is the rados image name. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - keyring: - description: 'keyring is the path to key ring for RBDUser. - Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - items: - type: string - type: array - pool: - description: 'pool is the rados pool name. Default is rbd. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - readOnly: - description: 'readOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: boolean - secretRef: - description: 'secretRef is name of the authentication secret - for RBDUser. If provided overrides keyring. Default is - nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - user: - description: 'user is the rados user name. Default is admin. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - required: - - image - - monitors - type: object - scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. - properties: - fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Default is "xfs". - type: string - gateway: - description: gateway is the host address of the ScaleIO - API Gateway. - type: string - protectionDomain: - description: protectionDomain is the name of the ScaleIO - Protection Domain for the configured storage. - type: string - readOnly: - description: readOnly Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: secretRef references to the secret for ScaleIO - user and other sensitive information. If this is not provided, - Login operation will fail. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - sslEnabled: - description: sslEnabled Flag enable/disable SSL communication - with Gateway, default false - type: boolean - storageMode: - description: storageMode indicates whether the storage for - a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. - type: string - storagePool: - description: storagePool is the ScaleIO Storage Pool associated - with the protection domain. - type: string - system: - description: system is the name of the storage system as - configured in ScaleIO. - type: string - volumeName: - description: volumeName is the name of a volume already - created in the ScaleIO system that is associated with - this volume source. - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - description: 'secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to - set permissions on created files by default. Must be an - octal value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. Defaults to - 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: items If unspecified, each key-value pair in - the Data field of the referenced Secret will be projected - into the volume as a file whose name is the key and content - is the value. If specified, the listed keys will be projected - into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in - the Secret, the volume setup will error unless it is marked - optional. Paths must be relative and may not contain the - '..' path or start with '..'. - items: - description: Maps a string key to a path within a volume. - properties: - key: - description: key is the key to project. + type: object + env: + description: + Env allows to specify environment vars for the parser + container. + items: + description: + EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: + 'Variable references $(VAR_NAME) are expanded using + the previously defined environment variables in the container + and any service environment variables. If a variable cannot + be resolved, the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the + string literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists or + not. Defaults to "".' + type: string + valueFrom: + description: + Source for the environment variable's value. Cannot + be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. type: string - mode: - description: 'mode is Optional: mode bits used to - set permissions on this file. Must be an octal value - between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. If not - specified, the volume defaultMode will be used. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of the file - to map the key to. May not be an absolute path. - May not contain the path element '..'. May not start - with the string '..'. + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" type: string + optional: + description: + Specify whether the ConfigMap or its key + must be defined + type: boolean required: - - key - - path + - key type: object - type: array - optional: - description: optional field specify whether the Secret or - its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the - pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - type: object - storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. - properties: - fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - readOnly: - description: readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: secretRef specifies the secret to use for obtaining - the StorageOS API credentials. If not specified, default - values will be attempted. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - volumeName: - description: volumeName is the human-readable name of the - StorageOS volume. Volume names are only unique within - a namespace. - type: string - volumeNamespace: - description: volumeNamespace specifies the scope of the - volume within StorageOS. If no namespace is specified - then the Pod's namespace will be used. This allows the - Kubernetes name scoping to be mirrored within StorageOS - for tighter integration. Set VolumeName to any name to - override the default behaviour. Set to "default" if you - are not using namespaces within StorageOS. Namespaces - that do not pre-exist within StorageOS will be created. - type: string - type: object - vsphereVolume: - description: vsphereVolume represents a vSphere volume attached - and mounted on kubelets host machine - properties: - fsType: - description: fsType is filesystem type to mount. Must be - a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - storagePolicyID: - description: storagePolicyID is the storage Policy Based - Management (SPBM) profile ID associated with the StoragePolicyName. - type: string - storagePolicyName: - description: storagePolicyName is the storage Policy Based - Management (SPBM) profile name. - type: string - volumePath: - description: volumePath is the path that identifies vSphere - volume vmdk - type: string - required: - - volumePath - type: object - required: - - name + fieldRef: + description: + "Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP, status.podIPs." + properties: + apiVersion: + description: + Version of the schema the FieldPath is + written in terms of, defaults to "v1". + type: string + fieldPath: + description: + Path of the field to select in the specified + API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: + "Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: + "Container name: required for volumes, + optional for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output format of the exposed + resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's namespace + properties: + key: + description: + The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + optional: + description: + Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: + Image is the reference to the parser container image + which ca transform the raw scan report into findings + type: string + imagePullPolicy: + description: + "Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + type: string + imagePullSecrets: + description: ImagePullSecrets used to access private parser images + items: + description: + LocalObjectReference contains enough information to + let you locate the referenced object inside the same namespace. + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + type: array + scopeLimiterAliases: + additionalProperties: + type: string type: object - type: array - type: object - status: - description: ParseDefinitionStatus defines the observed state of ParseDefinition - type: object - type: object - served: true - storage: true - subresources: {} + tolerations: + description: + Tolerations are a different way to control on which nodes + your parser is executed. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + items: + description: + The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: + Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: + Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match all + values and all keys. + type: string + operator: + description: + Operator represents a key's relationship to the + value. Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod + can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: + TolerationSeconds represents the period of time + the toleration (which must be of effect NoExecute, otherwise + this field is ignored) tolerates the taint. By default, it + is not set, which means tolerate the taint forever (do not + evict). Zero and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: + Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + ttlSecondsAfterFinished: + description: + TTLSecondsAfterFinished configures the ttlSecondsAfterFinished + field for the created parse job + format: int32 + nullable: true + type: integer + volumeMounts: + description: + VolumeMounts allows to specify volume mounts for the + parser container. + items: + description: + VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: + Path within the container at which the volume should + be mounted. Must not contain ':'. + type: string + mountPropagation: + description: + mountPropagation determines how mounts are propagated + from the host to container and the other way around. When + not set, MountPropagationNone is used. This field is beta + in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: + Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: + Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: + Expanded path within the volume from which the + container's volume should be mounted. Behaves similarly to + SubPath but environment variable references $(VAR_NAME) are + expanded using the container's environment. Defaults to "" + (volume's root). SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: Volumes allows to specify volumes for the parser container. + items: + description: + Volume represents a named volume in a pod that may + be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: + "awsElasticBlockStore represents an AWS Disk resource + that is attached to a kubelet's host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + properties: + fsType: + description: + 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: + 'partition is the partition in the volume that + you want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, you specify + the partition as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can leave the property empty).' + format: int32 + type: integer + readOnly: + description: + "readOnly value true will force the readOnly + setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + type: boolean + volumeID: + description: + "volumeID is unique ID of the persistent disk + resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + type: string + required: + - volumeID + type: object + azureDisk: + description: + azureDisk represents an Azure Data Disk mount on + the host and bind mount to the pod. + properties: + cachingMode: + description: + "cachingMode is the Host Caching mode: None, + Read Only, Read Write." + type: string + diskName: + description: + diskName is the Name of the data disk in the + blob storage + type: string + diskURI: + description: + diskURI is the URI of data disk in the blob + storage + type: string + fsType: + description: + fsType is Filesystem type to mount. Must be + a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + kind: + description: + "kind expected values are Shared: multiple + blob disks per storage account Dedicated: single blob + disk per storage account Managed: azure managed data + disk (only in managed availability set). defaults to shared" + type: string + readOnly: + description: + readOnly Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: + azureFile represents an Azure File Service mount + on the host and bind mount to the pod. + properties: + readOnly: + description: + readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: + secretName is the name of secret that contains + Azure Storage Account Name and Key + type: string + shareName: + description: shareName is the azure share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: + cephFS represents a Ceph FS mount on the host that + shares a pod's lifetime + properties: + monitors: + description: + "monitors is Required: Monitors is a collection + of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + items: + type: string + type: array + path: + description: + "path is Optional: Used as the mounted root, + rather than the full Ceph tree, default is /" + type: string + readOnly: + description: + "readOnly is Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + type: boolean + secretFile: + description: + "secretFile is Optional: SecretFile is the + path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + type: string + secretRef: + description: + "secretRef is Optional: SecretRef is reference + to the authentication secret for User, default is empty. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + user: + description: + "user is optional: User is the rados user name, + default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + type: string + required: + - monitors + type: object + cinder: + description: + "cinder represents a cinder volume attached and + mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + properties: + fsType: + description: + 'fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: + "readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + type: boolean + secretRef: + description: + "secretRef is optional: points to a secret + object containing parameters used to connect to OpenStack." + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + volumeID: + description: + "volumeID used to identify the volume in cinder. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + type: string + required: + - volumeID + type: object + configMap: + description: + configMap represents a configMap that should populate + this volume + properties: + defaultMode: + description: + "defaultMode is optional: mode bits used to + set permissions on created files by default. Must be an + octal value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + items: + description: + items if unspecified, each key-value pair in + the Data field of the referenced ConfigMap will be projected + into the volume as a file whose name is the key and content + is the value. If specified, the listed keys will be projected + into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in + the ConfigMap, the volume setup will error unless it is + marked optional. Paths must be relative and may not contain + the '..' path or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode bits used to + set permissions on this file. Must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. If not + specified, the volume defaultMode will be used. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + path: + description: + path is the relative path of the file + to map the key to. May not be an absolute path. + May not contain the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + optional: + description: + optional specify whether the ConfigMap or its + keys must be defined + type: boolean + type: object + csi: + description: + csi (Container Storage Interface) represents ephemeral + storage that is handled by certain external CSI drivers (Beta + feature). + properties: + driver: + description: + driver is the name of the CSI driver that handles + this volume. Consult with your admin for the correct name + as registered in the cluster. + type: string + fsType: + description: + fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the associated + CSI driver which will determine the default filesystem + to apply. + type: string + nodePublishSecretRef: + description: + nodePublishSecretRef is a reference to the + secret object containing sensitive information to pass + to the CSI driver to complete the CSI NodePublishVolume + and NodeUnpublishVolume calls. This field is optional, + and may be empty if no secret is required. If the secret + object contains more than one secret, all secret references + are passed. + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + readOnly: + description: + readOnly specifies a read-only configuration + for the volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: + volumeAttributes stores driver-specific properties + that are passed to the CSI driver. Consult your driver's + documentation for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: + downwardAPI represents downward API about the pod + that should populate this volume + properties: + defaultMode: + description: + "Optional: mode bits to use on created files + by default. Must be a Optional: mode bits used to set + permissions on created files by default. Must be an octal + value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + items: + description: Items is a list of downward API volume file + items: + description: + DownwardAPIVolumeFile represents information + to create the file containing the pod field + properties: + fieldRef: + description: + "Required: Selects a field of the pod: + only annotations, labels, name and namespace are + supported." + properties: + apiVersion: + description: + Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: + Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: + "Optional: mode bits used to set permissions + on this file, must be an octal value between 0000 + and 0777 or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This might + be in conflict with other options that affect the + file mode, like fsGroup, and the result can be other + mode bits set." + format: int32 + type: integer + path: + description: + "Required: Path is the relative path + name of the file to be created. Must not be absolute + or contain the '..' path. Must be utf-8 encoded. + The first item of the relative path must not start + with '..'" + type: string + resourceFieldRef: + description: + "Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported." + properties: + containerName: + description: + "Container name: required for volumes, + optional for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + description: + "emptyDir represents a temporary directory that + shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + properties: + medium: + description: + 'medium represents what type of storage medium + should back this directory. The default is "" which means + to use the node''s default medium. Must be an empty string + (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: + "sizeLimit is the total amount of local storage + required for this EmptyDir volume. The size limit is also + applicable for memory medium. The maximum usage on memory + medium EmptyDir would be the minimum value between the + SizeLimit specified here and the sum of memory limits + of all containers in a pod. The default is nil which means + that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: + "ephemeral represents a volume that is handled + by a cluster storage driver. The volume's lifecycle is tied + to the pod that defines it - it will be created before the + pod starts, and deleted when the pod is removed. \n Use this + if: a) the volume is only needed while the pod runs, b) features + of normal volumes like restoring from snapshot or capacity + \ tracking are needed, c) the storage driver is specified + through a storage class, and d) the storage driver supports + dynamic volume provisioning through a PersistentVolumeClaim + (see EphemeralVolumeSource for more information on the + connection between this volume type and PersistentVolumeClaim). + \n Use PersistentVolumeClaim or one of the vendor-specific + APIs for volumes that persist for longer than the lifecycle + of an individual pod. \n Use CSI for light-weight local ephemeral + volumes if the CSI driver is meant to be used that way - see + the documentation of the driver for more information. \n A + pod can use both types of ephemeral volumes and persistent + volumes at the same time." + properties: + volumeClaimTemplate: + description: + "Will be used to create a stand-alone PVC to + provision the volume. The pod in which this EphemeralVolumeSource + is embedded will be the owner of the PVC, i.e. the PVC + will be deleted together with the pod. The name of the + PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. + Pod validation will reject the pod if the concatenated + name is not valid for a PVC (for example, too long). \n + An existing PVC with that name that is not owned by the + pod will *not* be used for the pod to avoid using an unrelated + volume by mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created PVC + is meant to be used by the pod, the PVC has to updated + with an owner reference to the pod once the pod exists. + Normally this should not be necessary, but it may be useful + when manually reconstructing a broken cluster. \n This + field is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. \n Required, must + not be nil." + properties: + metadata: + description: + May contain labels and annotations that + will be copied into the PVC when creating it. No other + fields are allowed and will be rejected during validation. + type: object + spec: + description: + The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into the PVC + that gets created from this template. The same fields + as in a PersistentVolumeClaim are also valid here. + properties: + accessModes: + description: + "accessModes contains the desired access + modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + items: + type: string + type: array + dataSource: + description: + "dataSource field can be used to specify + either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the + provisioner or an external controller can support + the specified data source, it will create a new + volume based on the contents of the specified + data source. If the AnyVolumeDataSource feature + gate is enabled, this field will always have the + same contents as the DataSourceRef field." + properties: + apiGroup: + description: + APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API + group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: + Kind is the type of resource being + referenced + type: string + name: + description: + Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + dataSourceRef: + description: + "dataSourceRef specifies the object + from which to populate the volume with data, if + a non-empty volume is desired. This may be any + local object from a non-empty API group (non core + object) or a PersistentVolumeClaim object. When + this field is specified, volume binding will only + succeed if the type of the specified object matches + some installed volume populator or dynamic provisioner. + This field will replace the functionality of the + DataSource field and as such if both fields are + non-empty, they must have the same value. For + backwards compatibility, both fields (DataSource + and DataSourceRef) will be set to the same value + automatically if one of them is empty and the + other is non-empty. There are two important differences + between DataSource and DataSourceRef: * While + DataSource only allows two specific types of objects, + DataSourceRef allows any non-core object, as + well as PersistentVolumeClaim objects. * While + DataSource ignores disallowed values (dropping + them), DataSourceRef preserves all values, and + generates an error if a disallowed value is specified. + (Beta) Using this field requires the AnyVolumeDataSource + feature gate to be enabled." + properties: + apiGroup: + description: + APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API + group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: + Kind is the type of resource being + referenced + type: string + name: + description: + Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + resources: + description: + "resources represents the minimum resources + the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify + resource requirements that are lower than previous + value but must still be higher than capacity recorded + in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: + "Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: + "Requests describes the minimum + amount of compute resources required. If Requests + is omitted for a container, it defaults to + Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + type: object + selector: + description: + selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + storageClassName: + description: + "storageClassName is the name of the + StorageClass required by the claim. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + type: string + volumeMode: + description: + volumeMode defines what type of volume + is required by the claim. Value of Filesystem + is implied when not included in claim spec. + type: string + volumeName: + description: + volumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: + fc represents a Fibre Channel resource that is + attached to a kubelet's host machine and then exposed to the + pod. + properties: + fsType: + description: + 'fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + lun: + description: "lun is Optional: FC target lun number" + format: int32 + type: integer + readOnly: + description: + "readOnly is Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts." + type: boolean + targetWWNs: + description: + "targetWWNs is Optional: FC target worldwide + names (WWNs)" + items: + type: string + type: array + wwids: + description: + "wwids Optional: FC volume world wide identifiers + (wwids) Either wwids or combination of targetWWNs and + lun must be set, but not both simultaneously." + items: + type: string + type: array + type: object + flexVolume: + description: + flexVolume represents a generic volume resource + that is provisioned/attached using an exec based plugin. + properties: + driver: + description: + driver is the name of the driver to use for + this volume. + type: string + fsType: + description: + fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". The default filesystem depends + on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: + "options is Optional: this field holds extra + command options if any." + type: object + readOnly: + description: + "readOnly is Optional: defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts." + type: boolean + secretRef: + description: + "secretRef is Optional: secretRef is reference + to the secret object containing sensitive information + to pass to the plugin scripts. This may be empty if no + secret object is specified. If the secret object contains + more than one secret, all secrets are passed to the plugin + scripts." + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + required: + - driver + type: object + flocker: + description: + flocker represents a Flocker volume attached to + a kubelet's host machine. This depends on the Flocker control + service being running + properties: + datasetName: + description: + datasetName is Name of the dataset stored as + metadata -> name on the dataset for Flocker should be + considered as deprecated + type: string + datasetUUID: + description: + datasetUUID is the UUID of the dataset. This + is unique identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: + "gcePersistentDisk represents a GCE Disk resource + that is attached to a kubelet's host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + properties: + fsType: + description: + 'fsType is filesystem type of the volume that + you want to mount. Tip: Ensure that the filesystem type + is supported by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: + 'partition is the partition in the volume that + you want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, you specify + the partition as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: + "pdName is unique name of the PD resource in + GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + type: string + readOnly: + description: + "readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + type: boolean + required: + - pdName + type: object + gitRepo: + description: + "gitRepo represents a git repository at a particular + revision. DEPRECATED: GitRepo is deprecated. To provision + a container with a git repo, mount an EmptyDir into an InitContainer + that clones the repo using git, then mount the EmptyDir into + the Pod's container." + properties: + directory: + description: + directory is the target directory name. Must + not contain or start with '..'. If '.' is supplied, the + volume directory will be the git repository. Otherwise, + if specified, the volume will contain the git repository + in the subdirectory with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: + revision is the commit hash for the specified + revision. + type: string + required: + - repository + type: object + glusterfs: + description: + "glusterfs represents a Glusterfs mount on the + host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + properties: + endpoints: + description: + "endpoints is the endpoint name that details + Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + type: string + path: + description: + "path is the Glusterfs volume path. More info: + https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + type: string + readOnly: + description: + "readOnly here will force the Glusterfs volume + to be mounted with read-only permissions. Defaults to + false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: + "hostPath represents a pre-existing file or directory + on the host machine that is directly exposed to the container. + This is generally used for system agents or other privileged + things that are allowed to see the host machine. Most containers + will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use host directory + mounts and who can/can not mount host directories as read/write." + properties: + path: + description: + "path of the directory on the host. If the + path is a symlink, it will follow the link to the real + path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + type: string + type: + description: + 'type for HostPath Volume Defaults to "" More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: + "iscsi represents an ISCSI Disk resource that is + attached to a kubelet's host machine and then exposed to + the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" + properties: + chapAuthDiscovery: + description: + chapAuthDiscovery defines whether support iSCSI + Discovery CHAP authentication + type: boolean + chapAuthSession: + description: + chapAuthSession defines whether support iSCSI + Session CHAP authentication + type: boolean + fsType: + description: + 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + initiatorName: + description: + initiatorName is the custom iSCSI Initiator + Name. If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified Name. + type: string + iscsiInterface: + description: + iscsiInterface is the interface Name that uses + an iSCSI transport. Defaults to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: + portals is the iSCSI Target Portal List. The + portal is either an IP or ip_addr:port if the port is + other than default (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: + readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: + secretRef is the CHAP Secret for iSCSI target + and initiator authentication + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + targetPortal: + description: + targetPortal is iSCSI Target Portal. The Portal + is either an IP or ip_addr:port if the port is other than + default (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: + "name of the volume. Must be a DNS_LABEL and unique + within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: string + nfs: + description: + "nfs represents an NFS mount on the host that shares + a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + properties: + path: + description: + "path that is exported by the NFS server. More + info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + type: string + readOnly: + description: + "readOnly here will force the NFS export to + be mounted with read-only permissions. Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + type: boolean + server: + description: + "server is the hostname or IP address of the + NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: + "persistentVolumeClaimVolumeSource represents a + reference to a PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + properties: + claimName: + description: + "claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + type: string + readOnly: + description: + readOnly Will force the ReadOnly setting in + VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: + photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host machine + properties: + fsType: + description: + fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + pdID: + description: + pdID is the ID that identifies Photon Controller + persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: + portworxVolume represents a portworx volume attached + and mounted on kubelets host machine + properties: + fsType: + description: + fSType represents the filesystem type to mount + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: + readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies a Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: + projected items for all in one resources secrets, + configmaps, and downward API + properties: + defaultMode: + description: + defaultMode are the mode bits used to set permissions + on created files by default. Must be an octal value between + 0000 and 0777 or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON requires decimal + values for mode bits. Directories within the path are + not affected by this setting. This might be in conflict + with other options that affect the file mode, like fsGroup, + and the result can be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: + Projection that may be projected along with + other supported volume types + properties: + configMap: + description: + configMap information about the configMap + data to project + properties: + items: + description: + items if unspecified, each key-value + pair in the Data field of the referenced ConfigMap + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the ConfigMap, the volume + setup will error unless it is marked optional. + Paths must be relative and may not contain the + '..' path or start with '..'. + items: + description: + Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. YAML accepts both octal and decimal + values, JSON requires decimal values for + mode bits. If not specified, the volume + defaultMode will be used. This might be + in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + path: + description: + path is the relative path of + the file to map the key to. May not be + an absolute path. May not contain the + path element '..'. May not start with + the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: + optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + downwardAPI: + description: + downwardAPI information about the downwardAPI + data to project + properties: + items: + description: + Items is a list of DownwardAPIVolume + file + items: + description: + DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: + "Required: Selects a field + of the pod: only annotations, labels, + name and namespace are supported." + properties: + apiVersion: + description: + Version of the schema the + FieldPath is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: + Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: + "Optional: mode bits used to + set permissions on this file, must be + an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML + accepts both octal and decimal values, + JSON requires decimal values for mode + bits. If not specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can + be other mode bits set." + format: int32 + type: integer + path: + description: + "Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the '..' + path. Must be utf-8 encoded. The first + item of the relative path must not start + with '..'" + type: string + resourceFieldRef: + description: + "Selects a resource of the + container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu + and requests.memory) are currently supported." + properties: + containerName: + description: + "Container name: required + for volumes, optional for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output format + of the exposed resources, defaults + to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: + "Required: resource to + select" + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + description: + secret information about the secret data + to project + properties: + items: + description: + items if unspecified, each key-value + pair in the Data field of the referenced Secret + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the Secret, the volume setup + will error unless it is marked optional. Paths + must be relative and may not contain the '..' + path or start with '..'. + items: + description: + Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. YAML accepts both octal and decimal + values, JSON requires decimal values for + mode bits. If not specified, the volume + defaultMode will be used. This might be + in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + path: + description: + path is the relative path of + the file to map the key to. May not be + an absolute path. May not contain the + path element '..'. May not start with + the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: + optional field specify whether the + Secret or its key must be defined + type: boolean + type: object + serviceAccountToken: + description: + serviceAccountToken is information about + the serviceAccountToken data to project + properties: + audience: + description: + audience is the intended audience + of the token. A recipient of a token must identify + itself with an identifier specified in the audience + of the token, and otherwise should reject the + token. The audience defaults to the identifier + of the apiserver. + type: string + expirationSeconds: + description: + expirationSeconds is the requested + duration of validity of the service account + token. As the token approaches expiration, the + kubelet volume plugin will proactively rotate + the service account token. The kubelet will + start trying to rotate the token if the token + is older than 80 percent of its time to live + or if the token is older than 24 hours.Defaults + to 1 hour and must be at least 10 minutes. + format: int64 + type: integer + path: + description: + path is the path relative to the + mount point of the file to project the token + into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: + quobyte represents a Quobyte mount on the host + that shares a pod's lifetime + properties: + group: + description: + group to map volume access to Default is no + group + type: string + readOnly: + description: + readOnly here will force the Quobyte volume + to be mounted with read-only permissions. Defaults to + false. + type: boolean + registry: + description: + registry represents a single or multiple Quobyte + Registry services specified as a string as host:port pair + (multiple entries are separated with commas) which acts + as the central registry for volumes + type: string + tenant: + description: + tenant owning the given Quobyte volume in the + Backend Used with dynamically provisioned Quobyte volumes, + value is set by the plugin + type: string + user: + description: + user to map volume access to Defaults to serivceaccount + user + type: string + volume: + description: + volume is a string that references an already + created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: + "rbd represents a Rados Block Device mount on the + host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" + properties: + fsType: + description: + 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + image: + description: + "image is the rados image name. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + keyring: + description: + "keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + monitors: + description: + "monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + items: + type: string + type: array + pool: + description: + "pool is the rados pool name. Default is rbd. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + readOnly: + description: + "readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: boolean + secretRef: + description: + "secretRef is name of the authentication secret + for RBDUser. If provided overrides keyring. Default is + nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + user: + description: + "user is the rados user name. Default is admin. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + required: + - image + - monitors + type: object + scaleIO: + description: + scaleIO represents a ScaleIO persistent volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: + fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: + gateway is the host address of the ScaleIO + API Gateway. + type: string + protectionDomain: + description: + protectionDomain is the name of the ScaleIO + Protection Domain for the configured storage. + type: string + readOnly: + description: + readOnly Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: + secretRef references to the secret for ScaleIO + user and other sensitive information. If this is not provided, + Login operation will fail. + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + sslEnabled: + description: + sslEnabled Flag enable/disable SSL communication + with Gateway, default false + type: boolean + storageMode: + description: + storageMode indicates whether the storage for + a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: + storagePool is the ScaleIO Storage Pool associated + with the protection domain. + type: string + system: + description: + system is the name of the storage system as + configured in ScaleIO. + type: string + volumeName: + description: + volumeName is the name of a volume already + created in the ScaleIO system that is associated with + this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: + "secret represents a secret that should populate + this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + properties: + defaultMode: + description: + "defaultMode is Optional: mode bits used to + set permissions on created files by default. Must be an + octal value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + items: + description: + items If unspecified, each key-value pair in + the Data field of the referenced Secret will be projected + into the volume as a file whose name is the key and content + is the value. If specified, the listed keys will be projected + into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in + the Secret, the volume setup will error unless it is marked + optional. Paths must be relative and may not contain the + '..' path or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode bits used to + set permissions on this file. Must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. If not + specified, the volume defaultMode will be used. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + path: + description: + path is the relative path of the file + to map the key to. May not be an absolute path. + May not contain the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: + optional field specify whether the Secret or + its keys must be defined + type: boolean + secretName: + description: + "secretName is the name of the secret in the + pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + type: string + type: object + storageos: + description: + storageOS represents a StorageOS volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: + fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: + readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: + secretRef specifies the secret to use for obtaining + the StorageOS API credentials. If not specified, default + values will be attempted. + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + volumeName: + description: + volumeName is the human-readable name of the + StorageOS volume. Volume names are only unique within + a namespace. + type: string + volumeNamespace: + description: + volumeNamespace specifies the scope of the + volume within StorageOS. If no namespace is specified + then the Pod's namespace will be used. This allows the + Kubernetes name scoping to be mirrored within StorageOS + for tighter integration. Set VolumeName to any name to + override the default behaviour. Set to "default" if you + are not using namespaces within StorageOS. Namespaces + that do not pre-exist within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: + vsphereVolume represents a vSphere volume attached + and mounted on kubelets host machine + properties: + fsType: + description: + fsType is filesystem type to mount. Must be + a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + storagePolicyID: + description: + storagePolicyID is the storage Policy Based + Management (SPBM) profile ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: + storagePolicyName is the storage Policy Based + Management (SPBM) profile name. + type: string + volumePath: + description: + volumePath is the path that identifies vSphere + volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + type: object + status: + description: ParseDefinitionStatus defines the observed state of ParseDefinition + type: object + type: object + served: true + storage: true + subresources: {} status: acceptedNames: kind: "" diff --git a/operator/crds/execution.securecodebox.io_scancompletionhooks.yaml b/operator/crds/execution.securecodebox.io_scancompletionhooks.yaml index 53a8028840..4bd1cd635b 100644 --- a/operator/crds/execution.securecodebox.io_scancompletionhooks.yaml +++ b/operator/crds/execution.securecodebox.io_scancompletionhooks.yaml @@ -19,2596 +19,2963 @@ spec: singular: scancompletionhook scope: Namespaced versions: - - additionalPrinterColumns: - - description: ScanCompletionHook Type - jsonPath: .spec.type - name: Type - type: string - - description: ScanCompletionHook Priority - jsonPath: .spec.priority - name: Priority - type: string - - description: ScanCompletionHook Image - jsonPath: .spec.image - name: Image - type: string - name: v1 - schema: - openAPIV3Schema: - description: ScanCompletionHook is the Schema for the ScanCompletionHooks - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ScanCompletionHookSpec defines the desired state of ScanCompletionHook - properties: - affinity: - description: 'Affinity allows to specify a node affinity, to control - on which nodes you want a hook to run. See: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/' - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for the - pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to - nodes that satisfy the affinity expressions specified by - this field, but it may choose a node that violates one or - more of the expressions. The node that is most preferred - is the one with the greatest sum of weights, i.e. for each - node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of - this field and adding "weight" to the sum if the node matches - the corresponding matchExpressions; the node(s) with the - highest sum are the most preferred. - items: - description: An empty preferred scheduling term matches - all objects with implicit weight 0 (i.e. it's a no-op). - A null preferred scheduling term matches no objects (i.e. - is also a no-op). - properties: - preference: - description: A node selector term, associated with the - corresponding weight. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: + - additionalPrinterColumns: + - description: ScanCompletionHook Type + jsonPath: .spec.type + name: Type + type: string + - description: ScanCompletionHook Priority + jsonPath: .spec.priority + name: Priority + type: string + - description: ScanCompletionHook Image + jsonPath: .spec.image + name: Image + type: string + name: v1 + schema: + openAPIV3Schema: + description: + ScanCompletionHook is the Schema for the ScanCompletionHooks + API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ScanCompletionHookSpec defines the desired state of ScanCompletionHook + properties: + affinity: + description: + "Affinity allows to specify a node affinity, to control + on which nodes you want a hook to run. See: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/" + properties: + nodeAffinity: + description: + Describes node affinity scheduling rules for the + pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: + The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node matches + the corresponding matchExpressions; the node(s) with the + highest sum are the most preferred. + items: + description: + An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects (i.e. + is also a no-op). + properties: + preference: + description: + A node selector term, associated with the + corresponding weight. + properties: + matchExpressions: + description: + A list of node selector requirements + by node's labels. + items: + description: + A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + The label key that the selector + applies to. type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: + operator: + description: + Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - description: Weight associated with matching the corresponding - nodeSelectorTerm, in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this - field are not met at scheduling time, the pod will not be - scheduled onto the node. If the affinity requirements specified - by this field cease to be met at some point during pod execution - (e.g. due to an update), the system may or may not try to - eventually evict the pod from its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. - The terms are ORed. - items: - description: A null or empty node selector term matches - no objects. The requirements of them are ANDed. The - TopologySelectorTerm type implements a subset of the - NodeSelectorTerm. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: + values: + description: + An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: + A list of node selector requirements + by node's fields. + items: + description: + A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + The label key that the selector + applies to. type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: + operator: + description: + Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - description: Describes pod affinity scheduling rules (e.g. co-locate - this pod in the same node, zone, etc. as some other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to - nodes that satisfy the affinity expressions specified by - this field, but it may choose a node that violates one or - more of the expressions. The node that is most preferred - is the one with the greatest sum of weights, i.e. for each - node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of - this field and adding "weight" to the sum if the node has - pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + values: + description: + An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. + type: array + type: object + weight: + description: + Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: + If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to an update), the system may or may not try to + eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: + Required. A list of node selector terms. + The terms are ORed. + items: + description: + A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: + A list of node selector requirements + by node's labels. + items: + description: + A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + The label key that the selector + applies to. + type: string + operator: + description: + Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: + An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: + A list of node selector requirements + by node's fields. + items: + description: + A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + The label key that the selector + applies to. + type: string + operator: + description: + Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: + An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. type: object - type: object - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with matching the corresponding - podAffinityTerm, in the range 1-100. - format: int32 - type: integer + type: array + type: object + type: array required: - - podAffinityTerm - - weight + - nodeSelectorTerms type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this - field are not met at scheduling time, the pod will not be - scheduled onto the node. If the affinity requirements specified - by this field cease to be met at some point during pod execution - (e.g. due to a pod label update), the system may or may - not try to eventually evict the pod from its node. When - there are multiple elements, the lists of nodes corresponding - to each podAffinityTerm are intersected, i.e. all terms - must be satisfied. - items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not co-located - (anti-affinity) with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which a pod of the set of - pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + type: object + podAffinity: + description: + Describes pod affinity scheduling rules (e.g. co-locate + this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: + The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: + The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: + Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: + A label query over a set of resources, + in this case pods. properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. items: - type: string + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied to the - union of the namespaces selected by this field and - the ones listed in the namespaces field. null selector - and null or empty namespaces list means "this pod's - namespace". An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. items: - type: string + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: + namespaces: + description: + namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - namespaces: - description: namespaces specifies a static list of namespace - names that the term applies to. The term is applied - to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. null or - empty namespaces list and null namespaceSelector means - "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where - co-located is defined as running on a node whose value - of the label with key topologyKey matches that of - any node on which any of the selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules (e.g. - avoid putting this pod in the same node, zone, etc. as some - other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to - nodes that satisfy the anti-affinity expressions specified - by this field, but it may choose a node that violates one - or more of the expressions. The node that is most preferred - is the one with the greatest sum of weights, i.e. for each - node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of - this field and adding "weight" to the sum if the node has - pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + required: + - topologyKey + type: object + weight: + description: + weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: + If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may + not try to eventually evict the pod from its node. When + there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms + must be satisfied. + items: + description: + Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: + A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: + A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + key is the label key that the + selector applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: + A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + key is the label key that the + selector applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. type: object - type: object - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + namespaces: + description: + namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: type: string - required: + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: - topologyKey - type: object - weight: - description: weight associated with matching the corresponding - podAffinityTerm, in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified by - this field are not met at scheduling time, the pod will - not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during - pod execution (e.g. due to a pod label update), the system - may or may not try to eventually evict the pod from its - node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. - all terms must be satisfied. - items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not co-located - (anti-affinity) with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which a pod of the set of - pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + type: object + type: array + type: object + podAntiAffinity: + description: + Describes pod anti-affinity scheduling rules (e.g. + avoid putting this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: + The scheduler will prefer to schedule pods to + nodes that satisfy the anti-affinity expressions specified + by this field, but it may choose a node that violates one + or more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: + The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: + Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: + A label query over a set of resources, + in this case pods. properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. items: - type: string + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied to the - union of the namespaces selected by this field and - the ones listed in the namespaces field. null selector - and null or empty namespaces list means "this pod's - namespace". An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. items: - type: string - type: array - required: - - key - - operator + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - namespaces: - description: namespaces specifies a static list of namespace - names that the term applies to. The term is applied - to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. null or - empty namespaces list and null namespaceSelector means - "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where - co-located is defined as running on a node whose value - of the label with key topologyKey matches that of - any node on which any of the selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - env: - description: Env allows to specify environment vars for the hooks - container. - items: - description: EnvVar represents an environment variable present in - a Container. - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using - the previously defined environment variables in the container - and any service environment variables. If a variable cannot - be resolved, the reference in the input string will be unchanged. - Double $$ are reduced to a single $, which allows for escaping - the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the - string literal "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable exists or - not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot - be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key - must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the pod: supports metadata.name, - metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, - status.podIP, status.podIPs.' - properties: - apiVersion: - description: Version of the schema the FieldPath is - written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the specified - API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, requests.memory - and requests.ephemeral-storage) are currently supported.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of the exposed - resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - image: - description: Image is the container image for the hooks kubernetes - job - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent - otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - imagePullSecrets: - description: ImagePullSecrets used to access private hooks images - items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - type: array - priority: - default: 0 - description: Higher priority hooks run before low priority hooks. - Within a priority class ReadAndWrite hooks are started before ReadOnly - hooks, ReadAndWrite hooks wil be launched in serial, and ReadOnly - hooks will be launched in parallel. - type: integer - serviceAccountName: - description: ServiceAccountName Name of the serviceAccount Name used. - Should only be used if your hook needs specifc RBAC Access. Otherwise - the hook is run using a "scan-completion-hook" service account. - The service account should have at least "get" rights on scans.execution.securecodebox.io, - and "get" & "patch" scans.execution.securecodebox.io/status - type: string - tolerations: - description: Tolerations are a different way to control on which nodes - your hook is executed. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ - items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . - properties: - effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. - type: string - operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. - format: int64 - type: integer - value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. - type: string - type: object - type: array - ttlSecondsAfterFinished: - description: TTLSecondsAfterFinished configures the ttlSecondsAfterFinished - field for the created hook job - format: int32 - nullable: true - type: integer - type: - description: Defines weather the hook should be able to change the - findings or is run in a read only mode. - type: string - volumeMounts: - description: VolumeMounts allows to specify volume mounts for the - hooks container. - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: Path within the container at which the volume should - be mounted. Must not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how mounts are propagated - from the host to container and the other way around. When - not set, MountPropagationNone is used. This field is beta - in 1.10. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). - type: string - subPathExpr: - description: Expanded path within the volume from which the - container's volume should be mounted. Behaves similarly to - SubPath but environment variable references $(VAR_NAME) are - expanded using the container's environment. Defaults to "" - (volume's root). SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: Volumes allows to specify volumes for the hooks container. - items: - description: Volume represents a named volume in a pod that may - be accessed by any container in the pod. - properties: - awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS Disk resource - that is attached to a kubelet''s host machine and then exposed - to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - properties: - fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - partition: - description: 'partition is the partition in the volume that - you want to mount. If omitted, the default is to mount - by volume name. Examples: For volume /dev/sda1, you specify - the partition as "1". Similarly, the volume partition - for /dev/sda is "0" (or you can leave the property empty).' - format: int32 - type: integer - readOnly: - description: 'readOnly value true will force the readOnly - setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: boolean - volumeID: - description: 'volumeID is unique ID of the persistent disk - resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: string - required: - - volumeID - type: object - azureDisk: - description: azureDisk represents an Azure Data Disk mount on - the host and bind mount to the pod. - properties: - cachingMode: - description: 'cachingMode is the Host Caching mode: None, - Read Only, Read Write.' - type: string - diskName: - description: diskName is the Name of the data disk in the - blob storage - type: string - diskURI: - description: diskURI is the URI of data disk in the blob - storage - type: string - fsType: - description: fsType is Filesystem type to mount. Must be - a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single blob - disk per storage account Managed: azure managed data - disk (only in managed availability set). defaults to shared' - type: string - readOnly: - description: readOnly Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - description: azureFile represents an Azure File Service mount - on the host and bind mount to the pod. - properties: - readOnly: - description: readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - secretName: - description: secretName is the name of secret that contains - Azure Storage Account Name and Key - type: string - shareName: - description: shareName is the azure share Name - type: string - required: - - secretName - - shareName - type: object - cephfs: - description: cephFS represents a Ceph FS mount on the host that - shares a pod's lifetime - properties: - monitors: - description: 'monitors is Required: Monitors is a collection - of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - items: - type: string - type: array - path: - description: 'path is Optional: Used as the mounted root, - rather than the full Ceph tree, default is /' - type: string - readOnly: - description: 'readOnly is Optional: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: boolean - secretFile: - description: 'secretFile is Optional: SecretFile is the - path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - secretRef: - description: 'secretRef is Optional: SecretRef is reference - to the authentication secret for User, default is empty. - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - user: - description: 'user is optional: User is the rados user name, - default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - required: - - monitors - type: object - cinder: - description: 'cinder represents a cinder volume attached and - mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - properties: - fsType: - description: 'fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred to - be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - readOnly: - description: 'readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: boolean - secretRef: - description: 'secretRef is optional: points to a secret - object containing parameters used to connect to OpenStack.' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - volumeID: - description: 'volumeID used to identify the volume in cinder. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - required: - - volumeID - type: object - configMap: - description: configMap represents a configMap that should populate - this volume - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to - set permissions on created files by default. Must be an - octal value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. Defaults to - 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: items if unspecified, each key-value pair in - the Data field of the referenced ConfigMap will be projected - into the volume as a file whose name is the key and content - is the value. If specified, the listed keys will be projected - into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in - the ConfigMap, the volume setup will error unless it is - marked optional. Paths must be relative and may not contain - the '..' path or start with '..'. - items: - description: Maps a string key to a path within a volume. - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to - set permissions on this file. Must be an octal value - between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. If not - specified, the volume defaultMode will be used. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of the file - to map the key to. May not be an absolute path. - May not contain the path element '..'. May not start - with the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its - keys must be defined - type: boolean - type: object - csi: - description: csi (Container Storage Interface) represents ephemeral - storage that is handled by certain external CSI drivers (Beta - feature). - properties: - driver: - description: driver is the name of the CSI driver that handles - this volume. Consult with your admin for the correct name - as registered in the cluster. - type: string - fsType: - description: fsType to mount. Ex. "ext4", "xfs", "ntfs". - If not provided, the empty value is passed to the associated - CSI driver which will determine the default filesystem - to apply. - type: string - nodePublishSecretRef: - description: nodePublishSecretRef is a reference to the - secret object containing sensitive information to pass - to the CSI driver to complete the CSI NodePublishVolume - and NodeUnpublishVolume calls. This field is optional, - and may be empty if no secret is required. If the secret - object contains more than one secret, all secret references - are passed. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). - type: boolean - volumeAttributes: - additionalProperties: - type: string - description: volumeAttributes stores driver-specific properties - that are passed to the CSI driver. Consult your driver's - documentation for supported values. - type: object - required: - - driver - type: object - downwardAPI: - description: downwardAPI represents downward API about the pod - that should populate this volume - properties: - defaultMode: - description: 'Optional: mode bits to use on created files - by default. Must be a Optional: mode bits used to set - permissions on created files by default. Must be an octal - value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. Defaults to - 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: Items is a list of downward API volume file - items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field - properties: - fieldRef: - description: 'Required: Selects a field of the pod: - only annotations, labels, name and namespace are - supported.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the - specified API version. + namespaces: + description: + namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. type: string required: - - fieldPath + - topologyKey type: object - mode: - description: 'Optional: mode bits used to set permissions - on this file, must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON requires - decimal values for mode bits. If not specified, - the volume defaultMode will be used. This might - be in conflict with other options that affect the - file mode, like fsGroup, and the result can be other - mode bits set.' + weight: + description: + weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. format: int32 type: integer - path: - description: 'Required: Path is the relative path - name of the file to be created. Must not be absolute - or contain the ''..'' path. Must be utf-8 encoded. - The first item of the relative path must not start - with ''..''' - type: string - resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of the - exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object required: - - path + - podAffinityTerm + - weight type: object type: array - type: object - emptyDir: - description: 'emptyDir represents a temporary directory that - shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - properties: - medium: - description: 'medium represents what type of storage medium - should back this directory. The default is "" which means - to use the node''s default medium. Must be an empty string - (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - description: 'sizeLimit is the total amount of local storage - required for this EmptyDir volume. The size limit is also - applicable for memory medium. The maximum usage on memory - medium EmptyDir would be the minimum value between the - SizeLimit specified here and the sum of memory limits - of all containers in a pod. The default is nil which means - that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - description: "ephemeral represents a volume that is handled - by a cluster storage driver. The volume's lifecycle is tied - to the pod that defines it - it will be created before the - pod starts, and deleted when the pod is removed. \n Use this - if: a) the volume is only needed while the pod runs, b) features - of normal volumes like restoring from snapshot or capacity - \ tracking are needed, c) the storage driver is specified - through a storage class, and d) the storage driver supports - dynamic volume provisioning through a PersistentVolumeClaim - (see EphemeralVolumeSource for more information on the - connection between this volume type and PersistentVolumeClaim). - \n Use PersistentVolumeClaim or one of the vendor-specific - APIs for volumes that persist for longer than the lifecycle - of an individual pod. \n Use CSI for light-weight local ephemeral - volumes if the CSI driver is meant to be used that way - see - the documentation of the driver for more information. \n A - pod can use both types of ephemeral volumes and persistent - volumes at the same time." - properties: - volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to - provision the volume. The pod in which this EphemeralVolumeSource - is embedded will be the owner of the PVC, i.e. the PVC - will be deleted together with the pod. The name of the - PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. - Pod validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too long). \n - An existing PVC with that name that is not owned by the - pod will *not* be used for the pod to avoid using an unrelated - volume by mistake. Starting the pod is then blocked until - the unrelated PVC is removed. If such a pre-created PVC - is meant to be used by the pod, the PVC has to updated - with an owner reference to the pod once the pod exists. - Normally this should not be necessary, but it may be useful - when manually reconstructing a broken cluster. \n This - field is read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, must - not be nil." - properties: - metadata: - description: May contain labels and annotations that - will be copied into the PVC when creating it. No other - fields are allowed and will be rejected during validation. - type: object - spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into the PVC - that gets created from this template. The same fields - as in a PersistentVolumeClaim are also valid here. - properties: - accessModes: - description: 'accessModes contains the desired access - modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' - items: - type: string - type: array - dataSource: - description: 'dataSource field can be used to specify - either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) If the - provisioner or an external controller can support - the specified data source, it will create a new - volume based on the contents of the specified - data source. If the AnyVolumeDataSource feature - gate is enabled, this field will always have the - same contents as the DataSourceRef field.' - properties: - apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API - group. For any other third-party types, APIGroup - is required. - type: string - kind: - description: Kind is the type of resource being - referenced - type: string - name: - description: Name is the name of resource being - referenced - type: string - required: - - kind - - name - type: object - dataSourceRef: - description: 'dataSourceRef specifies the object - from which to populate the volume with data, if - a non-empty volume is desired. This may be any - local object from a non-empty API group (non core - object) or a PersistentVolumeClaim object. When - this field is specified, volume binding will only - succeed if the type of the specified object matches - some installed volume populator or dynamic provisioner. - This field will replace the functionality of the - DataSource field and as such if both fields are - non-empty, they must have the same value. For - backwards compatibility, both fields (DataSource - and DataSourceRef) will be set to the same value - automatically if one of them is empty and the - other is non-empty. There are two important differences - between DataSource and DataSourceRef: * While - DataSource only allows two specific types of objects, - DataSourceRef allows any non-core object, as - well as PersistentVolumeClaim objects. * While - DataSource ignores disallowed values (dropping - them), DataSourceRef preserves all values, and - generates an error if a disallowed value is specified. - (Beta) Using this field requires the AnyVolumeDataSource - feature gate to be enabled.' - properties: - apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API - group. For any other third-party types, APIGroup - is required. - type: string - kind: - description: Kind is the type of resource being - referenced - type: string - name: - description: Name is the name of resource being - referenced - type: string - required: - - kind - - name - type: object - resources: - description: 'resources represents the minimum resources - the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to specify - resource requirements that are lower than previous - value but must still be higher than capacity recorded - in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. If Requests - is omitted for a container, it defaults to - Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - selector: - description: selector is a label query over volumes - to consider for binding. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - storageClassName: - description: 'storageClassName is the name of the - StorageClass required by the claim. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' - type: string - volumeMode: - description: volumeMode defines what type of volume - is required by the claim. Value of Filesystem - is implied when not included in claim spec. - type: string - volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. - type: string - type: object - required: - - spec - type: object - type: object - fc: - description: fc represents a Fibre Channel resource that is - attached to a kubelet's host machine and then exposed to the - pod. - properties: - fsType: - description: 'fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. TODO: how do we prevent errors in the - filesystem from compromising the machine' - type: string - lun: - description: 'lun is Optional: FC target lun number' - format: int32 - type: integer - readOnly: - description: 'readOnly is Optional: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts.' - type: boolean - targetWWNs: - description: 'targetWWNs is Optional: FC target worldwide - names (WWNs)' - items: - type: string - type: array - wwids: - description: 'wwids Optional: FC volume world wide identifiers - (wwids) Either wwids or combination of targetWWNs and - lun must be set, but not both simultaneously.' - items: - type: string - type: array - type: object - flexVolume: - description: flexVolume represents a generic volume resource - that is provisioned/attached using an exec based plugin. - properties: - driver: - description: driver is the name of the driver to use for - this volume. - type: string - fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". The default filesystem depends - on FlexVolume script. - type: string - options: - additionalProperties: - type: string - description: 'options is Optional: this field holds extra - command options if any.' - type: object - readOnly: - description: 'readOnly is Optional: defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts.' - type: boolean - secretRef: - description: 'secretRef is Optional: secretRef is reference - to the secret object containing sensitive information - to pass to the plugin scripts. This may be empty if no - secret object is specified. If the secret object contains - more than one secret, all secrets are passed to the plugin - scripts.' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - required: - - driver - type: object - flocker: - description: flocker represents a Flocker volume attached to - a kubelet's host machine. This depends on the Flocker control - service being running - properties: - datasetName: - description: datasetName is Name of the dataset stored as - metadata -> name on the dataset for Flocker should be - considered as deprecated - type: string - datasetUUID: - description: datasetUUID is the UUID of the dataset. This - is unique identifier of a Flocker dataset - type: string - type: object - gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk resource - that is attached to a kubelet''s host machine and then exposed - to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - properties: - fsType: - description: 'fsType is filesystem type of the volume that - you want to mount. Tip: Ensure that the filesystem type - is supported by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - partition: - description: 'partition is the partition in the volume that - you want to mount. If omitted, the default is to mount - by volume name. Examples: For volume /dev/sda1, you specify - the partition as "1". Similarly, the volume partition - for /dev/sda is "0" (or you can leave the property empty). - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - format: int32 - type: integer - pdName: - description: 'pdName is unique name of the PD resource in - GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: string - readOnly: - description: 'readOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: boolean - required: - - pdName - type: object - gitRepo: - description: 'gitRepo represents a git repository at a particular - revision. DEPRECATED: GitRepo is deprecated. To provision - a container with a git repo, mount an EmptyDir into an InitContainer - that clones the repo using git, then mount the EmptyDir into - the Pod''s container.' - properties: - directory: - description: directory is the target directory name. Must - not contain or start with '..'. If '.' is supplied, the - volume directory will be the git repository. Otherwise, - if specified, the volume will contain the git repository - in the subdirectory with the given name. - type: string - repository: - description: repository is the URL - type: string - revision: - description: revision is the commit hash for the specified - revision. - type: string - required: - - repository - type: object - glusterfs: - description: 'glusterfs represents a Glusterfs mount on the - host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' - properties: - endpoints: - description: 'endpoints is the endpoint name that details - Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - path: - description: 'path is the Glusterfs volume path. More info: - https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - readOnly: - description: 'readOnly here will force the Glusterfs volume - to be mounted with read-only permissions. Defaults to - false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: boolean - required: - - endpoints - - path - type: object - hostPath: - description: 'hostPath represents a pre-existing file or directory - on the host machine that is directly exposed to the container. - This is generally used for system agents or other privileged - things that are allowed to see the host machine. Most containers - will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host directory - mounts and who can/can not mount host directories as read/write.' - properties: - path: - description: 'path of the directory on the host. If the - path is a symlink, it will follow the link to the real - path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - type: - description: 'type for HostPath Volume Defaults to "" More - info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - required: - - path - type: object - iscsi: - description: 'iscsi represents an ISCSI Disk resource that is - attached to a kubelet''s host machine and then exposed to - the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' - properties: - chapAuthDiscovery: - description: chapAuthDiscovery defines whether support iSCSI - Discovery CHAP authentication - type: boolean - chapAuthSession: - description: chapAuthSession defines whether support iSCSI - Session CHAP authentication - type: boolean - fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. - type: string - iqn: - description: iqn is the target iSCSI Qualified Name. - type: string - iscsiInterface: - description: iscsiInterface is the interface Name that uses - an iSCSI transport. Defaults to 'default' (tcp). - type: string - lun: - description: lun represents iSCSI Target Lun number. - format: int32 - type: integer - portals: - description: portals is the iSCSI Target Portal List. The - portal is either an IP or ip_addr:port if the port is - other than default (typically TCP ports 860 and 3260). - items: - type: string - type: array - readOnly: - description: readOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. - type: boolean - secretRef: - description: secretRef is the CHAP Secret for iSCSI target - and initiator authentication - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - targetPortal: - description: targetPortal is iSCSI Target Portal. The Portal - is either an IP or ip_addr:port if the port is other than - default (typically TCP ports 860 and 3260). - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - description: 'name of the volume. Must be a DNS_LABEL and unique - within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - nfs: - description: 'nfs represents an NFS mount on the host that shares - a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - properties: - path: - description: 'path that is exported by the NFS server. More - info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - readOnly: - description: 'readOnly here will force the NFS export to - be mounted with read-only permissions. Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: boolean - server: - description: 'server is the hostname or IP address of the - NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents a - reference to a PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - properties: - claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - type: string - readOnly: - description: readOnly Will force the ReadOnly setting in - VolumeMounts. Default false. - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host machine - properties: - fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - pdID: - description: pdID is the ID that identifies Photon Controller - persistent disk - type: string - required: - - pdID - type: object - portworxVolume: - description: portworxVolume represents a portworx volume attached - and mounted on kubelets host machine - properties: - fsType: - description: fSType represents the filesystem type to mount - Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - readOnly: - description: readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - volumeID: - description: volumeID uniquely identifies a Portworx volume - type: string - required: - - volumeID - type: object - projected: - description: projected items for all in one resources secrets, - configmaps, and downward API - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions - on created files by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON requires decimal - values for mode bits. Directories within the path are - not affected by this setting. This might be in conflict - with other options that affect the file mode, like fsGroup, - and the result can be other mode bits set. - format: int32 - type: integer - sources: - description: sources is the list of volume projections + requiredDuringSchedulingIgnoredDuringExecution: + description: + If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its + node. When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, i.e. + all terms must be satisfied. items: - description: Projection that may be projected along with - other supported volume types + description: + Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running properties: - configMap: - description: configMap information about the configMap - data to project + labelSelector: + description: + A label query over a set of resources, + in this case pods. properties: - items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the ConfigMap, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain the - '..' path or start with '..'. + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are ANDed. items: - description: Maps a string key to a path within - a volume. + description: + A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. properties: key: - description: key is the key to project. + description: + key is the label key that the + selector applies to. type: string - mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: optional specify whether the ConfigMap - or its keys must be defined - type: boolean - type: object - downwardAPI: - description: downwardAPI information about the downwardAPI - data to project - properties: - items: - description: Items is a list of DownwardAPIVolume - file - items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field - properties: - fieldRef: - description: 'Required: Selects a field - of the pod: only annotations, labels, - name and namespace are supported.' - properties: - apiVersion: - description: Version of the schema the - FieldPath is written in terms of, - defaults to "v1". - type: string - fieldPath: - description: Path of the field to select - in the specified API version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: mode bits used to - set permissions on this file, must be - an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML - accepts both octal and decimal values, - JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can - be other mode bits set.' - format: int32 - type: integer - path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' - path. Must be utf-8 encoded. The first - item of the relative path must not start - with ''..''' + operator: + description: + operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. type: string - resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and requests - (limits.cpu, limits.memory, requests.cpu - and requests.memory) are currently supported.' - properties: - containerName: - description: 'Container name: required - for volumes, optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format - of the exposed resources, defaults - to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to - select' - type: string - required: - - resource - type: object + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array required: - - path + - key + - operator type: object type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object type: object - secret: - description: secret information about the secret data - to project + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. properties: - items: - description: items if unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the Secret, the volume setup - will error unless it is marked optional. Paths - must be relative and may not contain the '..' - path or start with '..'. + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are ANDed. items: - description: Maps a string key to a path within - a volume. + description: + A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. properties: key: - description: key is the key to project. + description: + key is the label key that the + selector applies to. type: string - mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. + operator: + description: + operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array required: - - key - - path + - key + - operator type: object type: array - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: optional field specify whether the - Secret or its key must be defined - type: boolean - type: object - serviceAccountToken: - description: serviceAccountToken is information about - the serviceAccountToken data to project - properties: - audience: - description: audience is the intended audience - of the token. A recipient of a token must identify - itself with an identifier specified in the audience - of the token, and otherwise should reject the - token. The audience defaults to the identifier - of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested - duration of validity of the service account - token. As the token approaches expiration, the - kubelet volume plugin will proactively rotate - the service account token. The kubelet will - start trying to rotate the token if the token - is older than 80 percent of its time to live - or if the token is older than 24 hours.Defaults - to 1 hour and must be at least 10 minutes. - format: int64 - type: integer - path: - description: path is the path relative to the - mount point of the file to project the token - into. - type: string - required: - - path + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object type: object + namespaces: + description: + namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey type: object type: array type: object - quobyte: - description: quobyte represents a Quobyte mount on the host - that shares a pod's lifetime - properties: - group: - description: group to map volume access to Default is no - group - type: string - readOnly: - description: readOnly here will force the Quobyte volume - to be mounted with read-only permissions. Defaults to - false. - type: boolean - registry: - description: registry represents a single or multiple Quobyte - Registry services specified as a string as host:port pair - (multiple entries are separated with commas) which acts - as the central registry for volumes - type: string - tenant: - description: tenant owning the given Quobyte volume in the - Backend Used with dynamically provisioned Quobyte volumes, - value is set by the plugin - type: string - user: - description: user to map volume access to Defaults to serivceaccount - user - type: string - volume: - description: volume is a string that references an already - created Quobyte volume by name. - type: string - required: - - registry - - volume - type: object - rbd: - description: 'rbd represents a Rados Block Device mount on the - host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' - properties: - fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - image: - description: 'image is the rados image name. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - keyring: - description: 'keyring is the path to key ring for RBDUser. - Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - items: - type: string - type: array - pool: - description: 'pool is the rados pool name. Default is rbd. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - readOnly: - description: 'readOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: boolean - secretRef: - description: 'secretRef is name of the authentication secret - for RBDUser. If provided overrides keyring. Default is - nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - user: - description: 'user is the rados user name. Default is admin. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - required: - - image - - monitors - type: object - scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. - properties: - fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Default is "xfs". - type: string - gateway: - description: gateway is the host address of the ScaleIO - API Gateway. - type: string - protectionDomain: - description: protectionDomain is the name of the ScaleIO - Protection Domain for the configured storage. - type: string - readOnly: - description: readOnly Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: secretRef references to the secret for ScaleIO - user and other sensitive information. If this is not provided, - Login operation will fail. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - sslEnabled: - description: sslEnabled Flag enable/disable SSL communication - with Gateway, default false - type: boolean - storageMode: - description: storageMode indicates whether the storage for - a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. - type: string - storagePool: - description: storagePool is the ScaleIO Storage Pool associated - with the protection domain. - type: string - system: - description: system is the name of the storage system as - configured in ScaleIO. - type: string - volumeName: - description: volumeName is the name of a volume already - created in the ScaleIO system that is associated with - this volume source. - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - description: 'secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to - set permissions on created files by default. Must be an - octal value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. Defaults to - 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: items If unspecified, each key-value pair in - the Data field of the referenced Secret will be projected - into the volume as a file whose name is the key and content - is the value. If specified, the listed keys will be projected - into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in - the Secret, the volume setup will error unless it is marked - optional. Paths must be relative and may not contain the - '..' path or start with '..'. - items: - description: Maps a string key to a path within a volume. + type: object + env: + description: + Env allows to specify environment vars for the hooks + container. + items: + description: + EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: + 'Variable references $(VAR_NAME) are expanded using + the previously defined environment variables in the container + and any service environment variables. If a variable cannot + be resolved, the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the + string literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists or + not. Defaults to "".' + type: string + valueFrom: + description: + Source for the environment variable's value. Cannot + be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. properties: key: - description: key is the key to project. + description: The key to select. type: string - mode: - description: 'mode is Optional: mode bits used to - set permissions on this file. Must be an octal value - between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. If not - specified, the volume defaultMode will be used. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of the file - to map the key to. May not be an absolute path. - May not contain the path element '..'. May not start - with the string '..'. + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" type: string + optional: + description: + Specify whether the ConfigMap or its key + must be defined + type: boolean required: - - key - - path + - key type: object - type: array - optional: - description: optional field specify whether the Secret or - its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the - pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - type: object - storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. - properties: - fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - readOnly: - description: readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: secretRef specifies the secret to use for obtaining - the StorageOS API credentials. If not specified, default - values will be attempted. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + fieldRef: + description: + "Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP, status.podIPs." + properties: + apiVersion: + description: + Version of the schema the FieldPath is + written in terms of, defaults to "v1". + type: string + fieldPath: + description: + Path of the field to select in the specified + API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: + "Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: + "Container name: required for volumes, + optional for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output format of the exposed + resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's namespace + properties: + key: + description: + The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + optional: + description: + Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: + Image is the container image for the hooks kubernetes + job + type: string + imagePullPolicy: + description: + "Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + type: string + imagePullSecrets: + description: ImagePullSecrets used to access private hooks images + items: + description: + LocalObjectReference contains enough information to + let you locate the referenced object inside the same namespace. + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + type: array + priority: + default: 0 + description: + Higher priority hooks run before low priority hooks. + Within a priority class ReadAndWrite hooks are started before ReadOnly + hooks, ReadAndWrite hooks wil be launched in serial, and ReadOnly + hooks will be launched in parallel. + type: integer + serviceAccountName: + description: + ServiceAccountName Name of the serviceAccount Name used. + Should only be used if your hook needs specifc RBAC Access. Otherwise + the hook is run using a "scan-completion-hook" service account. + The service account should have at least "get" rights on scans.execution.securecodebox.io, + and "get" & "patch" scans.execution.securecodebox.io/status + type: string + tolerations: + description: + Tolerations are a different way to control on which nodes + your hook is executed. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + items: + description: + The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: + Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: + Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match all + values and all keys. + type: string + operator: + description: + Operator represents a key's relationship to the + value. Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod + can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: + TolerationSeconds represents the period of time + the toleration (which must be of effect NoExecute, otherwise + this field is ignored) tolerates the taint. By default, it + is not set, which means tolerate the taint forever (do not + evict). Zero and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: + Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + ttlSecondsAfterFinished: + description: + TTLSecondsAfterFinished configures the ttlSecondsAfterFinished + field for the created hook job + format: int32 + nullable: true + type: integer + type: + description: + Defines weather the hook should be able to change the + findings or is run in a read only mode. + type: string + volumeMounts: + description: + VolumeMounts allows to specify volume mounts for the + hooks container. + items: + description: + VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: + Path within the container at which the volume should + be mounted. Must not contain ':'. + type: string + mountPropagation: + description: + mountPropagation determines how mounts are propagated + from the host to container and the other way around. When + not set, MountPropagationNone is used. This field is beta + in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: + Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: + Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: + Expanded path within the volume from which the + container's volume should be mounted. Behaves similarly to + SubPath but environment variable references $(VAR_NAME) are + expanded using the container's environment. Defaults to "" + (volume's root). SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: Volumes allows to specify volumes for the hooks container. + items: + description: + Volume represents a named volume in a pod that may + be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: + "awsElasticBlockStore represents an AWS Disk resource + that is attached to a kubelet's host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + properties: + fsType: + description: + 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: + 'partition is the partition in the volume that + you want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, you specify + the partition as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can leave the property empty).' + format: int32 + type: integer + readOnly: + description: + "readOnly value true will force the readOnly + setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + type: boolean + volumeID: + description: + "volumeID is unique ID of the persistent disk + resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + type: string + required: + - volumeID + type: object + azureDisk: + description: + azureDisk represents an Azure Data Disk mount on + the host and bind mount to the pod. + properties: + cachingMode: + description: + "cachingMode is the Host Caching mode: None, + Read Only, Read Write." + type: string + diskName: + description: + diskName is the Name of the data disk in the + blob storage + type: string + diskURI: + description: + diskURI is the URI of data disk in the blob + storage + type: string + fsType: + description: + fsType is Filesystem type to mount. Must be + a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + kind: + description: + "kind expected values are Shared: multiple + blob disks per storage account Dedicated: single blob + disk per storage account Managed: azure managed data + disk (only in managed availability set). defaults to shared" + type: string + readOnly: + description: + readOnly Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: + azureFile represents an Azure File Service mount + on the host and bind mount to the pod. + properties: + readOnly: + description: + readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: + secretName is the name of secret that contains + Azure Storage Account Name and Key + type: string + shareName: + description: shareName is the azure share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: + cephFS represents a Ceph FS mount on the host that + shares a pod's lifetime + properties: + monitors: + description: + "monitors is Required: Monitors is a collection + of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + items: type: string - type: object - volumeName: - description: volumeName is the human-readable name of the - StorageOS volume. Volume names are only unique within - a namespace. - type: string - volumeNamespace: - description: volumeNamespace specifies the scope of the - volume within StorageOS. If no namespace is specified - then the Pod's namespace will be used. This allows the - Kubernetes name scoping to be mirrored within StorageOS - for tighter integration. Set VolumeName to any name to - override the default behaviour. Set to "default" if you - are not using namespaces within StorageOS. Namespaces - that do not pre-exist within StorageOS will be created. - type: string - type: object - vsphereVolume: - description: vsphereVolume represents a vSphere volume attached - and mounted on kubelets host machine - properties: - fsType: - description: fsType is filesystem type to mount. Must be - a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - storagePolicyID: - description: storagePolicyID is the storage Policy Based - Management (SPBM) profile ID associated with the StoragePolicyName. - type: string - storagePolicyName: - description: storagePolicyName is the storage Policy Based - Management (SPBM) profile name. - type: string - volumePath: - description: volumePath is the path that identifies vSphere - volume vmdk - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - required: - - type - type: object - status: - description: ScanCompletionHookStatus defines the observed state of ScanCompletionHook - type: object - type: object - served: true - storage: true - subresources: {} + type: array + path: + description: + "path is Optional: Used as the mounted root, + rather than the full Ceph tree, default is /" + type: string + readOnly: + description: + "readOnly is Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + type: boolean + secretFile: + description: + "secretFile is Optional: SecretFile is the + path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + type: string + secretRef: + description: + "secretRef is Optional: SecretRef is reference + to the authentication secret for User, default is empty. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + user: + description: + "user is optional: User is the rados user name, + default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + type: string + required: + - monitors + type: object + cinder: + description: + "cinder represents a cinder volume attached and + mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + properties: + fsType: + description: + 'fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: + "readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + type: boolean + secretRef: + description: + "secretRef is optional: points to a secret + object containing parameters used to connect to OpenStack." + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + volumeID: + description: + "volumeID used to identify the volume in cinder. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + type: string + required: + - volumeID + type: object + configMap: + description: + configMap represents a configMap that should populate + this volume + properties: + defaultMode: + description: + "defaultMode is optional: mode bits used to + set permissions on created files by default. Must be an + octal value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + items: + description: + items if unspecified, each key-value pair in + the Data field of the referenced ConfigMap will be projected + into the volume as a file whose name is the key and content + is the value. If specified, the listed keys will be projected + into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in + the ConfigMap, the volume setup will error unless it is + marked optional. Paths must be relative and may not contain + the '..' path or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode bits used to + set permissions on this file. Must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. If not + specified, the volume defaultMode will be used. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + path: + description: + path is the relative path of the file + to map the key to. May not be an absolute path. + May not contain the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + optional: + description: + optional specify whether the ConfigMap or its + keys must be defined + type: boolean + type: object + csi: + description: + csi (Container Storage Interface) represents ephemeral + storage that is handled by certain external CSI drivers (Beta + feature). + properties: + driver: + description: + driver is the name of the CSI driver that handles + this volume. Consult with your admin for the correct name + as registered in the cluster. + type: string + fsType: + description: + fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the associated + CSI driver which will determine the default filesystem + to apply. + type: string + nodePublishSecretRef: + description: + nodePublishSecretRef is a reference to the + secret object containing sensitive information to pass + to the CSI driver to complete the CSI NodePublishVolume + and NodeUnpublishVolume calls. This field is optional, + and may be empty if no secret is required. If the secret + object contains more than one secret, all secret references + are passed. + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + readOnly: + description: + readOnly specifies a read-only configuration + for the volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: + volumeAttributes stores driver-specific properties + that are passed to the CSI driver. Consult your driver's + documentation for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: + downwardAPI represents downward API about the pod + that should populate this volume + properties: + defaultMode: + description: + "Optional: mode bits to use on created files + by default. Must be a Optional: mode bits used to set + permissions on created files by default. Must be an octal + value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + items: + description: Items is a list of downward API volume file + items: + description: + DownwardAPIVolumeFile represents information + to create the file containing the pod field + properties: + fieldRef: + description: + "Required: Selects a field of the pod: + only annotations, labels, name and namespace are + supported." + properties: + apiVersion: + description: + Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: + Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: + "Optional: mode bits used to set permissions + on this file, must be an octal value between 0000 + and 0777 or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This might + be in conflict with other options that affect the + file mode, like fsGroup, and the result can be other + mode bits set." + format: int32 + type: integer + path: + description: + "Required: Path is the relative path + name of the file to be created. Must not be absolute + or contain the '..' path. Must be utf-8 encoded. + The first item of the relative path must not start + with '..'" + type: string + resourceFieldRef: + description: + "Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported." + properties: + containerName: + description: + "Container name: required for volumes, + optional for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + description: + "emptyDir represents a temporary directory that + shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + properties: + medium: + description: + 'medium represents what type of storage medium + should back this directory. The default is "" which means + to use the node''s default medium. Must be an empty string + (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: + "sizeLimit is the total amount of local storage + required for this EmptyDir volume. The size limit is also + applicable for memory medium. The maximum usage on memory + medium EmptyDir would be the minimum value between the + SizeLimit specified here and the sum of memory limits + of all containers in a pod. The default is nil which means + that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: + "ephemeral represents a volume that is handled + by a cluster storage driver. The volume's lifecycle is tied + to the pod that defines it - it will be created before the + pod starts, and deleted when the pod is removed. \n Use this + if: a) the volume is only needed while the pod runs, b) features + of normal volumes like restoring from snapshot or capacity + \ tracking are needed, c) the storage driver is specified + through a storage class, and d) the storage driver supports + dynamic volume provisioning through a PersistentVolumeClaim + (see EphemeralVolumeSource for more information on the + connection between this volume type and PersistentVolumeClaim). + \n Use PersistentVolumeClaim or one of the vendor-specific + APIs for volumes that persist for longer than the lifecycle + of an individual pod. \n Use CSI for light-weight local ephemeral + volumes if the CSI driver is meant to be used that way - see + the documentation of the driver for more information. \n A + pod can use both types of ephemeral volumes and persistent + volumes at the same time." + properties: + volumeClaimTemplate: + description: + "Will be used to create a stand-alone PVC to + provision the volume. The pod in which this EphemeralVolumeSource + is embedded will be the owner of the PVC, i.e. the PVC + will be deleted together with the pod. The name of the + PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. + Pod validation will reject the pod if the concatenated + name is not valid for a PVC (for example, too long). \n + An existing PVC with that name that is not owned by the + pod will *not* be used for the pod to avoid using an unrelated + volume by mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created PVC + is meant to be used by the pod, the PVC has to updated + with an owner reference to the pod once the pod exists. + Normally this should not be necessary, but it may be useful + when manually reconstructing a broken cluster. \n This + field is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. \n Required, must + not be nil." + properties: + metadata: + description: + May contain labels and annotations that + will be copied into the PVC when creating it. No other + fields are allowed and will be rejected during validation. + type: object + spec: + description: + The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into the PVC + that gets created from this template. The same fields + as in a PersistentVolumeClaim are also valid here. + properties: + accessModes: + description: + "accessModes contains the desired access + modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + items: + type: string + type: array + dataSource: + description: + "dataSource field can be used to specify + either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the + provisioner or an external controller can support + the specified data source, it will create a new + volume based on the contents of the specified + data source. If the AnyVolumeDataSource feature + gate is enabled, this field will always have the + same contents as the DataSourceRef field." + properties: + apiGroup: + description: + APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API + group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: + Kind is the type of resource being + referenced + type: string + name: + description: + Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + dataSourceRef: + description: + "dataSourceRef specifies the object + from which to populate the volume with data, if + a non-empty volume is desired. This may be any + local object from a non-empty API group (non core + object) or a PersistentVolumeClaim object. When + this field is specified, volume binding will only + succeed if the type of the specified object matches + some installed volume populator or dynamic provisioner. + This field will replace the functionality of the + DataSource field and as such if both fields are + non-empty, they must have the same value. For + backwards compatibility, both fields (DataSource + and DataSourceRef) will be set to the same value + automatically if one of them is empty and the + other is non-empty. There are two important differences + between DataSource and DataSourceRef: * While + DataSource only allows two specific types of objects, + DataSourceRef allows any non-core object, as + well as PersistentVolumeClaim objects. * While + DataSource ignores disallowed values (dropping + them), DataSourceRef preserves all values, and + generates an error if a disallowed value is specified. + (Beta) Using this field requires the AnyVolumeDataSource + feature gate to be enabled." + properties: + apiGroup: + description: + APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API + group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: + Kind is the type of resource being + referenced + type: string + name: + description: + Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + resources: + description: + "resources represents the minimum resources + the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify + resource requirements that are lower than previous + value but must still be higher than capacity recorded + in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: + "Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: + "Requests describes the minimum + amount of compute resources required. If Requests + is omitted for a container, it defaults to + Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + type: object + selector: + description: + selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + storageClassName: + description: + "storageClassName is the name of the + StorageClass required by the claim. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + type: string + volumeMode: + description: + volumeMode defines what type of volume + is required by the claim. Value of Filesystem + is implied when not included in claim spec. + type: string + volumeName: + description: + volumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: + fc represents a Fibre Channel resource that is + attached to a kubelet's host machine and then exposed to the + pod. + properties: + fsType: + description: + 'fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + lun: + description: "lun is Optional: FC target lun number" + format: int32 + type: integer + readOnly: + description: + "readOnly is Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts." + type: boolean + targetWWNs: + description: + "targetWWNs is Optional: FC target worldwide + names (WWNs)" + items: + type: string + type: array + wwids: + description: + "wwids Optional: FC volume world wide identifiers + (wwids) Either wwids or combination of targetWWNs and + lun must be set, but not both simultaneously." + items: + type: string + type: array + type: object + flexVolume: + description: + flexVolume represents a generic volume resource + that is provisioned/attached using an exec based plugin. + properties: + driver: + description: + driver is the name of the driver to use for + this volume. + type: string + fsType: + description: + fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". The default filesystem depends + on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: + "options is Optional: this field holds extra + command options if any." + type: object + readOnly: + description: + "readOnly is Optional: defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts." + type: boolean + secretRef: + description: + "secretRef is Optional: secretRef is reference + to the secret object containing sensitive information + to pass to the plugin scripts. This may be empty if no + secret object is specified. If the secret object contains + more than one secret, all secrets are passed to the plugin + scripts." + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + required: + - driver + type: object + flocker: + description: + flocker represents a Flocker volume attached to + a kubelet's host machine. This depends on the Flocker control + service being running + properties: + datasetName: + description: + datasetName is Name of the dataset stored as + metadata -> name on the dataset for Flocker should be + considered as deprecated + type: string + datasetUUID: + description: + datasetUUID is the UUID of the dataset. This + is unique identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: + "gcePersistentDisk represents a GCE Disk resource + that is attached to a kubelet's host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + properties: + fsType: + description: + 'fsType is filesystem type of the volume that + you want to mount. Tip: Ensure that the filesystem type + is supported by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: + 'partition is the partition in the volume that + you want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, you specify + the partition as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: + "pdName is unique name of the PD resource in + GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + type: string + readOnly: + description: + "readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + type: boolean + required: + - pdName + type: object + gitRepo: + description: + "gitRepo represents a git repository at a particular + revision. DEPRECATED: GitRepo is deprecated. To provision + a container with a git repo, mount an EmptyDir into an InitContainer + that clones the repo using git, then mount the EmptyDir into + the Pod's container." + properties: + directory: + description: + directory is the target directory name. Must + not contain or start with '..'. If '.' is supplied, the + volume directory will be the git repository. Otherwise, + if specified, the volume will contain the git repository + in the subdirectory with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: + revision is the commit hash for the specified + revision. + type: string + required: + - repository + type: object + glusterfs: + description: + "glusterfs represents a Glusterfs mount on the + host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + properties: + endpoints: + description: + "endpoints is the endpoint name that details + Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + type: string + path: + description: + "path is the Glusterfs volume path. More info: + https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + type: string + readOnly: + description: + "readOnly here will force the Glusterfs volume + to be mounted with read-only permissions. Defaults to + false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: + "hostPath represents a pre-existing file or directory + on the host machine that is directly exposed to the container. + This is generally used for system agents or other privileged + things that are allowed to see the host machine. Most containers + will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use host directory + mounts and who can/can not mount host directories as read/write." + properties: + path: + description: + "path of the directory on the host. If the + path is a symlink, it will follow the link to the real + path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + type: string + type: + description: + 'type for HostPath Volume Defaults to "" More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: + "iscsi represents an ISCSI Disk resource that is + attached to a kubelet's host machine and then exposed to + the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" + properties: + chapAuthDiscovery: + description: + chapAuthDiscovery defines whether support iSCSI + Discovery CHAP authentication + type: boolean + chapAuthSession: + description: + chapAuthSession defines whether support iSCSI + Session CHAP authentication + type: boolean + fsType: + description: + 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + initiatorName: + description: + initiatorName is the custom iSCSI Initiator + Name. If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified Name. + type: string + iscsiInterface: + description: + iscsiInterface is the interface Name that uses + an iSCSI transport. Defaults to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: + portals is the iSCSI Target Portal List. The + portal is either an IP or ip_addr:port if the port is + other than default (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: + readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: + secretRef is the CHAP Secret for iSCSI target + and initiator authentication + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + targetPortal: + description: + targetPortal is iSCSI Target Portal. The Portal + is either an IP or ip_addr:port if the port is other than + default (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: + "name of the volume. Must be a DNS_LABEL and unique + within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: string + nfs: + description: + "nfs represents an NFS mount on the host that shares + a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + properties: + path: + description: + "path that is exported by the NFS server. More + info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + type: string + readOnly: + description: + "readOnly here will force the NFS export to + be mounted with read-only permissions. Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + type: boolean + server: + description: + "server is the hostname or IP address of the + NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: + "persistentVolumeClaimVolumeSource represents a + reference to a PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + properties: + claimName: + description: + "claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + type: string + readOnly: + description: + readOnly Will force the ReadOnly setting in + VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: + photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host machine + properties: + fsType: + description: + fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + pdID: + description: + pdID is the ID that identifies Photon Controller + persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: + portworxVolume represents a portworx volume attached + and mounted on kubelets host machine + properties: + fsType: + description: + fSType represents the filesystem type to mount + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: + readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies a Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: + projected items for all in one resources secrets, + configmaps, and downward API + properties: + defaultMode: + description: + defaultMode are the mode bits used to set permissions + on created files by default. Must be an octal value between + 0000 and 0777 or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON requires decimal + values for mode bits. Directories within the path are + not affected by this setting. This might be in conflict + with other options that affect the file mode, like fsGroup, + and the result can be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: + Projection that may be projected along with + other supported volume types + properties: + configMap: + description: + configMap information about the configMap + data to project + properties: + items: + description: + items if unspecified, each key-value + pair in the Data field of the referenced ConfigMap + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the ConfigMap, the volume + setup will error unless it is marked optional. + Paths must be relative and may not contain the + '..' path or start with '..'. + items: + description: + Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. YAML accepts both octal and decimal + values, JSON requires decimal values for + mode bits. If not specified, the volume + defaultMode will be used. This might be + in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + path: + description: + path is the relative path of + the file to map the key to. May not be + an absolute path. May not contain the + path element '..'. May not start with + the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: + optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + downwardAPI: + description: + downwardAPI information about the downwardAPI + data to project + properties: + items: + description: + Items is a list of DownwardAPIVolume + file + items: + description: + DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: + "Required: Selects a field + of the pod: only annotations, labels, + name and namespace are supported." + properties: + apiVersion: + description: + Version of the schema the + FieldPath is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: + Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: + "Optional: mode bits used to + set permissions on this file, must be + an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML + accepts both octal and decimal values, + JSON requires decimal values for mode + bits. If not specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can + be other mode bits set." + format: int32 + type: integer + path: + description: + "Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the '..' + path. Must be utf-8 encoded. The first + item of the relative path must not start + with '..'" + type: string + resourceFieldRef: + description: + "Selects a resource of the + container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu + and requests.memory) are currently supported." + properties: + containerName: + description: + "Container name: required + for volumes, optional for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output format + of the exposed resources, defaults + to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: + "Required: resource to + select" + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + description: + secret information about the secret data + to project + properties: + items: + description: + items if unspecified, each key-value + pair in the Data field of the referenced Secret + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the Secret, the volume setup + will error unless it is marked optional. Paths + must be relative and may not contain the '..' + path or start with '..'. + items: + description: + Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. YAML accepts both octal and decimal + values, JSON requires decimal values for + mode bits. If not specified, the volume + defaultMode will be used. This might be + in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + path: + description: + path is the relative path of + the file to map the key to. May not be + an absolute path. May not contain the + path element '..'. May not start with + the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: + optional field specify whether the + Secret or its key must be defined + type: boolean + type: object + serviceAccountToken: + description: + serviceAccountToken is information about + the serviceAccountToken data to project + properties: + audience: + description: + audience is the intended audience + of the token. A recipient of a token must identify + itself with an identifier specified in the audience + of the token, and otherwise should reject the + token. The audience defaults to the identifier + of the apiserver. + type: string + expirationSeconds: + description: + expirationSeconds is the requested + duration of validity of the service account + token. As the token approaches expiration, the + kubelet volume plugin will proactively rotate + the service account token. The kubelet will + start trying to rotate the token if the token + is older than 80 percent of its time to live + or if the token is older than 24 hours.Defaults + to 1 hour and must be at least 10 minutes. + format: int64 + type: integer + path: + description: + path is the path relative to the + mount point of the file to project the token + into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: + quobyte represents a Quobyte mount on the host + that shares a pod's lifetime + properties: + group: + description: + group to map volume access to Default is no + group + type: string + readOnly: + description: + readOnly here will force the Quobyte volume + to be mounted with read-only permissions. Defaults to + false. + type: boolean + registry: + description: + registry represents a single or multiple Quobyte + Registry services specified as a string as host:port pair + (multiple entries are separated with commas) which acts + as the central registry for volumes + type: string + tenant: + description: + tenant owning the given Quobyte volume in the + Backend Used with dynamically provisioned Quobyte volumes, + value is set by the plugin + type: string + user: + description: + user to map volume access to Defaults to serivceaccount + user + type: string + volume: + description: + volume is a string that references an already + created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: + "rbd represents a Rados Block Device mount on the + host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" + properties: + fsType: + description: + 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + image: + description: + "image is the rados image name. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + keyring: + description: + "keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + monitors: + description: + "monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + items: + type: string + type: array + pool: + description: + "pool is the rados pool name. Default is rbd. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + readOnly: + description: + "readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: boolean + secretRef: + description: + "secretRef is name of the authentication secret + for RBDUser. If provided overrides keyring. Default is + nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + user: + description: + "user is the rados user name. Default is admin. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + required: + - image + - monitors + type: object + scaleIO: + description: + scaleIO represents a ScaleIO persistent volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: + fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: + gateway is the host address of the ScaleIO + API Gateway. + type: string + protectionDomain: + description: + protectionDomain is the name of the ScaleIO + Protection Domain for the configured storage. + type: string + readOnly: + description: + readOnly Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: + secretRef references to the secret for ScaleIO + user and other sensitive information. If this is not provided, + Login operation will fail. + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + sslEnabled: + description: + sslEnabled Flag enable/disable SSL communication + with Gateway, default false + type: boolean + storageMode: + description: + storageMode indicates whether the storage for + a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: + storagePool is the ScaleIO Storage Pool associated + with the protection domain. + type: string + system: + description: + system is the name of the storage system as + configured in ScaleIO. + type: string + volumeName: + description: + volumeName is the name of a volume already + created in the ScaleIO system that is associated with + this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: + "secret represents a secret that should populate + this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + properties: + defaultMode: + description: + "defaultMode is Optional: mode bits used to + set permissions on created files by default. Must be an + octal value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + items: + description: + items If unspecified, each key-value pair in + the Data field of the referenced Secret will be projected + into the volume as a file whose name is the key and content + is the value. If specified, the listed keys will be projected + into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in + the Secret, the volume setup will error unless it is marked + optional. Paths must be relative and may not contain the + '..' path or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode bits used to + set permissions on this file. Must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. If not + specified, the volume defaultMode will be used. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + path: + description: + path is the relative path of the file + to map the key to. May not be an absolute path. + May not contain the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: + optional field specify whether the Secret or + its keys must be defined + type: boolean + secretName: + description: + "secretName is the name of the secret in the + pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + type: string + type: object + storageos: + description: + storageOS represents a StorageOS volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: + fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: + readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: + secretRef specifies the secret to use for obtaining + the StorageOS API credentials. If not specified, default + values will be attempted. + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + volumeName: + description: + volumeName is the human-readable name of the + StorageOS volume. Volume names are only unique within + a namespace. + type: string + volumeNamespace: + description: + volumeNamespace specifies the scope of the + volume within StorageOS. If no namespace is specified + then the Pod's namespace will be used. This allows the + Kubernetes name scoping to be mirrored within StorageOS + for tighter integration. Set VolumeName to any name to + override the default behaviour. Set to "default" if you + are not using namespaces within StorageOS. Namespaces + that do not pre-exist within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: + vsphereVolume represents a vSphere volume attached + and mounted on kubelets host machine + properties: + fsType: + description: + fsType is filesystem type to mount. Must be + a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + storagePolicyID: + description: + storagePolicyID is the storage Policy Based + Management (SPBM) profile ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: + storagePolicyName is the storage Policy Based + Management (SPBM) profile name. + type: string + volumePath: + description: + volumePath is the path that identifies vSphere + volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - type + type: object + status: + description: ScanCompletionHookStatus defines the observed state of ScanCompletionHook + type: object + type: object + served: true + storage: true + subresources: {} status: acceptedNames: kind: "" diff --git a/operator/crds/execution.securecodebox.io_scans.yaml b/operator/crds/execution.securecodebox.io_scans.yaml index 0d8a3d37ed..ad0b0091d8 100644 --- a/operator/crds/execution.securecodebox.io_scans.yaml +++ b/operator/crds/execution.securecodebox.io_scans.yaml @@ -19,4054 +19,4660 @@ spec: singular: scan scope: Namespaced versions: - - additionalPrinterColumns: - - description: K8s Resource UID - jsonPath: .metadata.uid - name: UID - priority: 1 - type: string - - description: Scan Type - jsonPath: .spec.scanType - name: Type - type: string - - description: Scan State - jsonPath: .status.state - name: State - type: string - - description: Total Finding Count - jsonPath: .status.findings.count - name: Findings - type: string - - description: Arguments passed to the Scanner - jsonPath: .spec.parameters - name: Parameters - priority: 1 - type: string - name: v1 - schema: - openAPIV3Schema: - description: Scan is the Schema for the scans API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ScanSpec defines the desired state of Scan - properties: - affinity: - description: 'Affinity allows to specify a node affinity, to control - on which nodes you want a scan to run. See: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/' - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for the - pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to - nodes that satisfy the affinity expressions specified by - this field, but it may choose a node that violates one or - more of the expressions. The node that is most preferred - is the one with the greatest sum of weights, i.e. for each - node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of - this field and adding "weight" to the sum if the node matches - the corresponding matchExpressions; the node(s) with the - highest sum are the most preferred. - items: - description: An empty preferred scheduling term matches - all objects with implicit weight 0 (i.e. it's a no-op). - A null preferred scheduling term matches no objects (i.e. - is also a no-op). - properties: - preference: - description: A node selector term, associated with the - corresponding weight. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: + - additionalPrinterColumns: + - description: K8s Resource UID + jsonPath: .metadata.uid + name: UID + priority: 1 + type: string + - description: Scan Type + jsonPath: .spec.scanType + name: Type + type: string + - description: Scan State + jsonPath: .status.state + name: State + type: string + - description: Total Finding Count + jsonPath: .status.findings.count + name: Findings + type: string + - description: Arguments passed to the Scanner + jsonPath: .spec.parameters + name: Parameters + priority: 1 + type: string + name: v1 + schema: + openAPIV3Schema: + description: Scan is the Schema for the scans API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ScanSpec defines the desired state of Scan + properties: + affinity: + description: + "Affinity allows to specify a node affinity, to control + on which nodes you want a scan to run. See: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/" + properties: + nodeAffinity: + description: + Describes node affinity scheduling rules for the + pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: + The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node matches + the corresponding matchExpressions; the node(s) with the + highest sum are the most preferred. + items: + description: + An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects (i.e. + is also a no-op). + properties: + preference: + description: + A node selector term, associated with the + corresponding weight. + properties: + matchExpressions: + description: + A list of node selector requirements + by node's labels. + items: + description: + A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + The label key that the selector + applies to. type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: + operator: + description: + Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - description: Weight associated with matching the corresponding - nodeSelectorTerm, in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this - field are not met at scheduling time, the pod will not be - scheduled onto the node. If the affinity requirements specified - by this field cease to be met at some point during pod execution - (e.g. due to an update), the system may or may not try to - eventually evict the pod from its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. - The terms are ORed. - items: - description: A null or empty node selector term matches - no objects. The requirements of them are ANDed. The - TopologySelectorTerm type implements a subset of the - NodeSelectorTerm. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: + values: + description: + An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: + A list of node selector requirements + by node's fields. + items: + description: + A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + The label key that the selector + applies to. type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: + operator: + description: + Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - description: Describes pod affinity scheduling rules (e.g. co-locate - this pod in the same node, zone, etc. as some other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to - nodes that satisfy the affinity expressions specified by - this field, but it may choose a node that violates one or - more of the expressions. The node that is most preferred - is the one with the greatest sum of weights, i.e. for each - node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of - this field and adding "weight" to the sum if the node has - pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. + values: + description: + An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. + type: array + type: object + weight: + description: + Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: + If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to an update), the system may or may not try to + eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: + Required. A list of node selector terms. + The terms are ORed. + items: + description: + A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: + A list of node selector requirements + by node's labels. + items: + description: + A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + The label key that the selector + applies to. + type: string + operator: + description: + Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: + An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: + A list of node selector requirements + by node's fields. + items: + description: + A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + The label key that the selector + applies to. + type: string + operator: + description: + Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: + An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. type: object - type: object - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with matching the corresponding - podAffinityTerm, in the range 1-100. - format: int32 - type: integer + type: array + type: object + type: array required: - - podAffinityTerm - - weight + - nodeSelectorTerms type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this - field are not met at scheduling time, the pod will not be - scheduled onto the node. If the affinity requirements specified - by this field cease to be met at some point during pod execution - (e.g. due to a pod label update), the system may or may - not try to eventually evict the pod from its node. When - there are multiple elements, the lists of nodes corresponding - to each podAffinityTerm are intersected, i.e. all terms - must be satisfied. - items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not co-located - (anti-affinity) with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which a pod of the set of - pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + type: object + podAffinity: + description: + Describes pod affinity scheduling rules (e.g. co-locate + this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: + The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: + The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: + Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: + A label query over a set of resources, + in this case pods. properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. items: - type: string + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied to the - union of the namespaces selected by this field and - the ones listed in the namespaces field. null selector - and null or empty namespaces list means "this pod's - namespace". An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. items: - type: string + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: + namespaces: + description: + namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - namespaces: - description: namespaces specifies a static list of namespace - names that the term applies to. The term is applied - to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. null or - empty namespaces list and null namespaceSelector means - "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where - co-located is defined as running on a node whose value - of the label with key topologyKey matches that of - any node on which any of the selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules (e.g. - avoid putting this pod in the same node, zone, etc. as some - other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to - nodes that satisfy the anti-affinity expressions specified - by this field, but it may choose a node that violates one - or more of the expressions. The node that is most preferred - is the one with the greatest sum of weights, i.e. for each - node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of - this field and adding "weight" to the sum if the node has - pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + required: + - topologyKey + type: object + weight: + description: + weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: + If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may + not try to eventually evict the pod from its node. When + there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms + must be satisfied. + items: + description: + Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: + A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: + A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + key is the label key that the + selector applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: + A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + key is the label key that the + selector applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. type: object - type: object - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + namespaces: + description: + namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: type: string - required: + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: - topologyKey - type: object - weight: - description: weight associated with matching the corresponding - podAffinityTerm, in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified by - this field are not met at scheduling time, the pod will - not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during - pod execution (e.g. due to a pod label update), the system - may or may not try to eventually evict the pod from its - node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. - all terms must be satisfied. - items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not co-located - (anti-affinity) with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which a pod of the set of - pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied to the - union of the namespaces selected by this field and - the ones listed in the namespaces field. null selector - and null or empty namespaces list means "this pod's - namespace". An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + type: object + type: array + type: object + podAntiAffinity: + description: + Describes pod anti-affinity scheduling rules (e.g. + avoid putting this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: + The scheduler will prefer to schedule pods to + nodes that satisfy the anti-affinity expressions specified + by this field, but it may choose a node that violates one + or more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: + The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: + Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: + A label query over a set of resources, + in this case pods. properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. items: + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: + namespaces: + description: + namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - namespaces: - description: namespaces specifies a static list of namespace - names that the term applies to. The term is applied - to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. null or - empty namespaces list and null namespaceSelector means - "this pod's namespace". - items: + required: + - topologyKey + type: object + weight: + description: + weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: + If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its + node. When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, i.e. + all terms must be satisfied. + items: + description: + Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: + A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: + A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + key is the label key that the + selector applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: + A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: + key is the label key that the + selector applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + namespaces: + description: + namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where - co-located is defined as running on a node whose value - of the label with key topologyKey matches that of - any node on which any of the selected pods is running. - Empty topologyKey is not allowed. + required: + - topologyKey + type: object + type: array + type: object + type: object + cascades: + description: + CascadeSpec describes how and when cascading scans should + be generated. + properties: + inheritAffinity: + default: true + description: + InheritAffinity defines whether cascading scans should + inherit affinity from the parent scan. + type: boolean + inheritAnnotations: + default: true + description: + InheritAnnotations defines whether cascading scans + should inherit annotations from the parent scan + type: boolean + inheritEnv: + default: false + description: + InheritEnv defines whether cascading scans should + inherit environment variables from the parent scan + type: boolean + inheritHookSelector: + default: false + description: + InheritHookSelector defines whether cascading scans + should inherit hookSelector from the parent scan. + type: boolean + inheritInitContainers: + default: false + description: + InheritInitContainers defines whether cascading scans + should inherit initContainers from the parent scan. Usually + only useful when combined with inheritVolumes. + type: boolean + inheritLabels: + default: true + description: + InheritLabels defines whether cascading scans should + inherit labels from the parent scan + type: boolean + inheritTolerations: + default: true + description: + InheritTolerations defines whether cascading scans + should inherit tolerations from the parent scan. + type: boolean + inheritVolumes: + default: false + description: + InheritVolumes defines whether cascading scans should + inherit volumes and volume mounts from the parent scan + type: boolean + matchExpressions: + description: + matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: + A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: + key is the label key that the selector applies + to. + type: string + operator: + description: + operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: + values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - cascades: - description: CascadeSpec describes how and when cascading scans should - be generated. - properties: - inheritAffinity: - default: true - description: InheritAffinity defines whether cascading scans should - inherit affinity from the parent scan. - type: boolean - inheritAnnotations: - default: true - description: InheritAnnotations defines whether cascading scans - should inherit annotations from the parent scan - type: boolean - inheritEnv: - default: false - description: InheritEnv defines whether cascading scans should - inherit environment variables from the parent scan - type: boolean - inheritHookSelector: - default: false - description: InheritHookSelector defines whether cascading scans - should inherit hookSelector from the parent scan. - type: boolean - inheritInitContainers: - default: false - description: InheritInitContainers defines whether cascading scans - should inherit initContainers from the parent scan. Usually - only useful when combined with inheritVolumes. - type: boolean - inheritLabels: - default: true - description: InheritLabels defines whether cascading scans should - inherit labels from the parent scan - type: boolean - inheritTolerations: - default: true - description: InheritTolerations defines whether cascading scans - should inherit tolerations from the parent scan. - type: boolean - inheritVolumes: - default: false - description: InheritVolumes defines whether cascading scans should - inherit volumes and volume mounts from the parent scan - type: boolean - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + scopeLimiter: + description: + InheritLabels defines whether cascading scans should + inherit labels from the parent scan properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. + allOf: + description: + AllOf is a list of label selector requirements. + The requirements are ANDed. items: - type: string + description: + ScopeLimiterRequirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: + key is the label key that the selector + applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. + type: string + values: + description: values is an array of string values. + items: + type: string + type: array + required: + - key + - operator + - values + type: object type: array - required: - - key - - operator + anyOf: + description: + AnyOf is a list of label selector requirements. + The requirements are ANDed. + items: + description: + ScopeLimiterRequirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: + key is the label key that the selector + applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. + type: string + values: + description: values is an array of string values. + items: + type: string + type: array + required: + - key + - operator + - values + type: object + type: array + noneOf: + description: + NoneOf is a list of label selector requirements. + The requirements are ANDed. + items: + description: + ScopeLimiterRequirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: + key is the label key that the selector + applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. + type: string + values: + description: values is an array of string values. + items: + type: string + type: array + required: + - key + - operator + - values + type: object + type: array + validOnMissingRender: + default: false + description: + ValidOnMissingRender defines whether if a templating + variable is not present, that condition should match + type: boolean type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - scopeLimiter: - description: InheritLabels defines whether cascading scans should - inherit labels from the parent scan + type: object + env: + description: + Env allows to specify environment vars for the scanner + container. These will be merged will the env vars specified for + the first container of the pod defined in the ScanType + items: + description: + EnvVar represents an environment variable present in + a Container. properties: - allOf: - description: AllOf is a list of label selector requirements. - The requirements are ANDed. - items: - description: ScopeLimiterRequirement is a selector that - contains values, a key, and an operator that relates the - key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. - type: string - values: - description: values is an array of string values. - items: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: + 'Variable references $(VAR_NAME) are expanded using + the previously defined environment variables in the container + and any service environment variables. If a variable cannot + be resolved, the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the + string literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists or + not. Defaults to "".' + type: string + valueFrom: + description: + Source for the environment variable's value. Cannot + be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. type: string - type: array - required: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + optional: + description: + Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: + "Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP, status.podIPs." + properties: + apiVersion: + description: + Version of the schema the FieldPath is + written in terms of, defaults to "v1". + type: string + fieldPath: + description: + Path of the field to select in the specified + API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: + "Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: + "Container name: required for volumes, + optional for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output format of the exposed + resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's namespace + properties: + key: + description: + The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + optional: + description: + Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + hookSelector: + description: + HookSelector allows to specify a LabelSelector with which + the hooks are selected. + properties: + matchExpressions: + description: + matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: + A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: + key is the label key that the selector applies + to. + type: string + operator: + description: + operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: + values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: - key - operator - - values - type: object + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + initContainers: + description: + InitContainers allows to specify init containers for + the scan container, to pre-load data into them. + items: + description: + A single application container that you want to run + within a pod. + properties: + args: + description: + 'Arguments to the entrypoint. The container image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will + be unchanged. Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: + 'Entrypoint array. Not executed within a shell. + The container image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: + i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string type: array - anyOf: - description: AnyOf is a list of label selector requirements. - The requirements are ANDed. + env: + description: + List of environment variables to set in the container. + Cannot be updated. items: - description: ScopeLimiterRequirement is a selector that - contains values, a key, and an operator that relates the - key and values. + description: + EnvVar represents an environment variable present + in a Container. properties: - key: - description: key is the label key that the selector - applies to. + name: + description: + Name of the environment variable. Must be + a C_IDENTIFIER. type: string - operator: - description: operator represents a key's relationship - to a set of values. + value: + description: + 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Defaults to "".' type: string - values: - description: values is an array of string values. - items: - type: string - type: array + valueFrom: + description: + Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: + Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: + "Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['']`, + `metadata.annotations['']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs." + properties: + apiVersion: + description: + Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: + Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: + "Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported." + properties: + containerName: + description: + "Container name: required for volumes, + optional for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: string + required: + - resource + type: object + secretKeyRef: + description: + Selects a key of a secret in the pod's + namespace + properties: + key: + description: + The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: + Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object required: - - key - - operator - - values + - name type: object type: array - noneOf: - description: NoneOf is a list of label selector requirements. - The requirements are ANDed. + envFrom: + description: + List of sources to populate environment variables + in the container. The keys defined within a source must be + a C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key + will take precedence. Cannot be updated. items: - description: ScopeLimiterRequirement is a selector that - contains values, a key, and an operator that relates the - key and values. + description: + EnvFromSource represents the source of a set + of ConfigMaps properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: + Specify whether the ConfigMap must be + defined + type: boolean + type: object + prefix: + description: + An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. type: string - values: - description: values is an array of string values. - items: - type: string - type: array - required: - - key - - operator - - values + secretRef: + description: The Secret to select from + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object type: object type: array - validOnMissingRender: - default: false - description: ValidOnMissingRender defines whether if a templating - variable is not present, that condition should match - type: boolean - type: object - type: object - env: - description: Env allows to specify environment vars for the scanner - container. These will be merged will the env vars specified for - the first container of the pod defined in the ScanType - items: - description: EnvVar represents an environment variable present in - a Container. - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using - the previously defined environment variables in the container - and any service environment variables. If a variable cannot - be resolved, the reference in the input string will be unchanged. - Double $$ are reduced to a single $, which allows for escaping - the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the - string literal "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable exists or - not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot - be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key - must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the pod: supports metadata.name, - metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, - status.podIP, status.podIPs.' - properties: - apiVersion: - description: Version of the schema the FieldPath is - written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the specified - API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, requests.memory - and requests.ephemeral-storage) are currently supported.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of the exposed - resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - hookSelector: - description: HookSelector allows to specify a LabelSelector with which - the hooks are selected. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - initContainers: - description: InitContainers allows to specify init containers for - the scan container, to pre-load data into them. - items: - description: A single application container that you want to run - within a pod. - properties: - args: - description: 'Arguments to the entrypoint. The container image''s - CMD is used if this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If a variable - cannot be resolved, the reference in the input string will - be unchanged. Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - produce the string literal "$(VAR_NAME)". Escaped references - will never be expanded, regardless of whether the variable - exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: + image: + description: + "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets." type: string - type: array - command: - description: 'Entrypoint array. Not executed within a shell. - The container image''s ENTRYPOINT is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the reference - in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: - i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether - the variable exists or not. Cannot be updated. More info: - https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: + imagePullPolicy: + description: + "Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: string - type: array - env: - description: List of environment variables to set in the container. - Cannot be updated. - items: - description: EnvVar represents an environment variable present - in a Container. + lifecycle: + description: + Actions that the management system should take + in response to container lifecycle events. Cannot be updated. properties: - name: - description: Name of the environment variable. Must be - a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in - the container and any service environment variables. - If a variable cannot be resolved, the reference in the - input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) - syntax: i.e. "$$(VAR_NAME)" will produce the string - literal "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable exists - or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. + postStart: + description: + "PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. properties: - key: - description: The key to select. + host: + description: + Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to the + host. Defaults to HTTP. type: string - optional: - description: Specify whether the ConfigMap or - its key must be defined - type: boolean required: - - key + - port type: object - fieldRef: - description: 'Selects a field of the pod: supports - metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' + tcpSocket: + description: + Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the - specified API version. + host: + description: + "Optional: Host name to connect to, + defaults to the pod IP." type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - fieldPath + - port + type: object + type: object + preStop: + description: + "PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The Pod's termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the container + will eventually terminate within the Pod's termination + grace period (unless delayed by finalizers). Other management + of the container blocks until the hook completes or until + the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array type: object - resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' + httpGet: + description: HTTPGet specifies the http request to perform. properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' + host: + description: + Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. type: string - divisor: + port: anyOf: - - type: integer - - type: string - description: Specifies the output format of the - exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' + scheme: + description: + Scheme to use for connecting to the + host. Defaults to HTTP. type: string required: - - resource + - port type: object - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace + tcpSocket: + description: + Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. + host: + description: + "Optional: Host name to connect to, + defaults to the pod IP." type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - key + - port type: object type: object - required: - - name type: object - type: array - envFrom: - description: List of sources to populate environment variables - in the container. The keys defined within a source must be - a C_IDENTIFIER. All invalid keys will be reported as an event - when the container is starting. When a key exists in multiple - sources, the value associated with the last source will take - precedence. Values defined by an Env with a duplicate key - will take precedence. Cannot be updated. - items: - description: EnvFromSource represents the source of a set - of ConfigMaps + livenessProbe: + description: + "Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. More + info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: - configMapRef: - description: The ConfigMap to select from + exec: + description: Exec specifies the action to take. properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap must be - defined - type: boolean + command: + description: + Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array type: object - prefix: - description: An optional identifier to prepend to each - key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from + failureThreshold: + description: + Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + port: + description: + Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management - to default or override container images in workload controllers - like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - lifecycle: - description: Actions that the management system should take - in response to container lifecycle events. Cannot be updated. - properties: - postStart: - description: 'PostStart is called immediately after a container - is created. If the handler fails, the container is terminated - and restarted according to its restart policy. Other management - of the container blocks until the hook completes. More - info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward compatibility. - There are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler is specified. - properties: - host: - description: 'Optional: Host name to connect to, - defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: + required: - port - type: object - type: object - preStop: - description: 'PreStop is called immediately before a container - is terminated due to an API request or management event - such as liveness/startup probe failure, preemption, resource - contention, etc. The handler is not called if the container - crashes or exits. The Pod''s termination grace period - countdown begins before the PreStop hook is executed. - Regardless of the outcome of the handler, the container - will eventually terminate within the Pod''s termination - grace period (unless delayed by finalizers). Other management - of the container blocks until the hook completes or until - the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: + Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: + HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: - name - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. - type: string - required: + description: + Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward compatibility. - There are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler is specified. - properties: - host: - description: 'Optional: Host name to connect to, - defaults to the pod IP.' - type: string - port: - anyOf: + type: object + initialDelaySeconds: + description: + "Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: + "Optional: Host name to connect to, defaults + to the pod IP." + type: string + port: + anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: + description: + Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: - port - type: object - type: object - type: object - livenessProbe: - description: 'Periodic probe of container liveness. Container - will be restarted if the probe fails. Cannot be updated. More - info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a GRPC port. - This is a beta field and requires enabling GRPCContainerProbe - feature gate. + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + name: + description: + Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: + List of ports to expose from the container. Exposing + a port here gives the system additional information about + the network connections a container uses, but is primarily + informational. Not specifying a port here DOES NOT prevent + that port from being exposed. Any port which is listening + on the default "0.0.0.0" address inside a container will be + accessible from the network. Cannot be updated. + items: + description: + ContainerPort represents a network port in a + single container. properties: - port: - description: Port number of the gRPC service. Number - must be in the range 1 to 65535. + containerPort: + description: + Number of port to expose on the pod's IP + address. This must be a valid port number, 0 < x < 65536. format: int32 type: integer - service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. + hostIP: + description: What host IP to bind the external port to. type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. + hostPort: + description: + Number of port to expose on the host. If + specified, this must be a valid port number, 0 < x < + 65536. If HostNetwork is specified, this must match + ContainerPort. Most containers do not need this. + format: int32 + type: integer + name: + description: + If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod + must have a unique name. Name for the port that can + be referred to by services. type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' + protocol: + default: TCP + description: + Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true required: - - port + - containerPort type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - name: - description: Name of the container specified as a DNS_LABEL. - Each container in a pod must have a unique name (DNS_LABEL). - Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Exposing - a port here gives the system additional information about - the network connections a container uses, but is primarily - informational. Not specifying a port here DOES NOT prevent - that port from being exposed. Any port which is listening - on the default "0.0.0.0" address inside a container will be - accessible from the network. Cannot be updated. - items: - description: ContainerPort represents a network port in a - single container. + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: + "Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe + fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: - containerPort: - description: Number of port to expose on the pod's IP - address. This must be a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the external port to. - type: string - hostPort: - description: Number of port to expose on the host. If - specified, this must be a valid port number, 0 < x < - 65536. If HostNetwork is specified, this must match - ContainerPort. Most containers do not need this. + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: + Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. format: int32 type: integer - name: - description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in a pod - must have a unique name. Name for the port that can - be referred to by services. - type: string - protocol: - default: TCP - description: Protocol for port. Must be UDP, TCP, or SCTP. - Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. - Container will be removed from service endpoints if the probe - fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: + grpc: + description: + GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: + Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a GRPC port. - This is a beta field and requires enabling GRPCContainerProbe - feature gate. - properties: - port: - description: Port number of the gRPC service. Number - must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: + Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: + HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: + "Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: + "Optional: Host name to connect to, defaults + to the pod IP." + type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + resources: + description: + "Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + properties: + limits: + additionalProperties: anyOf: - - type: integer - - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: + description: + "Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + requests: + additionalProperties: anyOf: - - type: integer - - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by this container. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - securityContext: - description: 'SecurityContext defines the security options the - container should be run with. If set, the fields of SecurityContext - override the equivalent fields of PodSecurityContext. More - info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether - a process can gain more privileges than its parent process. - This bool directly controls if the no_new_privs flag will - be set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run as Privileged - 2) has CAP_SYS_ADMIN Note that this field cannot be set - when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by - the container runtime. Note that this field cannot be - set when spec.os.name is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type + description: + "Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + type: object + securityContext: + description: + "SecurityContext defines the security options the + container should be run with. If set, the fields of SecurityContext + override the equivalent fields of PodSecurityContext. More + info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + properties: + allowPrivilegeEscalation: + description: + "AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be set + when spec.os.name is windows." + type: boolean + capabilities: + description: + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by + the container runtime. Note that this field cannot be + set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: + Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: + Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: + Run container in privileged mode. Processes + in privileged containers are essentially equivalent to + root on the host. Defaults to false. Note that this field + cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: + procMount denotes the type of proc mount to + use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: + Whether this container has a read-only root + filesystem. Default is false. Note that this field cannot + be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: + The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: + Indicates that the container must run as a + non-root user. If true, the Kubelet will validate the + image at runtime to ensure that it does not run as UID + 0 (root) and fail to start the container if it does. If + unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: + The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a + random SELinux context for each container. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + properties: + level: + description: + Level is SELinux level label that applies + to the container. type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type + role: + description: + Role is a SELinux role label that applies + to the container. type: string - type: array - type: object - privileged: - description: Run container in privileged mode. Processes - in privileged containers are essentially equivalent to - root on the host. Defaults to false. Note that this field - cannot be set when spec.os.name is windows. - type: boolean - procMount: - description: procMount denotes the type of proc mount to - use for the containers. The default is DefaultProcMount - which uses the container runtime defaults for readonly - paths and masked paths. This requires the ProcMountType - feature flag to be enabled. Note that this field cannot - be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root - filesystem. Default is false. Note that this field cannot - be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container - process. Uses runtime default if unset. May also be set - in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be set when - spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run as a - non-root user. If true, the Kubelet will validate the - image at runtime to ensure that it does not run as UID - 0 (root) and fail to start the container if it does. If - unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both - SecurityContext and PodSecurityContext, the value specified - in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container - process. Defaults to user specified in image metadata - if unspecified. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. Note - that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a - random SELinux context for each container. May also be - set in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be set when - spec.os.name is windows. - properties: - level: - description: Level is SELinux level label that applies - to the container. - type: string - role: - description: Role is a SELinux role label that applies - to the container. - type: string - type: - description: Type is a SELinux type label that applies - to the container. - type: string - user: - description: User is a SELinux user label that applies - to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by this container. - If seccomp options are provided at both the pod & container - level, the container options override the pod options. - Note that this field cannot be set when spec.os.name is - windows. + type: + description: + Type is a SELinux type label that applies + to the container. + type: string + user: + description: + User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: + The seccomp options to use by this container. + If seccomp options are provided at both the pod & container + level, the container options override the pod options. + Note that this field cannot be set when spec.os.name is + windows. + properties: + localhostProfile: + description: + localhostProfile indicates a profile defined + in a file on the node should be used. The profile + must be preconfigured on the node to work. Must be + a descending path, relative to the kubelet's configured + seccomp profile location. Must only be set if type + is "Localhost". + type: string + type: + description: + "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - + a profile defined in a file on the node should be + used. RuntimeDefault - the container runtime default + profile should be used. Unconfined - no profile should + be applied." + type: string + required: + - type + type: object + windowsOptions: + description: + The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is + linux. + properties: + gmsaCredentialSpec: + description: + GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: + GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: + HostProcess determines if a container should + be run as a 'Host Process' container. This field is + alpha-level and will only be honored by components + that enable the WindowsHostProcessContainers feature + flag. Setting this field without the feature flag + will result in errors when validating the Pod. All + of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a mix + of HostProcess containers and non-HostProcess containers). In + addition, if HostProcess is true then HostNetwork + must also be set to true. + type: boolean + runAsUserName: + description: + The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + startupProbe: + description: + "StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed until + this completes successfully. If this probe fails, the Pod + will be restarted, just as if the livenessProbe failed. This + can be used to provide different probe parameters at the beginning + of a Pod's lifecycle, when it might take a long time to load + data or warm a cache, than during steady-state operation. + This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: + Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: + Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: + Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: + HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: + "Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: + "Optional: Host name to connect to, defaults + to the pod IP." + type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + stdin: + description: + Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, reads + from stdin in the container will always result in EOF. Default + is false. + type: boolean + stdinOnce: + description: + Whether the container runtime should close the + stdin channel after it has been opened by a single attach. + When stdin is true the stdin stream will remain open across + multiple attach sessions. If stdinOnce is set to true, stdin + is opened on container start, is empty until the first client + attaches to stdin, and then remains open and accepts data + until the client disconnects, at which time stdin is closed + and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: + "Optional: Path at which the file to which the + container's termination message will be written is mounted + into the container's filesystem. Message written is intended + to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. + The total message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot be updated." + type: string + terminationMessagePolicy: + description: + Indicate how the termination message should be + populated. File will use the contents of terminationMessagePath + to populate the container status message on both success and + failure. FallbackToLogsOnError will use the last chunk of + container log output if the termination message file is empty + and the container exited with an error. The log output is + limited to 2048 bytes or 80 lines, whichever is smaller. Defaults + to File. Cannot be updated. + type: string + tty: + description: + Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: + volumeDevices is the list of block devices to be + used by the container. + items: + description: + volumeDevice describes a mapping of a raw block + device within a container. properties: - localhostProfile: - description: localhostProfile indicates a profile defined - in a file on the node should be used. The profile - must be preconfigured on the node to work. Must be - a descending path, relative to the kubelet's configured - seccomp profile location. Must only be set if type - is "Localhost". + devicePath: + description: + devicePath is the path inside of the container + that the device will be mapped to. type: string - type: - description: "type indicates which kind of seccomp profile - will be applied. Valid options are: \n Localhost - - a profile defined in a file on the node should be - used. RuntimeDefault - the container runtime default - profile should be used. Unconfined - no profile should - be applied." + name: + description: + name must match the name of a persistentVolumeClaim + in the pod type: string required: - - type + - devicePath + - name type: object - windowsOptions: - description: The Windows specific settings applied to all - containers. If unspecified, the options from the PodSecurityContext - will be used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is - linux. + type: array + volumeMounts: + description: + Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: + VolumeMount describes a mounting of a Volume + within a container. properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA admission - webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec named - by the GMSACredentialSpecName field. + mountPath: + description: + Path within the container at which the volume + should be mounted. Must not contain ':'. type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of the - GMSA credential spec to use. + mountPropagation: + description: + mountPropagation determines how mounts are + propagated from the host to container and the other + way around. When not set, MountPropagationNone is used. + This field is beta in 1.10. type: string - hostProcess: - description: HostProcess determines if a container should - be run as a 'Host Process' container. This field is - alpha-level and will only be honored by components - that enable the WindowsHostProcessContainers feature - flag. Setting this field without the feature flag - will result in errors when validating the Pod. All - of a Pod's containers must have the same effective - HostProcess value (it is not allowed to have a mix - of HostProcess containers and non-HostProcess containers). In - addition, if HostProcess is true then HostNetwork - must also be set to true. + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: + Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. type: boolean - runAsUserName: - description: The UserName in Windows to run the entrypoint - of the container process. Defaults to the user specified - in image metadata if unspecified. May also be set - in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. + subPath: + description: + Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). type: string - type: object - type: object - startupProbe: - description: 'StartupProbe indicates that the Pod has successfully - initialized. If specified, no other probes are executed until - this completes successfully. If this probe fails, the Pod - will be restarted, just as if the livenessProbe failed. This - can be used to provide different probe parameters at the beginning - of a Pod''s lifecycle, when it might take a long time to load - data or warm a cache, than during steady-state operation. - This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a GRPC port. - This is a beta field and requires enabling GRPCContainerProbe - feature gate. - properties: - port: - description: Port number of the gRPC service. Number - must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." + subPathExpr: + description: + Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. type: string required: - - port + - mountPath + - name type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. + type: array + workingDir: + description: + Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + parameters: + description: All CLI parameters to configure the scan container. + items: + type: string + type: array + scanType: + description: The name of the scanType which should be started. + type: string + tolerations: + description: + Tolerations are a different way to control on which nodes + your scan is executed. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + items: + description: + The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: + Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: + Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match all + values and all keys. + type: string + operator: + description: + Operator represents a key's relationship to the + value. Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod + can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: + TolerationSeconds represents the period of time + the toleration (which must be of effect NoExecute, otherwise + this field is ignored) tolerates the taint. By default, it + is not set, which means tolerate the taint forever (do not + evict). Zero and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: + Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + volumeMounts: + description: + VolumeMounts allows to specify volume mounts for the + scan container. + items: + description: + VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: + Path within the container at which the volume should + be mounted. Must not contain ':'. + type: string + mountPropagation: + description: + mountPropagation determines how mounts are propagated + from the host to container and the other way around. When + not set, MountPropagationNone is used. This field is beta + in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: + Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: + Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: + Expanded path within the volume from which the + container's volume should be mounted. Behaves similarly to + SubPath but environment variable references $(VAR_NAME) are + expanded using the container's environment. Defaults to "" + (volume's root). SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: Volumes allows to specify volumes for the scan container. + items: + description: + Volume represents a named volume in a pod that may + be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: + "awsElasticBlockStore represents an AWS Disk resource + that is attached to a kubelet's host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + properties: + fsType: + description: + 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: + 'partition is the partition in the volume that + you want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, you specify + the partition as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can leave the property empty).' + format: int32 + type: integer + readOnly: + description: + "readOnly value true will force the readOnly + setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + type: boolean + volumeID: + description: + "volumeID is unique ID of the persistent disk + resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + type: string + required: + - volumeID + type: object + azureDisk: + description: + azureDisk represents an Azure Data Disk mount on + the host and bind mount to the pod. + properties: + cachingMode: + description: + "cachingMode is the Host Caching mode: None, + Read Only, Read Write." + type: string + diskName: + description: + diskName is the Name of the data disk in the + blob storage + type: string + diskURI: + description: + diskURI is the URI of data disk in the blob + storage + type: string + fsType: + description: + fsType is Filesystem type to mount. Must be + a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + kind: + description: + "kind expected values are Shared: multiple + blob disks per storage account Dedicated: single blob + disk per storage account Managed: azure managed data + disk (only in managed availability set). defaults to shared" + type: string + readOnly: + description: + readOnly Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: + azureFile represents an Azure File Service mount + on the host and bind mount to the pod. + properties: + readOnly: + description: + readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: + secretName is the name of secret that contains + Azure Storage Account Name and Key + type: string + shareName: + description: shareName is the azure share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: + cephFS represents a Ceph FS mount on the host that + shares a pod's lifetime + properties: + monitors: + description: + "monitors is Required: Monitors is a collection + of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + items: type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes + type: array + path: + description: + "path is Optional: Used as the mounted root, + rather than the full Ceph tree, default is /" + type: string + readOnly: + description: + "readOnly is Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + type: boolean + secretFile: + description: + "secretFile is Optional: SecretFile is the + path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + type: string + secretRef: + description: + "secretRef is Optional: SecretRef is reference + to the authentication secret for User, default is empty. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + user: + description: + "user is optional: User is the rados user name, + default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + type: string + required: + - monitors + type: object + cinder: + description: + "cinder represents a cinder volume attached and + mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + properties: + fsType: + description: + 'fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: + "readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + type: boolean + secretRef: + description: + "secretRef is optional: points to a secret + object containing parameters used to connect to OpenStack." + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + volumeID: + description: + "volumeID used to identify the volume in cinder. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + type: string + required: + - volumeID + type: object + configMap: + description: + configMap represents a configMap that should populate + this volume + properties: + defaultMode: + description: + "defaultMode is optional: mode bits used to + set permissions on created files by default. Must be an + octal value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + items: + description: + items if unspecified, each key-value pair in + the Data field of the referenced ConfigMap will be projected + into the volume as a file whose name is the key and content + is the value. If specified, the listed keys will be projected + into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in + the ConfigMap, the volume setup will error unless it is + marked optional. Paths must be relative and may not contain + the '..' path or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode bits used to + set permissions on this file. Must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. If not + specified, the volume defaultMode will be used. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + path: + description: + path is the relative path of the file + to map the key to. May not be an absolute path. + May not contain the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + optional: + description: + optional specify whether the ConfigMap or its + keys must be defined + type: boolean + type: object + csi: + description: + csi (Container Storage Interface) represents ephemeral + storage that is handled by certain external CSI drivers (Beta + feature). + properties: + driver: + description: + driver is the name of the CSI driver that handles + this volume. Consult with your admin for the correct name + as registered in the cluster. + type: string + fsType: + description: + fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the associated + CSI driver which will determine the default filesystem + to apply. + type: string + nodePublishSecretRef: + description: + nodePublishSecretRef is a reference to the + secret object containing sensitive information to pass + to the CSI driver to complete the CSI NodePublishVolume + and NodeUnpublishVolume calls. This field is optional, + and may be empty if no secret is required. If the secret + object contains more than one secret, all secret references + are passed. + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + readOnly: + description: + readOnly specifies a read-only configuration + for the volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: + volumeAttributes stores driver-specific properties + that are passed to the CSI driver. Consult your driver's + documentation for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: + downwardAPI represents downward API about the pod + that should populate this volume + properties: + defaultMode: + description: + "Optional: mode bits to use on created files + by default. Must be a Optional: mode bits used to set + permissions on created files by default. Must be an octal + value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + items: + description: Items is a list of downward API volume file + items: + description: + DownwardAPIVolumeFile represents information + to create the file containing the pod field + properties: + fieldRef: + description: + "Required: Selects a field of the pod: + only annotations, labels, name and namespace are + supported." + properties: + apiVersion: + description: + Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: + Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: + "Optional: mode bits used to set permissions + on this file, must be an octal value between 0000 + and 0777 or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This might + be in conflict with other options that affect the + file mode, like fsGroup, and the result can be other + mode bits set." + format: int32 + type: integer + path: + description: + "Required: Path is the relative path + name of the file to be created. Must not be absolute + or contain the '..' path. Must be utf-8 encoded. + The first item of the relative path must not start + with '..'" + type: string + resourceFieldRef: + description: + "Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported." + properties: + containerName: + description: + "Container name: required for volumes, + optional for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + description: + "emptyDir represents a temporary directory that + shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + properties: + medium: + description: + 'medium represents what type of storage medium + should back this directory. The default is "" which means + to use the node''s default medium. Must be an empty string + (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: + "sizeLimit is the total amount of local storage + required for this EmptyDir volume. The size limit is also + applicable for memory medium. The maximum usage on memory + medium EmptyDir would be the minimum value between the + SizeLimit specified here and the sum of memory limits + of all containers in a pod. The default is nil which means + that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: + "ephemeral represents a volume that is handled + by a cluster storage driver. The volume's lifecycle is tied + to the pod that defines it - it will be created before the + pod starts, and deleted when the pod is removed. \n Use this + if: a) the volume is only needed while the pod runs, b) features + of normal volumes like restoring from snapshot or capacity + \ tracking are needed, c) the storage driver is specified + through a storage class, and d) the storage driver supports + dynamic volume provisioning through a PersistentVolumeClaim + (see EphemeralVolumeSource for more information on the + connection between this volume type and PersistentVolumeClaim). + \n Use PersistentVolumeClaim or one of the vendor-specific + APIs for volumes that persist for longer than the lifecycle + of an individual pod. \n Use CSI for light-weight local ephemeral + volumes if the CSI driver is meant to be used that way - see + the documentation of the driver for more information. \n A + pod can use both types of ephemeral volumes and persistent + volumes at the same time." + properties: + volumeClaimTemplate: + description: + "Will be used to create a stand-alone PVC to + provision the volume. The pod in which this EphemeralVolumeSource + is embedded will be the owner of the PVC, i.e. the PVC + will be deleted together with the pod. The name of the + PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. + Pod validation will reject the pod if the concatenated + name is not valid for a PVC (for example, too long). \n + An existing PVC with that name that is not owned by the + pod will *not* be used for the pod to avoid using an unrelated + volume by mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created PVC + is meant to be used by the pod, the PVC has to updated + with an owner reference to the pod once the pod exists. + Normally this should not be necessary, but it may be useful + when manually reconstructing a broken cluster. \n This + field is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. \n Required, must + not be nil." + properties: + metadata: + description: + May contain labels and annotations that + will be copied into the PVC when creating it. No other + fields are allowed and will be rejected during validation. + type: object + spec: + description: + The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into the PVC + that gets created from this template. The same fields + as in a PersistentVolumeClaim are also valid here. properties: - name: - description: The header field name + accessModes: + description: + "accessModes contains the desired access + modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + items: + type: string + type: array + dataSource: + description: + "dataSource field can be used to specify + either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the + provisioner or an external controller can support + the specified data source, it will create a new + volume based on the contents of the specified + data source. If the AnyVolumeDataSource feature + gate is enabled, this field will always have the + same contents as the DataSourceRef field." + properties: + apiGroup: + description: + APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API + group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: + Kind is the type of resource being + referenced + type: string + name: + description: + Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + dataSourceRef: + description: + "dataSourceRef specifies the object + from which to populate the volume with data, if + a non-empty volume is desired. This may be any + local object from a non-empty API group (non core + object) or a PersistentVolumeClaim object. When + this field is specified, volume binding will only + succeed if the type of the specified object matches + some installed volume populator or dynamic provisioner. + This field will replace the functionality of the + DataSource field and as such if both fields are + non-empty, they must have the same value. For + backwards compatibility, both fields (DataSource + and DataSourceRef) will be set to the same value + automatically if one of them is empty and the + other is non-empty. There are two important differences + between DataSource and DataSourceRef: * While + DataSource only allows two specific types of objects, + DataSourceRef allows any non-core object, as + well as PersistentVolumeClaim objects. * While + DataSource ignores disallowed values (dropping + them), DataSourceRef preserves all values, and + generates an error if a disallowed value is specified. + (Beta) Using this field requires the AnyVolumeDataSource + feature gate to be enabled." + properties: + apiGroup: + description: + APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API + group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: + Kind is the type of resource being + referenced + type: string + name: + description: + Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + resources: + description: + "resources represents the minimum resources + the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify + resource requirements that are lower than previous + value but must still be higher than capacity recorded + in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: + "Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: + "Requests describes the minimum + amount of compute resources required. If Requests + is omitted for a container, it defaults to + Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + type: object + selector: + description: + selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + storageClassName: + description: + "storageClassName is the name of the + StorageClass required by the claim. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: string - value: - description: The header field value + volumeMode: + description: + volumeMode defines what type of volume + is required by the claim. Value of Filesystem + is implied when not included in claim spec. + type: string + volumeName: + description: + volumeName is the binding reference + to the PersistentVolume backing this claim. type: string - required: - - name - - value type: object - type: array - path: - description: Path to access on the HTTP server. + required: + - spec + type: object + type: object + fc: + description: + fc represents a Fibre Channel resource that is + attached to a kubelet's host machine and then exposed to the + pod. + properties: + fsType: + description: + 'fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + lun: + description: "lun is Optional: FC target lun number" + format: int32 + type: integer + readOnly: + description: + "readOnly is Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts." + type: boolean + targetWWNs: + description: + "targetWWNs is Optional: FC target worldwide + names (WWNs)" + items: type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. + type: array + wwids: + description: + "wwids Optional: FC volume world wide identifiers + (wwids) Either wwids or combination of targetWWNs and + lun must be set, but not both simultaneously." + items: type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' + type: array + type: object + flexVolume: + description: + flexVolume represents a generic volume resource + that is provisioned/attached using an exec based plugin. + properties: + driver: + description: + driver is the name of the driver to use for + this volume. + type: string + fsType: + description: + fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". The default filesystem depends + on FlexVolume script. + type: string + options: + additionalProperties: type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate a buffer - for stdin in the container runtime. If this is not set, reads - from stdin in the container will always result in EOF. Default - is false. - type: boolean - stdinOnce: - description: Whether the container runtime should close the - stdin channel after it has been opened by a single attach. - When stdin is true the stdin stream will remain open across - multiple attach sessions. If stdinOnce is set to true, stdin - is opened on container start, is empty until the first client - attaches to stdin, and then remains open and accepts data - until the client disconnects, at which time stdin is closed - and remains closed until the container is restarted. If this - flag is false, a container processes that reads from stdin - will never receive an EOF. Default is false - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file to which the - container''s termination message will be written is mounted - into the container''s filesystem. Message written is intended - to be brief final status, such as an assertion failure message. - Will be truncated by the node if greater than 4096 bytes. - The total message length across all containers will be limited - to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be - populated. File will use the contents of terminationMessagePath - to populate the container status message on both success and - failure. FallbackToLogsOnError will use the last chunk of - container log output if the termination message file is empty - and the container exited with an error. The log output is - limited to 2048 bytes or 80 lines, whichever is smaller. Defaults - to File. Cannot be updated. - type: string - tty: - description: Whether this container should allocate a TTY for - itself, also requires 'stdin' to be true. Default is false. - type: boolean - volumeDevices: - description: volumeDevices is the list of block devices to be - used by the container. - items: - description: volumeDevice describes a mapping of a raw block - device within a container. + description: + "options is Optional: this field holds extra + command options if any." + type: object + readOnly: + description: + "readOnly is Optional: defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts." + type: boolean + secretRef: + description: + "secretRef is Optional: secretRef is reference + to the secret object containing sensitive information + to pass to the plugin scripts. This may be empty if no + secret object is specified. If the secret object contains + more than one secret, all secrets are passed to the plugin + scripts." + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + required: + - driver + type: object + flocker: + description: + flocker represents a Flocker volume attached to + a kubelet's host machine. This depends on the Flocker control + service being running properties: - devicePath: - description: devicePath is the path inside of the container - that the device will be mapped to. + datasetName: + description: + datasetName is Name of the dataset stored as + metadata -> name on the dataset for Flocker should be + considered as deprecated type: string - name: - description: name must match the name of a persistentVolumeClaim - in the pod + datasetUUID: + description: + datasetUUID is the UUID of the dataset. This + is unique identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: + "gcePersistentDisk represents a GCE Disk resource + that is attached to a kubelet's host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + properties: + fsType: + description: + 'fsType is filesystem type of the volume that + you want to mount. Tip: Ensure that the filesystem type + is supported by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: + 'partition is the partition in the volume that + you want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, you specify + the partition as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: + "pdName is unique name of the PD resource in + GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + type: string + readOnly: + description: + "readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + type: boolean + required: + - pdName + type: object + gitRepo: + description: + "gitRepo represents a git repository at a particular + revision. DEPRECATED: GitRepo is deprecated. To provision + a container with a git repo, mount an EmptyDir into an InitContainer + that clones the repo using git, then mount the EmptyDir into + the Pod's container." + properties: + directory: + description: + directory is the target directory name. Must + not contain or start with '..'. If '.' is supplied, the + volume directory will be the git repository. Otherwise, + if specified, the volume will contain the git repository + in the subdirectory with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: + revision is the commit hash for the specified + revision. + type: string + required: + - repository + type: object + glusterfs: + description: + "glusterfs represents a Glusterfs mount on the + host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + properties: + endpoints: + description: + "endpoints is the endpoint name that details + Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + type: string + path: + description: + "path is the Glusterfs volume path. More info: + https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + type: string + readOnly: + description: + "readOnly here will force the Glusterfs volume + to be mounted with read-only permissions. Defaults to + false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: + "hostPath represents a pre-existing file or directory + on the host machine that is directly exposed to the container. + This is generally used for system agents or other privileged + things that are allowed to see the host machine. Most containers + will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use host directory + mounts and who can/can not mount host directories as read/write." + properties: + path: + description: + "path of the directory on the host. If the + path is a symlink, it will follow the link to the real + path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + type: string + type: + description: + 'type for HostPath Volume Defaults to "" More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: + "iscsi represents an ISCSI Disk resource that is + attached to a kubelet's host machine and then exposed to + the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" + properties: + chapAuthDiscovery: + description: + chapAuthDiscovery defines whether support iSCSI + Discovery CHAP authentication + type: boolean + chapAuthSession: + description: + chapAuthSession defines whether support iSCSI + Session CHAP authentication + type: boolean + fsType: + description: + 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + initiatorName: + description: + initiatorName is the custom iSCSI Initiator + Name. If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified Name. + type: string + iscsiInterface: + description: + iscsiInterface is the interface Name that uses + an iSCSI transport. Defaults to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: + portals is the iSCSI Target Portal List. The + portal is either an IP or ip_addr:port if the port is + other than default (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: + readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: + secretRef is the CHAP Secret for iSCSI target + and initiator authentication + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + type: object + targetPortal: + description: + targetPortal is iSCSI Target Portal. The Portal + is either an IP or ip_addr:port if the port is other than + default (typically TCP ports 860 and 3260). type: string required: - - devicePath - - name + - iqn + - lun + - targetPortal type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's filesystem. - Cannot be updated. - items: - description: VolumeMount describes a mounting of a Volume - within a container. + name: + description: + "name of the volume. Must be a DNS_LABEL and unique + within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: string + nfs: + description: + "nfs represents an NFS mount on the host that shares + a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: - mountPath: - description: Path within the container at which the volume - should be mounted. Must not contain ':'. + path: + description: + "path that is exported by the NFS server. More + info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: string - mountPropagation: - description: mountPropagation determines how mounts are - propagated from the host to container and the other - way around. When not set, MountPropagationNone is used. - This field is beta in 1.10. + readOnly: + description: + "readOnly here will force the NFS export to + be mounted with read-only permissions. Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + type: boolean + server: + description: + "server is the hostname or IP address of the + NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: string - name: - description: This must match the Name of a Volume. + required: + - path + - server + type: object + persistentVolumeClaim: + description: + "persistentVolumeClaimVolumeSource represents a + reference to a PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + properties: + claimName: + description: + "claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: string readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. + description: + readOnly Will force the ReadOnly setting in + VolumeMounts. Default false. type: boolean - subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). + required: + - claimName + type: object + photonPersistentDisk: + description: + photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host machine + properties: + fsType: + description: + fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. type: string - subPathExpr: - description: Expanded path within the volume from which - the container's volume should be mounted. Behaves similarly - to SubPath but environment variable references $(VAR_NAME) - are expanded using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath are mutually - exclusive. + pdID: + description: + pdID is the ID that identifies Photon Controller + persistent disk type: string required: - - mountPath - - name + - pdID type: object - type: array - workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which might - be configured in the container image. Cannot be updated. - type: string - required: - - name - type: object - type: array - parameters: - description: All CLI parameters to configure the scan container. - items: - type: string - type: array - scanType: - description: The name of the scanType which should be started. - type: string - tolerations: - description: Tolerations are a different way to control on which nodes - your scan is executed. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ - items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . - properties: - effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. - type: string - operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. - format: int64 - type: integer - value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. - type: string - type: object - type: array - volumeMounts: - description: VolumeMounts allows to specify volume mounts for the - scan container. - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: Path within the container at which the volume should - be mounted. Must not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how mounts are propagated - from the host to container and the other way around. When - not set, MountPropagationNone is used. This field is beta - in 1.10. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). - type: string - subPathExpr: - description: Expanded path within the volume from which the - container's volume should be mounted. Behaves similarly to - SubPath but environment variable references $(VAR_NAME) are - expanded using the container's environment. Defaults to "" - (volume's root). SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: Volumes allows to specify volumes for the scan container. - items: - description: Volume represents a named volume in a pod that may - be accessed by any container in the pod. - properties: - awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS Disk resource - that is attached to a kubelet''s host machine and then exposed - to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - properties: - fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - partition: - description: 'partition is the partition in the volume that - you want to mount. If omitted, the default is to mount - by volume name. Examples: For volume /dev/sda1, you specify - the partition as "1". Similarly, the volume partition - for /dev/sda is "0" (or you can leave the property empty).' - format: int32 - type: integer - readOnly: - description: 'readOnly value true will force the readOnly - setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: boolean - volumeID: - description: 'volumeID is unique ID of the persistent disk - resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: string - required: - - volumeID - type: object - azureDisk: - description: azureDisk represents an Azure Data Disk mount on - the host and bind mount to the pod. - properties: - cachingMode: - description: 'cachingMode is the Host Caching mode: None, - Read Only, Read Write.' - type: string - diskName: - description: diskName is the Name of the data disk in the - blob storage - type: string - diskURI: - description: diskURI is the URI of data disk in the blob - storage - type: string - fsType: - description: fsType is Filesystem type to mount. Must be - a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single blob - disk per storage account Managed: azure managed data - disk (only in managed availability set). defaults to shared' - type: string - readOnly: - description: readOnly Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - description: azureFile represents an Azure File Service mount - on the host and bind mount to the pod. - properties: - readOnly: - description: readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - secretName: - description: secretName is the name of secret that contains - Azure Storage Account Name and Key - type: string - shareName: - description: shareName is the azure share Name - type: string - required: - - secretName - - shareName - type: object - cephfs: - description: cephFS represents a Ceph FS mount on the host that - shares a pod's lifetime - properties: - monitors: - description: 'monitors is Required: Monitors is a collection - of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - items: + portworxVolume: + description: + portworxVolume represents a portworx volume attached + and mounted on kubelets host machine + properties: + fsType: + description: + fSType represents the filesystem type to mount + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" + if unspecified. type: string - type: array - path: - description: 'path is Optional: Used as the mounted root, - rather than the full Ceph tree, default is /' - type: string - readOnly: - description: 'readOnly is Optional: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: boolean - secretFile: - description: 'secretFile is Optional: SecretFile is the - path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - secretRef: - description: 'secretRef is Optional: SecretRef is reference - to the authentication secret for User, default is empty. - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - user: - description: 'user is optional: User is the rados user name, - default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - required: - - monitors - type: object - cinder: - description: 'cinder represents a cinder volume attached and - mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - properties: - fsType: - description: 'fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred to - be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - readOnly: - description: 'readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: boolean - secretRef: - description: 'secretRef is optional: points to a secret - object containing parameters used to connect to OpenStack.' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - volumeID: - description: 'volumeID used to identify the volume in cinder. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - required: - - volumeID - type: object - configMap: - description: configMap represents a configMap that should populate - this volume - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to - set permissions on created files by default. Must be an - octal value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. Defaults to - 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: items if unspecified, each key-value pair in - the Data field of the referenced ConfigMap will be projected - into the volume as a file whose name is the key and content - is the value. If specified, the listed keys will be projected - into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in - the ConfigMap, the volume setup will error unless it is - marked optional. Paths must be relative and may not contain - the '..' path or start with '..'. - items: - description: Maps a string key to a path within a volume. - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to - set permissions on this file. Must be an octal value - between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. If not - specified, the volume defaultMode will be used. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of the file - to map the key to. May not be an absolute path. - May not contain the path element '..'. May not start - with the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its - keys must be defined - type: boolean - type: object - csi: - description: csi (Container Storage Interface) represents ephemeral - storage that is handled by certain external CSI drivers (Beta - feature). - properties: - driver: - description: driver is the name of the CSI driver that handles - this volume. Consult with your admin for the correct name - as registered in the cluster. - type: string - fsType: - description: fsType to mount. Ex. "ext4", "xfs", "ntfs". - If not provided, the empty value is passed to the associated - CSI driver which will determine the default filesystem - to apply. - type: string - nodePublishSecretRef: - description: nodePublishSecretRef is a reference to the - secret object containing sensitive information to pass - to the CSI driver to complete the CSI NodePublishVolume - and NodeUnpublishVolume calls. This field is optional, - and may be empty if no secret is required. If the secret - object contains more than one secret, all secret references - are passed. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). - type: boolean - volumeAttributes: - additionalProperties: + readOnly: + description: + readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies a Portworx volume type: string - description: volumeAttributes stores driver-specific properties - that are passed to the CSI driver. Consult your driver's - documentation for supported values. - type: object - required: - - driver - type: object - downwardAPI: - description: downwardAPI represents downward API about the pod - that should populate this volume - properties: - defaultMode: - description: 'Optional: mode bits to use on created files - by default. Must be a Optional: mode bits used to set - permissions on created files by default. Must be an octal - value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. Defaults to - 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: Items is a list of downward API volume file - items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field - properties: - fieldRef: - description: 'Required: Selects a field of the pod: - only annotations, labels, name and namespace are - supported.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the - specified API version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: mode bits used to set permissions - on this file, must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON requires - decimal values for mode bits. If not specified, - the volume defaultMode will be used. This might - be in conflict with other options that affect the - file mode, like fsGroup, and the result can be other - mode bits set.' - format: int32 - type: integer - path: - description: 'Required: Path is the relative path - name of the file to be created. Must not be absolute - or contain the ''..'' path. Must be utf-8 encoded. - The first item of the relative path must not start - with ''..''' - type: string - resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of the - exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - emptyDir: - description: 'emptyDir represents a temporary directory that - shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - properties: - medium: - description: 'medium represents what type of storage medium - should back this directory. The default is "" which means - to use the node''s default medium. Must be an empty string - (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - description: 'sizeLimit is the total amount of local storage - required for this EmptyDir volume. The size limit is also - applicable for memory medium. The maximum usage on memory - medium EmptyDir would be the minimum value between the - SizeLimit specified here and the sum of memory limits - of all containers in a pod. The default is nil which means - that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - description: "ephemeral represents a volume that is handled - by a cluster storage driver. The volume's lifecycle is tied - to the pod that defines it - it will be created before the - pod starts, and deleted when the pod is removed. \n Use this - if: a) the volume is only needed while the pod runs, b) features - of normal volumes like restoring from snapshot or capacity - \ tracking are needed, c) the storage driver is specified - through a storage class, and d) the storage driver supports - dynamic volume provisioning through a PersistentVolumeClaim - (see EphemeralVolumeSource for more information on the - connection between this volume type and PersistentVolumeClaim). - \n Use PersistentVolumeClaim or one of the vendor-specific - APIs for volumes that persist for longer than the lifecycle - of an individual pod. \n Use CSI for light-weight local ephemeral - volumes if the CSI driver is meant to be used that way - see - the documentation of the driver for more information. \n A - pod can use both types of ephemeral volumes and persistent - volumes at the same time." - properties: - volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to - provision the volume. The pod in which this EphemeralVolumeSource - is embedded will be the owner of the PVC, i.e. the PVC - will be deleted together with the pod. The name of the - PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. - Pod validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too long). \n - An existing PVC with that name that is not owned by the - pod will *not* be used for the pod to avoid using an unrelated - volume by mistake. Starting the pod is then blocked until - the unrelated PVC is removed. If such a pre-created PVC - is meant to be used by the pod, the PVC has to updated - with an owner reference to the pod once the pod exists. - Normally this should not be necessary, but it may be useful - when manually reconstructing a broken cluster. \n This - field is read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, must - not be nil." - properties: - metadata: - description: May contain labels and annotations that - will be copied into the PVC when creating it. No other - fields are allowed and will be rejected during validation. - type: object - spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into the PVC - that gets created from this template. The same fields - as in a PersistentVolumeClaim are also valid here. + required: + - volumeID + type: object + projected: + description: + projected items for all in one resources secrets, + configmaps, and downward API + properties: + defaultMode: + description: + defaultMode are the mode bits used to set permissions + on created files by default. Must be an octal value between + 0000 and 0777 or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON requires decimal + values for mode bits. Directories within the path are + not affected by this setting. This might be in conflict + with other options that affect the file mode, like fsGroup, + and the result can be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: + Projection that may be projected along with + other supported volume types properties: - accessModes: - description: 'accessModes contains the desired access - modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' - items: - type: string - type: array - dataSource: - description: 'dataSource field can be used to specify - either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) If the - provisioner or an external controller can support - the specified data source, it will create a new - volume based on the contents of the specified - data source. If the AnyVolumeDataSource feature - gate is enabled, this field will always have the - same contents as the DataSourceRef field.' - properties: - apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API - group. For any other third-party types, APIGroup - is required. - type: string - kind: - description: Kind is the type of resource being - referenced - type: string - name: - description: Name is the name of resource being - referenced - type: string - required: - - kind - - name - type: object - dataSourceRef: - description: 'dataSourceRef specifies the object - from which to populate the volume with data, if - a non-empty volume is desired. This may be any - local object from a non-empty API group (non core - object) or a PersistentVolumeClaim object. When - this field is specified, volume binding will only - succeed if the type of the specified object matches - some installed volume populator or dynamic provisioner. - This field will replace the functionality of the - DataSource field and as such if both fields are - non-empty, they must have the same value. For - backwards compatibility, both fields (DataSource - and DataSourceRef) will be set to the same value - automatically if one of them is empty and the - other is non-empty. There are two important differences - between DataSource and DataSourceRef: * While - DataSource only allows two specific types of objects, - DataSourceRef allows any non-core object, as - well as PersistentVolumeClaim objects. * While - DataSource ignores disallowed values (dropping - them), DataSourceRef preserves all values, and - generates an error if a disallowed value is specified. - (Beta) Using this field requires the AnyVolumeDataSource - feature gate to be enabled.' + configMap: + description: + configMap information about the configMap + data to project properties: - apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API - group. For any other third-party types, APIGroup - is required. - type: string - kind: - description: Kind is the type of resource being - referenced - type: string + items: + description: + items if unspecified, each key-value + pair in the Data field of the referenced ConfigMap + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the ConfigMap, the volume + setup will error unless it is marked optional. + Paths must be relative and may not contain the + '..' path or start with '..'. + items: + description: + Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. YAML accepts both octal and decimal + values, JSON requires decimal values for + mode bits. If not specified, the volume + defaultMode will be used. This might be + in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + path: + description: + path is the relative path of + the file to map the key to. May not be + an absolute path. May not contain the + path element '..'. May not start with + the string '..'. + type: string + required: + - key + - path + type: object + type: array name: - description: Name is the name of resource being - referenced + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" type: string - required: - - kind - - name + optional: + description: + optional specify whether the ConfigMap + or its keys must be defined + type: boolean type: object - resources: - description: 'resources represents the minimum resources - the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to specify - resource requirements that are lower than previous - value but must still be higher than capacity recorded - in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + downwardAPI: + description: + downwardAPI information about the downwardAPI + data to project properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. If Requests - is omitted for a container, it defaults to - Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object + items: + description: + Items is a list of DownwardAPIVolume + file + items: + description: + DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: + "Required: Selects a field + of the pod: only annotations, labels, + name and namespace are supported." + properties: + apiVersion: + description: + Version of the schema the + FieldPath is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: + Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: + "Optional: mode bits used to + set permissions on this file, must be + an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML + accepts both octal and decimal values, + JSON requires decimal values for mode + bits. If not specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can + be other mode bits set." + format: int32 + type: integer + path: + description: + "Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the '..' + path. Must be utf-8 encoded. The first + item of the relative path must not start + with '..'" + type: string + resourceFieldRef: + description: + "Selects a resource of the + container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu + and requests.memory) are currently supported." + properties: + containerName: + description: + "Container name: required + for volumes, optional for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output format + of the exposed resources, defaults + to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: + "Required: resource to + select" + type: string + required: + - resource + type: object + required: + - path + type: object + type: array type: object - selector: - description: selector is a label query over volumes - to consider for binding. + secret: + description: + secret information about the secret data + to project properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. + items: + description: + items if unspecified, each key-value + pair in the Data field of the referenced Secret + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the Secret, the volume setup + will error unless it is marked optional. Paths + must be relative and may not contain the '..' + path or start with '..'. items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + description: + Maps a string key to a path within + a volume. properties: key: - description: key is the label key that - the selector applies to. + description: key is the key to project. type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + mode: + description: + "mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. YAML accepts both octal and decimal + values, JSON requires decimal values for + mode bits. If not specified, the volume + defaultMode will be used. This might be + in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + path: + description: + path is the relative path of + the file to map the key to. May not be + an absolute path. May not contain the + path element '..'. May not start with + the string '..'. type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array required: - - key - - operator + - key + - path type: object type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: + optional field specify whether the + Secret or its key must be defined + type: boolean + type: object + serviceAccountToken: + description: + serviceAccountToken is information about + the serviceAccountToken data to project + properties: + audience: + description: + audience is the intended audience + of the token. A recipient of a token must identify + itself with an identifier specified in the audience + of the token, and otherwise should reject the + token. The audience defaults to the identifier + of the apiserver. + type: string + expirationSeconds: + description: + expirationSeconds is the requested + duration of validity of the service account + token. As the token approaches expiration, the + kubelet volume plugin will proactively rotate + the service account token. The kubelet will + start trying to rotate the token if the token + is older than 80 percent of its time to live + or if the token is older than 24 hours.Defaults + to 1 hour and must be at least 10 minutes. + format: int64 + type: integer + path: + description: + path is the path relative to the + mount point of the file to project the token + into. + type: string + required: + - path type: object - storageClassName: - description: 'storageClassName is the name of the - StorageClass required by the claim. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' - type: string - volumeMode: - description: volumeMode defines what type of volume - is required by the claim. Value of Filesystem - is implied when not included in claim spec. - type: string - volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. - type: string type: object - required: - - spec - type: object - type: object - fc: - description: fc represents a Fibre Channel resource that is - attached to a kubelet's host machine and then exposed to the - pod. - properties: - fsType: - description: 'fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. TODO: how do we prevent errors in the - filesystem from compromising the machine' - type: string - lun: - description: 'lun is Optional: FC target lun number' - format: int32 - type: integer - readOnly: - description: 'readOnly is Optional: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts.' - type: boolean - targetWWNs: - description: 'targetWWNs is Optional: FC target worldwide - names (WWNs)' - items: + type: array + type: object + quobyte: + description: + quobyte represents a Quobyte mount on the host + that shares a pod's lifetime + properties: + group: + description: + group to map volume access to Default is no + group type: string - type: array - wwids: - description: 'wwids Optional: FC volume world wide identifiers - (wwids) Either wwids or combination of targetWWNs and - lun must be set, but not both simultaneously.' - items: + readOnly: + description: + readOnly here will force the Quobyte volume + to be mounted with read-only permissions. Defaults to + false. + type: boolean + registry: + description: + registry represents a single or multiple Quobyte + Registry services specified as a string as host:port pair + (multiple entries are separated with commas) which acts + as the central registry for volumes type: string - type: array - type: object - flexVolume: - description: flexVolume represents a generic volume resource - that is provisioned/attached using an exec based plugin. - properties: - driver: - description: driver is the name of the driver to use for - this volume. - type: string - fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". The default filesystem depends - on FlexVolume script. - type: string - options: - additionalProperties: + tenant: + description: + tenant owning the given Quobyte volume in the + Backend Used with dynamically provisioned Quobyte volumes, + value is set by the plugin type: string - description: 'options is Optional: this field holds extra - command options if any.' - type: object - readOnly: - description: 'readOnly is Optional: defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts.' - type: boolean - secretRef: - description: 'secretRef is Optional: secretRef is reference - to the secret object containing sensitive information - to pass to the plugin scripts. This may be empty if no - secret object is specified. If the secret object contains - more than one secret, all secrets are passed to the plugin - scripts.' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - required: - - driver - type: object - flocker: - description: flocker represents a Flocker volume attached to - a kubelet's host machine. This depends on the Flocker control - service being running - properties: - datasetName: - description: datasetName is Name of the dataset stored as - metadata -> name on the dataset for Flocker should be - considered as deprecated - type: string - datasetUUID: - description: datasetUUID is the UUID of the dataset. This - is unique identifier of a Flocker dataset - type: string - type: object - gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk resource - that is attached to a kubelet''s host machine and then exposed - to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - properties: - fsType: - description: 'fsType is filesystem type of the volume that - you want to mount. Tip: Ensure that the filesystem type - is supported by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - partition: - description: 'partition is the partition in the volume that - you want to mount. If omitted, the default is to mount - by volume name. Examples: For volume /dev/sda1, you specify - the partition as "1". Similarly, the volume partition - for /dev/sda is "0" (or you can leave the property empty). - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - format: int32 - type: integer - pdName: - description: 'pdName is unique name of the PD resource in - GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: string - readOnly: - description: 'readOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: boolean - required: - - pdName - type: object - gitRepo: - description: 'gitRepo represents a git repository at a particular - revision. DEPRECATED: GitRepo is deprecated. To provision - a container with a git repo, mount an EmptyDir into an InitContainer - that clones the repo using git, then mount the EmptyDir into - the Pod''s container.' - properties: - directory: - description: directory is the target directory name. Must - not contain or start with '..'. If '.' is supplied, the - volume directory will be the git repository. Otherwise, - if specified, the volume will contain the git repository - in the subdirectory with the given name. - type: string - repository: - description: repository is the URL - type: string - revision: - description: revision is the commit hash for the specified - revision. - type: string - required: - - repository - type: object - glusterfs: - description: 'glusterfs represents a Glusterfs mount on the - host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' - properties: - endpoints: - description: 'endpoints is the endpoint name that details - Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - path: - description: 'path is the Glusterfs volume path. More info: - https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - readOnly: - description: 'readOnly here will force the Glusterfs volume - to be mounted with read-only permissions. Defaults to - false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: boolean - required: - - endpoints - - path - type: object - hostPath: - description: 'hostPath represents a pre-existing file or directory - on the host machine that is directly exposed to the container. - This is generally used for system agents or other privileged - things that are allowed to see the host machine. Most containers - will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host directory - mounts and who can/can not mount host directories as read/write.' - properties: - path: - description: 'path of the directory on the host. If the - path is a symlink, it will follow the link to the real - path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - type: - description: 'type for HostPath Volume Defaults to "" More - info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - required: - - path - type: object - iscsi: - description: 'iscsi represents an ISCSI Disk resource that is - attached to a kubelet''s host machine and then exposed to - the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' - properties: - chapAuthDiscovery: - description: chapAuthDiscovery defines whether support iSCSI - Discovery CHAP authentication - type: boolean - chapAuthSession: - description: chapAuthSession defines whether support iSCSI - Session CHAP authentication - type: boolean - fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. - type: string - iqn: - description: iqn is the target iSCSI Qualified Name. - type: string - iscsiInterface: - description: iscsiInterface is the interface Name that uses - an iSCSI transport. Defaults to 'default' (tcp). - type: string - lun: - description: lun represents iSCSI Target Lun number. - format: int32 - type: integer - portals: - description: portals is the iSCSI Target Portal List. The - portal is either an IP or ip_addr:port if the port is - other than default (typically TCP ports 860 and 3260). - items: + user: + description: + user to map volume access to Defaults to serivceaccount + user + type: string + volume: + description: + volume is a string that references an already + created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: + "rbd represents a Rados Block Device mount on the + host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" + properties: + fsType: + description: + 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from + compromising the machine' type: string - type: array - readOnly: - description: readOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. - type: boolean - secretRef: - description: secretRef is the CHAP Secret for iSCSI target - and initiator authentication - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + image: + description: + "image is the rados image name. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + keyring: + description: + "keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + monitors: + description: + "monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + items: type: string - type: object - targetPortal: - description: targetPortal is iSCSI Target Portal. The Portal - is either an IP or ip_addr:port if the port is other than - default (typically TCP ports 860 and 3260). - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - description: 'name of the volume. Must be a DNS_LABEL and unique - within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - nfs: - description: 'nfs represents an NFS mount on the host that shares - a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - properties: - path: - description: 'path that is exported by the NFS server. More - info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - readOnly: - description: 'readOnly here will force the NFS export to - be mounted with read-only permissions. Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: boolean - server: - description: 'server is the hostname or IP address of the - NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents a - reference to a PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - properties: - claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - type: string - readOnly: - description: readOnly Will force the ReadOnly setting in - VolumeMounts. Default false. - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host machine - properties: - fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - pdID: - description: pdID is the ID that identifies Photon Controller - persistent disk - type: string - required: - - pdID - type: object - portworxVolume: - description: portworxVolume represents a portworx volume attached - and mounted on kubelets host machine - properties: - fsType: - description: fSType represents the filesystem type to mount - Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - readOnly: - description: readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - volumeID: - description: volumeID uniquely identifies a Portworx volume - type: string - required: - - volumeID - type: object - projected: - description: projected items for all in one resources secrets, - configmaps, and downward API - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions - on created files by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON requires decimal - values for mode bits. Directories within the path are - not affected by this setting. This might be in conflict - with other options that affect the file mode, like fsGroup, - and the result can be other mode bits set. - format: int32 - type: integer - sources: - description: sources is the list of volume projections - items: - description: Projection that may be projected along with - other supported volume types + type: array + pool: + description: + "pool is the rados pool name. Default is rbd. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + readOnly: + description: + "readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: boolean + secretRef: + description: + "secretRef is name of the authentication secret + for RBDUser. If provided overrides keyring. Default is + nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: - configMap: - description: configMap information about the configMap - data to project - properties: - items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the ConfigMap, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain the - '..' path or start with '..'. - items: - description: Maps a string key to a path within - a volume. - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: optional specify whether the ConfigMap - or its keys must be defined - type: boolean - type: object - downwardAPI: - description: downwardAPI information about the downwardAPI - data to project - properties: - items: - description: Items is a list of DownwardAPIVolume - file - items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field - properties: - fieldRef: - description: 'Required: Selects a field - of the pod: only annotations, labels, - name and namespace are supported.' - properties: - apiVersion: - description: Version of the schema the - FieldPath is written in terms of, - defaults to "v1". - type: string - fieldPath: - description: Path of the field to select - in the specified API version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: mode bits used to - set permissions on this file, must be - an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML - accepts both octal and decimal values, - JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can - be other mode bits set.' - format: int32 - type: integer - path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' - path. Must be utf-8 encoded. The first - item of the relative path must not start - with ''..''' - type: string - resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and requests - (limits.cpu, limits.memory, requests.cpu - and requests.memory) are currently supported.' - properties: - containerName: - description: 'Container name: required - for volumes, optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format - of the exposed resources, defaults - to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to - select' - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - description: secret information about the secret data - to project - properties: - items: - description: items if unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the Secret, the volume setup - will error unless it is marked optional. Paths - must be relative and may not contain the '..' - path or start with '..'. - items: - description: Maps a string key to a path within - a volume. - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: optional field specify whether the - Secret or its key must be defined - type: boolean - type: object - serviceAccountToken: - description: serviceAccountToken is information about - the serviceAccountToken data to project - properties: - audience: - description: audience is the intended audience - of the token. A recipient of a token must identify - itself with an identifier specified in the audience - of the token, and otherwise should reject the - token. The audience defaults to the identifier - of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested - duration of validity of the service account - token. As the token approaches expiration, the - kubelet volume plugin will proactively rotate - the service account token. The kubelet will - start trying to rotate the token if the token - is older than 80 percent of its time to live - or if the token is older than 24 hours.Defaults - to 1 hour and must be at least 10 minutes. - format: int64 - type: integer - path: - description: path is the path relative to the - mount point of the file to project the token - into. - type: string - required: - - path - type: object + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string type: object - type: array - type: object - quobyte: - description: quobyte represents a Quobyte mount on the host - that shares a pod's lifetime - properties: - group: - description: group to map volume access to Default is no - group - type: string - readOnly: - description: readOnly here will force the Quobyte volume - to be mounted with read-only permissions. Defaults to - false. - type: boolean - registry: - description: registry represents a single or multiple Quobyte - Registry services specified as a string as host:port pair - (multiple entries are separated with commas) which acts - as the central registry for volumes - type: string - tenant: - description: tenant owning the given Quobyte volume in the - Backend Used with dynamically provisioned Quobyte volumes, - value is set by the plugin - type: string - user: - description: user to map volume access to Defaults to serivceaccount - user - type: string - volume: - description: volume is a string that references an already - created Quobyte volume by name. - type: string - required: - - registry - - volume - type: object - rbd: - description: 'rbd represents a Rados Block Device mount on the - host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' - properties: - fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - image: - description: 'image is the rados image name. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - keyring: - description: 'keyring is the path to key ring for RBDUser. - Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - items: + user: + description: + "user is the rados user name. Default is admin. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: string - type: array - pool: - description: 'pool is the rados pool name. Default is rbd. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - readOnly: - description: 'readOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: boolean - secretRef: - description: 'secretRef is name of the authentication secret - for RBDUser. If provided overrides keyring. Default is - nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - user: - description: 'user is the rados user name. Default is admin. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - required: - - image - - monitors - type: object - scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. - properties: - fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Default is "xfs". - type: string - gateway: - description: gateway is the host address of the ScaleIO - API Gateway. - type: string - protectionDomain: - description: protectionDomain is the name of the ScaleIO - Protection Domain for the configured storage. - type: string - readOnly: - description: readOnly Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: secretRef references to the secret for ScaleIO - user and other sensitive information. If this is not provided, - Login operation will fail. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - sslEnabled: - description: sslEnabled Flag enable/disable SSL communication - with Gateway, default false - type: boolean - storageMode: - description: storageMode indicates whether the storage for - a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. - type: string - storagePool: - description: storagePool is the ScaleIO Storage Pool associated - with the protection domain. - type: string - system: - description: system is the name of the storage system as - configured in ScaleIO. - type: string - volumeName: - description: volumeName is the name of a volume already - created in the ScaleIO system that is associated with - this volume source. - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - description: 'secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to - set permissions on created files by default. Must be an - octal value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. Defaults to - 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: items If unspecified, each key-value pair in - the Data field of the referenced Secret will be projected - into the volume as a file whose name is the key and content - is the value. If specified, the listed keys will be projected - into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in - the Secret, the volume setup will error unless it is marked - optional. Paths must be relative and may not contain the - '..' path or start with '..'. - items: - description: Maps a string key to a path within a volume. + required: + - image + - monitors + type: object + scaleIO: + description: + scaleIO represents a ScaleIO persistent volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: + fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: + gateway is the host address of the ScaleIO + API Gateway. + type: string + protectionDomain: + description: + protectionDomain is the name of the ScaleIO + Protection Domain for the configured storage. + type: string + readOnly: + description: + readOnly Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: + secretRef references to the secret for ScaleIO + user and other sensitive information. If this is not provided, + Login operation will fail. properties: - key: - description: key is the key to project. + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" type: string - mode: - description: 'mode is Optional: mode bits used to - set permissions on this file. Must be an octal value - between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. If not - specified, the volume defaultMode will be used. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of the file - to map the key to. May not be an absolute path. - May not contain the path element '..'. May not start - with the string '..'. + type: object + sslEnabled: + description: + sslEnabled Flag enable/disable SSL communication + with Gateway, default false + type: boolean + storageMode: + description: + storageMode indicates whether the storage for + a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: + storagePool is the ScaleIO Storage Pool associated + with the protection domain. + type: string + system: + description: + system is the name of the storage system as + configured in ScaleIO. + type: string + volumeName: + description: + volumeName is the name of a volume already + created in the ScaleIO system that is associated with + this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: + "secret represents a secret that should populate + this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + properties: + defaultMode: + description: + "defaultMode is Optional: mode bits used to + set permissions on created files by default. Must be an + octal value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + items: + description: + items If unspecified, each key-value pair in + the Data field of the referenced Secret will be projected + into the volume as a file whose name is the key and content + is the value. If specified, the listed keys will be projected + into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in + the Secret, the volume setup will error unless it is marked + optional. Paths must be relative and may not contain the + '..' path or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode bits used to + set permissions on this file. Must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. If not + specified, the volume defaultMode will be used. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + path: + description: + path is the relative path of the file + to map the key to. May not be an absolute path. + May not contain the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: + optional field specify whether the Secret or + its keys must be defined + type: boolean + secretName: + description: + "secretName is the name of the secret in the + pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + type: string + type: object + storageos: + description: + storageOS represents a StorageOS volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: + fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: + readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: + secretRef specifies the secret to use for obtaining + the StorageOS API credentials. If not specified, default + values will be attempted. + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" type: string - required: - - key - - path type: object - type: array - optional: - description: optional field specify whether the Secret or - its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the - pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string + volumeName: + description: + volumeName is the human-readable name of the + StorageOS volume. Volume names are only unique within + a namespace. + type: string + volumeNamespace: + description: + volumeNamespace specifies the scope of the + volume within StorageOS. If no namespace is specified + then the Pod's namespace will be used. This allows the + Kubernetes name scoping to be mirrored within StorageOS + for tighter integration. Set VolumeName to any name to + override the default behaviour. Set to "default" if you + are not using namespaces within StorageOS. Namespaces + that do not pre-exist within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: + vsphereVolume represents a vSphere volume attached + and mounted on kubelets host machine + properties: + fsType: + description: + fsType is filesystem type to mount. Must be + a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + storagePolicyID: + description: + storagePolicyID is the storage Policy Based + Management (SPBM) profile ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: + storagePolicyName is the storage Policy Based + Management (SPBM) profile name. + type: string + volumePath: + description: + volumePath is the path that identifies vSphere + volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + type: object + status: + description: ScanStatus defines the observed state of Scan + properties: + errorDescription: + type: string + findingDownloadLink: + description: + FindingDownloadLink link to download the finding json + file from. Valid for 7 days + type: string + findingHeadLink: + description: + FindingHeadLink link to send HEAD request to the finding + json file. Valid for 7 days + type: string + findings: + description: + FindingStats contains the general stats about the results + of the scan + properties: + categories: + additionalProperties: + format: int64 + type: integer + description: + FindingCategories indicates the count of finding + broken down by their categories type: object - storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. + count: + description: + Count indicates how many findings were identified + in total + format: int64 + type: integer + severities: + description: + FindingSeverities indicates the count of finding + with the respective severity properties: - fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - readOnly: - description: readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: secretRef specifies the secret to use for obtaining - the StorageOS API credentials. If not specified, default - values will be attempted. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - volumeName: - description: volumeName is the human-readable name of the - StorageOS volume. Volume names are only unique within - a namespace. - type: string - volumeNamespace: - description: volumeNamespace specifies the scope of the - volume within StorageOS. If no namespace is specified - then the Pod's namespace will be used. This allows the - Kubernetes name scoping to be mirrored within StorageOS - for tighter integration. Set VolumeName to any name to - override the default behaviour. Set to "default" if you - are not using namespaces within StorageOS. Namespaces - that do not pre-exist within StorageOS will be created. - type: string + high: + format: int64 + type: integer + informational: + format: int64 + type: integer + low: + format: int64 + type: integer + medium: + format: int64 + type: integer type: object - vsphereVolume: - description: vsphereVolume represents a vSphere volume attached - and mounted on kubelets host machine + type: object + finishedAt: + description: + FinishedAt contains the time where the scan (including + parser & hooks) has been marked as "Done" + format: date-time + type: string + orderedHookStatuses: + items: + items: properties: - fsType: - description: fsType is filesystem type to mount. Must be - a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. + hookName: type: string - storagePolicyID: - description: storagePolicyID is the storage Policy Based - Management (SPBM) profile ID associated with the StoragePolicyName. + jobName: type: string - storagePolicyName: - description: storagePolicyName is the storage Policy Based - Management (SPBM) profile name. + priority: + type: integer + state: + description: + HookState Describes the State of a Hook on a + Scan type: string - volumePath: - description: volumePath is the path that identifies vSphere - volume vmdk + type: + description: + HookType Defines weather the hook should be able + to change the findings or is run in a read only mode. type: string required: - - volumePath + - hookName + - priority + - state + - type type: object - required: - - name - type: object - type: array - type: object - status: - description: ScanStatus defines the observed state of Scan - properties: - errorDescription: - type: string - findingDownloadLink: - description: FindingDownloadLink link to download the finding json - file from. Valid for 7 days - type: string - findingHeadLink: - description: FindingHeadLink link to send HEAD request to the finding - json file. Valid for 7 days - type: string - findings: - description: FindingStats contains the general stats about the results - of the scan - properties: - categories: - additionalProperties: - format: int64 - type: integer - description: FindingCategories indicates the count of finding - broken down by their categories - type: object - count: - description: Count indicates how many findings were identified - in total - format: int64 - type: integer - severities: - description: FindingSeverities indicates the count of finding - with the respective severity - properties: - high: - format: int64 - type: integer - informational: - format: int64 - type: integer - low: - format: int64 - type: integer - medium: - format: int64 - type: integer - type: object - type: object - finishedAt: - description: FinishedAt contains the time where the scan (including - parser & hooks) has been marked as "Done" - format: date-time - type: string - orderedHookStatuses: - items: + type: array + type: array + rawResultDownloadLink: + description: + RawResultDownloadLink link to download the raw result + file from. Valid for 7 days + type: string + rawResultFile: + description: + RawResultFile Filename of the result file of the scanner. + e.g. `nmap-result.xml` + type: string + rawResultHeadLink: + description: + RawResultHeadLink link to send HEAD request to raw result + file. Valid for 7 days + type: string + rawResultType: + description: + RawResultType determines which kind of ParseDefinition + will be used to turn the raw results of the scanner into findings + type: string + readAndWriteHookStatus: items: properties: hookName: @@ -4076,68 +4682,28 @@ spec: priority: type: integer state: - description: HookState Describes the State of a Hook on a - Scan + description: HookState Describes the State of a Hook on a Scan type: string type: - description: HookType Defines weather the hook should be able + description: + HookType Defines weather the hook should be able to change the findings or is run in a read only mode. type: string required: - - hookName - - priority - - state - - type + - hookName + - priority + - state + - type type: object type: array - type: array - rawResultDownloadLink: - description: RawResultDownloadLink link to download the raw result - file from. Valid for 7 days - type: string - rawResultFile: - description: RawResultFile Filename of the result file of the scanner. - e.g. `nmap-result.xml` - type: string - rawResultHeadLink: - description: RawResultHeadLink link to send HEAD request to raw result - file. Valid for 7 days - type: string - rawResultType: - description: RawResultType determines which kind of ParseDefinition - will be used to turn the raw results of the scanner into findings - type: string - readAndWriteHookStatus: - items: - properties: - hookName: - type: string - jobName: - type: string - priority: - type: integer - state: - description: HookState Describes the State of a Hook on a Scan - type: string - type: - description: HookType Defines weather the hook should be able - to change the findings or is run in a read only mode. - type: string - required: - - hookName - - priority - - state - - type - type: object - type: array - state: - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + state: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} status: acceptedNames: kind: "" diff --git a/operator/crds/execution.securecodebox.io_scantypes.yaml b/operator/crds/execution.securecodebox.io_scantypes.yaml index fadf2fcca4..e599bafd0c 100644 --- a/operator/crds/execution.securecodebox.io_scantypes.yaml +++ b/operator/crds/execution.securecodebox.io_scantypes.yaml @@ -19,8221 +19,9240 @@ spec: singular: scantype scope: Namespaced versions: - - additionalPrinterColumns: - - description: Scanner Container Image - jsonPath: .spec.jobTemplate.spec.template.spec.containers[0].image - name: Image - type: string - name: v1 - schema: - openAPIV3Schema: - description: ScanType is the Schema for the scantypes API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ScanTypeSpec defines the desired state of ScanType - properties: - extractResults: - description: ExtractResults configures where the secureCodeBox can - find the results of the scan once the scanner container exited. - properties: - location: - description: From where to extract the file? Absolute path on - the containers file system. Must be located in `/home/securecodebox/`. - E.g. `/home/securecodebox/nmap-results.xml` - type: string - type: - description: Indicates the type of the file. Usually a combination - of the scanner name and file type. E.g. `nmap-xml` - type: string - type: object - jobTemplate: - description: Template of the kubernetes job to create when running - the scan - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - type: object - spec: - description: 'Specification of the desired behavior of a job. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - properties: - activeDeadlineSeconds: - description: Specifies the duration in seconds relative to - the startTime that the job may be continuously active before - the system tries to terminate it; value must be positive - integer. If a Job is suspended (at creation or through an - update), this timer will effectively be stopped and reset - when the Job is resumed again. - format: int64 - type: integer - backoffLimit: - description: Specifies the number of retries before marking - this job failed. Defaults to 6 - format: int32 - type: integer - completionMode: - description: "CompletionMode specifies how Pod completions - are tracked. It can be `NonIndexed` (default) or `Indexed`. - \n `NonIndexed` means that the Job is considered complete - when there have been .spec.completions successfully completed - Pods. Each Pod completion is homologous to each other. \n - `Indexed` means that the Pods of a Job get an associated - completion index from 0 to (.spec.completions - 1), available - in the annotation batch.kubernetes.io/job-completion-index. - The Job is considered complete when there is one successfully - completed Pod for each index. When value is `Indexed`, .spec.completions - must be specified and `.spec.parallelism` must be less than - or equal to 10^5. In addition, The Pod name takes the form - `$(job-name)-$(index)-$(random-string)`, the Pod hostname - takes the form `$(job-name)-$(index)`. \n More completion - modes can be added in the future. If the Job controller - observes a mode that it doesn't recognize, which is possible - during upgrades due to version skew, the controller skips - updates for the Job." - type: string - completions: - description: 'Specifies the desired number of successfully - finished pods the job should be run with. Setting to nil - means that the success of any pod signals the success of - all pods, and allows parallelism to have any positive value. Setting - to 1 means that parallelism is limited to 1 and the success - of that pod signals the success of the job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/' - format: int32 - type: integer - manualSelector: - description: 'manualSelector controls generation of pod labels - and pod selectors. Leave `manualSelector` unset unless you - are certain what you are doing. When false or unset, the - system pick labels unique to this job and appends those - labels to the pod template. When true, the user is responsible - for picking unique labels and specifying the selector. Failure - to pick a unique label may cause this and other jobs to - not function correctly. However, You may see `manualSelector=true` - in jobs that were created with the old `extensions/v1beta1` - API. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/#specifying-your-own-pod-selector' - type: boolean - parallelism: - description: 'Specifies the maximum desired number of pods - the job should run at any given time. The actual number - of pods running in steady state will be less than this number - when ((.spec.completions - .status.successful) < .spec.parallelism), - i.e. when the work left to do is less than max parallelism. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/' - format: int32 - type: integer - selector: - description: 'A label query over pods that should match the - pod count. Normally, the system sets this field for you. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, - Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. - If the operator is In or NotIn, the values array - must be non-empty. If the operator is Exists or - DoesNotExist, the values array must be empty. - This array is replaced during a strategic merge - patch. - items: + - additionalPrinterColumns: + - description: Scanner Container Image + jsonPath: .spec.jobTemplate.spec.template.spec.containers[0].image + name: Image + type: string + name: v1 + schema: + openAPIV3Schema: + description: ScanType is the Schema for the scantypes API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ScanTypeSpec defines the desired state of ScanType + properties: + extractResults: + description: + ExtractResults configures where the secureCodeBox can + find the results of the scan once the scanner container exited. + properties: + location: + description: + From where to extract the file? Absolute path on + the containers file system. Must be located in `/home/securecodebox/`. + E.g. `/home/securecodebox/nmap-results.xml` + type: string + type: + description: + Indicates the type of the file. Usually a combination + of the scanner name and file type. E.g. `nmap-xml` + type: string + type: object + jobTemplate: + description: + Template of the kubernetes job to create when running + the scan + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + type: object + spec: + description: + "Specification of the desired behavior of a job. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + properties: + activeDeadlineSeconds: + description: + Specifies the duration in seconds relative to + the startTime that the job may be continuously active before + the system tries to terminate it; value must be positive + integer. If a Job is suspended (at creation or through an + update), this timer will effectively be stopped and reset + when the Job is resumed again. + format: int64 + type: integer + backoffLimit: + description: + Specifies the number of retries before marking + this job failed. Defaults to 6 + format: int32 + type: integer + completionMode: + description: + "CompletionMode specifies how Pod completions + are tracked. It can be `NonIndexed` (default) or `Indexed`. + \n `NonIndexed` means that the Job is considered complete + when there have been .spec.completions successfully completed + Pods. Each Pod completion is homologous to each other. \n + `Indexed` means that the Pods of a Job get an associated + completion index from 0 to (.spec.completions - 1), available + in the annotation batch.kubernetes.io/job-completion-index. + The Job is considered complete when there is one successfully + completed Pod for each index. When value is `Indexed`, .spec.completions + must be specified and `.spec.parallelism` must be less than + or equal to 10^5. In addition, The Pod name takes the form + `$(job-name)-$(index)-$(random-string)`, the Pod hostname + takes the form `$(job-name)-$(index)`. \n More completion + modes can be added in the future. If the Job controller + observes a mode that it doesn't recognize, which is possible + during upgrades due to version skew, the controller skips + updates for the Job." + type: string + completions: + description: + "Specifies the desired number of successfully + finished pods the job should be run with. Setting to nil + means that the success of any pod signals the success of + all pods, and allows parallelism to have any positive value. Setting + to 1 means that parallelism is limited to 1 and the success + of that pod signals the success of the job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/" + format: int32 + type: integer + manualSelector: + description: + "manualSelector controls generation of pod labels + and pod selectors. Leave `manualSelector` unset unless you + are certain what you are doing. When false or unset, the + system pick labels unique to this job and appends those + labels to the pod template. When true, the user is responsible + for picking unique labels and specifying the selector. Failure + to pick a unique label may cause this and other jobs to + not function correctly. However, You may see `manualSelector=true` + in jobs that were created with the old `extensions/v1beta1` + API. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/#specifying-your-own-pod-selector" + type: boolean + parallelism: + description: + "Specifies the maximum desired number of pods + the job should run at any given time. The actual number + of pods running in steady state will be less than this number + when ((.spec.completions - .status.successful) < .spec.parallelism), + i.e. when the work left to do is less than max parallelism. + More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/" + format: int32 + type: integer + selector: + description: + "A label query over pods that should match the + pod count. Normally, the system sets this field for you. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors" + properties: + matchExpressions: + description: + matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: + A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: + key is the label key that the selector + applies to. type: string - type: array - required: - - key - - operator + operator: + description: + operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: + values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - suspend: - description: Suspend specifies whether the Job controller - should create Pods or not. If a Job is created with suspend - set to true, no Pods are created by the Job controller. - If a Job is suspended after creation (i.e. the flag goes - from false to true), the Job controller will delete all - active Pods associated with this Job. Users must design - their workload to gracefully handle this. Suspending a Job - will reset the StartTime field of the Job, effectively resetting - the ActiveDeadlineSeconds timer too. Defaults to false. - type: boolean - template: - description: 'Describes the pod that will be created when - executing a job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/' - properties: - metadata: - description: 'Standard object''s metadata. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - type: object - spec: - description: 'Specification of the desired behavior of - the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - properties: - activeDeadlineSeconds: - description: Optional duration in seconds the pod - may be active on the node relative to StartTime - before the system will actively try to mark it failed - and kill associated containers. Value must be a - positive integer. - format: int64 - type: integer - affinity: - description: If specified, the pod's scheduling constraints - properties: - nodeAffinity: - description: Describes node affinity scheduling - rules for the pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to - schedule pods to nodes that satisfy the - affinity expressions specified by this field, - but it may choose a node that violates one - or more of the expressions. The node that - is most preferred is the one with the greatest - sum of weights, i.e. for each node that - meets all of the scheduling requirements - (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum - by iterating through the elements of this - field and adding "weight" to the sum if - the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the - most preferred. - items: - description: An empty preferred scheduling - term matches all objects with implicit - weight 0 (i.e. it's a no-op). A null preferred - scheduling term matches no objects (i.e. - is also a no-op). + type: object + suspend: + description: + Suspend specifies whether the Job controller + should create Pods or not. If a Job is created with suspend + set to true, no Pods are created by the Job controller. + If a Job is suspended after creation (i.e. the flag goes + from false to true), the Job controller will delete all + active Pods associated with this Job. Users must design + their workload to gracefully handle this. Suspending a Job + will reset the StartTime field of the Job, effectively resetting + the ActiveDeadlineSeconds timer too. Defaults to false. + type: boolean + template: + description: + "Describes the pod that will be created when + executing a job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/" + properties: + metadata: + description: + "Standard object's metadata. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + type: object + spec: + description: + "Specification of the desired behavior of + the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + properties: + activeDeadlineSeconds: + description: + Optional duration in seconds the pod + may be active on the node relative to StartTime + before the system will actively try to mark it failed + and kill associated containers. Value must be a + positive integer. + format: int64 + type: integer + affinity: + description: If specified, the pod's scheduling constraints + properties: + nodeAffinity: + description: + Describes node affinity scheduling + rules for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: + The scheduler will prefer to + schedule pods to nodes that satisfy the + affinity expressions specified by this field, + but it may choose a node that violates one + or more of the expressions. The node that + is most preferred is the one with the greatest + sum of weights, i.e. for each node that + meets all of the scheduling requirements + (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum + by iterating through the elements of this + field and adding "weight" to the sum if + the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the + most preferred. + items: + description: + An empty preferred scheduling + term matches all objects with implicit + weight 0 (i.e. it's a no-op). A null preferred + scheduling term matches no objects (i.e. + is also a no-op). + properties: + preference: + description: + A node selector term, associated + with the corresponding weight. + properties: + matchExpressions: + description: + A list of node selector + requirements by node's labels. + items: + description: + A node selector requirement + is a selector that contains + values, a key, and an operator + that relates the key and values. + properties: + key: + description: + The label key + that the selector applies + to. + type: string + operator: + description: + Represents a + key's relationship to a + set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: + An array of string + values. If the operator + is In or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the values + array must be empty. If + the operator is Gt or Lt, + the values array must have + a single element, which + will be interpreted as an + integer. This array is replaced + during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: + A list of node selector + requirements by node's fields. + items: + description: + A node selector requirement + is a selector that contains + values, a key, and an operator + that relates the key and values. + properties: + key: + description: + The label key + that the selector applies + to. + type: string + operator: + description: + Represents a + key's relationship to a + set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: + An array of string + values. If the operator + is In or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the values + array must be empty. If + the operator is Gt or Lt, + the values array must have + a single element, which + will be interpreted as an + integer. This array is replaced + during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: + Weight associated with + matching the corresponding nodeSelectorTerm, + in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: + If the affinity requirements + specified by this field are not met at scheduling + time, the pod will not be scheduled onto + the node. If the affinity requirements specified + by this field cease to be met at some point + during pod execution (e.g. due to an update), + the system may or may not try to eventually + evict the pod from its node. properties: - preference: - description: A node selector term, associated - with the corresponding weight. - properties: - matchExpressions: - description: A list of node selector - requirements by node's labels. - items: - description: A node selector requirement - is a selector that contains - values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents a - key's relationship to a - set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string - values. If the operator - is In or NotIn, the values - array must be non-empty. - If the operator is Exists - or DoesNotExist, the values - array must be empty. If - the operator is Gt or Lt, - the values array must have - a single element, which - will be interpreted as an - integer. This array is replaced - during a strategic merge - patch. - items: + nodeSelectorTerms: + description: + Required. A list of node + selector terms. The terms are ORed. + items: + description: + A null or empty node selector + term matches no objects. The requirements + of them are ANDed. The TopologySelectorTerm + type implements a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: + A list of node selector + requirements by node's labels. + items: + description: + A node selector requirement + is a selector that contains + values, a key, and an operator + that relates the key and values. + properties: + key: + description: + The label key + that the selector applies + to. type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector - requirements by node's fields. - items: - description: A node selector requirement - is a selector that contains - values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents a - key's relationship to a - set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string - values. If the operator - is In or NotIn, the values - array must be non-empty. - If the operator is Exists - or DoesNotExist, the values - array must be empty. If - the operator is Gt or Lt, - the values array must have - a single element, which - will be interpreted as an - integer. This array is replaced - during a strategic merge - patch. - items: + operator: + description: + Represents a + key's relationship to a + set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - description: Weight associated with - matching the corresponding nodeSelectorTerm, - in the range 1-100. - format: int32 - type: integer + values: + description: + An array of string + values. If the operator + is In or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the values + array must be empty. If + the operator is Gt or Lt, + the values array must have + a single element, which + will be interpreted as an + integer. This array is replaced + during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: + A list of node selector + requirements by node's fields. + items: + description: + A node selector requirement + is a selector that contains + values, a key, and an operator + that relates the key and values. + properties: + key: + description: + The label key + that the selector applies + to. + type: string + operator: + description: + Represents a + key's relationship to a + set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: + An array of string + values. If the operator + is In or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the values + array must be empty. If + the operator is Gt or Lt, + the values array must have + a single element, which + will be interpreted as an + integer. This array is replaced + during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array required: - - preference - - weight + - nodeSelectorTerms type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not met at scheduling - time, the pod will not be scheduled onto - the node. If the affinity requirements specified - by this field cease to be met at some point - during pod execution (e.g. due to an update), - the system may or may not try to eventually - evict the pod from its node. - properties: - nodeSelectorTerms: - description: Required. A list of node - selector terms. The terms are ORed. - items: - description: A null or empty node selector - term matches no objects. The requirements - of them are ANDed. The TopologySelectorTerm - type implements a subset of the NodeSelectorTerm. - properties: - matchExpressions: - description: A list of node selector - requirements by node's labels. - items: - description: A node selector requirement - is a selector that contains - values, a key, and an operator - that relates the key and values. + type: object + podAffinity: + description: + Describes pod affinity scheduling + rules (e.g. co-locate this pod in the same node, + zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: + The scheduler will prefer to + schedule pods to nodes that satisfy the + affinity expressions specified by this field, + but it may choose a node that violates one + or more of the expressions. The node that + is most preferred is the one with the greatest + sum of weights, i.e. for each node that + meets all of the scheduling requirements + (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum + by iterating through the elements of this + field and adding "weight" to the sum if + the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest + sum are the most preferred. + items: + description: + The weights of all of the matched + WeightedPodAffinityTerm fields are added + per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: + Required. A pod affinity + term, associated with the corresponding + weight. + properties: + labelSelector: + description: + A label query over + a set of resources, in this case + pods. properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents a - key's relationship to a - set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string - values. If the operator - is In or NotIn, the values - array must be non-empty. - If the operator is Exists - or DoesNotExist, the values - array must be empty. If - the operator is Gt or Lt, - the values array must have - a single element, which - will be interpreted as an - integer. This array is replaced - during a strategic merge - patch. + matchExpressions: + description: + matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. items: - type: string + description: + A label selector + requirement is a selector + that contains values, a + key, and an operator that + relates the key and values. + properties: + key: + description: + key is the + label key that the selector + applies to. + type: string + operator: + description: + operator + represents a key's relationship + to a set of values. + Valid operators are + In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is + an array of string values. + If the operator is In + or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the + values array must be + empty. This array is + replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is + a map of {key,value} pairs. + A single {key,value} in the + matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", + the operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object type: object - type: array - matchFields: - description: A list of node selector - requirements by node's fields. - items: - description: A node selector requirement - is a selector that contains - values, a key, and an operator - that relates the key and values. + namespaceSelector: + description: + A label query over + the set of namespaces that the + term applies to. The term is applied + to the union of the namespaces + selected by this field and the + ones listed in the namespaces + field. null selector and null + or empty namespaces list means + "this pod's namespace". An empty + selector ({}) matches all namespaces. properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents a - key's relationship to a - set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string - values. If the operator - is In or NotIn, the values - array must be non-empty. - If the operator is Exists - or DoesNotExist, the values - array must be empty. If - the operator is Gt or Lt, - the values array must have - a single element, which - will be interpreted as an - integer. This array is replaced - during a strategic merge - patch. + matchExpressions: + description: + matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. items: - type: string + description: + A label selector + requirement is a selector + that contains values, a + key, and an operator that + relates the key and values. + properties: + key: + description: + key is the + label key that the selector + applies to. + type: string + operator: + description: + operator + represents a key's relationship + to a set of values. + Valid operators are + In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is + an array of string values. + If the operator is In + or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the + values array must be + empty. This array is + replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is + a map of {key,value} pairs. + A single {key,value} in the + matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", + the operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - description: Describes pod affinity scheduling - rules (e.g. co-locate this pod in the same node, - zone, etc. as some other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to - schedule pods to nodes that satisfy the - affinity expressions specified by this field, - but it may choose a node that violates one - or more of the expressions. The node that - is most preferred is the one with the greatest - sum of weights, i.e. for each node that - meets all of the scheduling requirements - (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum - by iterating through the elements of this - field and adding "weight" to the sum if - the node has pods which matches the corresponding - podAffinityTerm; the node(s) with the highest - sum are the most preferred. - items: - description: The weights of all of the matched - WeightedPodAffinityTerm fields are added - per-node to find the most preferred node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity - term, associated with the corresponding - weight. - properties: - labelSelector: - description: A label query over - a set of resources, in this case - pods. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a - key, and an operator that - relates the key and values. - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator - represents a key's relationship - to a set of values. - Valid operators are - In, NotIn, Exists and - DoesNotExist. + namespaces: + description: + namespaces specifies + a static list of namespace names + that the term applies to. The + term is applied to the union of + the namespaces listed in this + field and the ones selected by + namespaceSelector. null or empty + namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: + This pod should be + co-located (affinity) or not co-located + (anti-affinity) with the pods + matching the labelSelector in + the specified namespaces, where + co-located is defined as running + on a node whose value of the label + with key topologyKey matches that + of any node on which any of the + selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: + weight associated with + matching the corresponding podAffinityTerm, + in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: + If the affinity requirements + specified by this field are not met at scheduling + time, the pod will not be scheduled onto + the node. If the affinity requirements specified + by this field cease to be met at some point + during pod execution (e.g. due to a pod + label update), the system may or may not + try to eventually evict the pod from its + node. When there are multiple elements, + the lists of nodes corresponding to each + podAffinityTerm are intersected, i.e. all + terms must be satisfied. + items: + description: + Defines a set of pods (namely + those matching the labelSelector relative + to the given namespace(s)) that this pod + should be co-located (affinity) or not + co-located (anti-affinity) with, where + co-located is defined as running on a + node whose value of the label with key + matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: + A label query over a set + of resources, in this case pods. + properties: + matchExpressions: + description: + matchExpressions is + a list of label selector requirements. + The requirements are ANDed. + items: + description: + A label selector + requirement is a selector that + contains values, a key, and + an operator that relates the + key and values. + properties: + key: + description: + key is the label + key that the selector applies + to. + type: string + operator: + description: + operator represents + a key's relationship to + a set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an + array of string values. + If the operator is In or + NotIn, the values array + must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be + empty. This array is replaced + during a strategic merge + patch. + items: type: string - values: - description: values is - an array of string values. - If the operator is In - or NotIn, the values - array must be non-empty. - If the operator is Exists - or DoesNotExist, the - values array must be - empty. This array is - replaced during a strategic - merge patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - A single {key,value} in the - matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", - the operator is "In", and - the values array contains - only "value". The requirements - are ANDed. type: object - type: object - namespaceSelector: - description: A label query over - the set of namespaces that the - term applies to. The term is applied - to the union of the namespaces - selected by this field and the - ones listed in the namespaces - field. null selector and null - or empty namespaces list means - "this pod's namespace". An empty - selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a - key, and an operator that - relates the key and values. - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator - represents a key's relationship - to a set of values. - Valid operators are - In, NotIn, Exists and - DoesNotExist. + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map + of {key,value} pairs. A single + {key,value} in the matchLabels + map is equivalent to an element + of matchExpressions, whose key + field is "key", the operator is + "In", and the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + namespaceSelector: + description: + A label query over the + set of namespaces that the term applies + to. The term is applied to the union + of the namespaces selected by this + field and the ones listed in the namespaces + field. null selector and null or empty + namespaces list means "this pod's + namespace". An empty selector ({}) + matches all namespaces. + properties: + matchExpressions: + description: + matchExpressions is + a list of label selector requirements. + The requirements are ANDed. + items: + description: + A label selector + requirement is a selector that + contains values, a key, and + an operator that relates the + key and values. + properties: + key: + description: + key is the label + key that the selector applies + to. + type: string + operator: + description: + operator represents + a key's relationship to + a set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an + array of string values. + If the operator is In or + NotIn, the values array + must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be + empty. This array is replaced + during a strategic merge + patch. + items: type: string - values: - description: values is - an array of string values. - If the operator is In - or NotIn, the values - array must be non-empty. - If the operator is Exists - or DoesNotExist, the - values array must be - empty. This array is - replaced during a strategic - merge patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - A single {key,value} in the - matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", - the operator is "In", and - the values array contains - only "value". The requirements - are ANDed. type: object - type: object - namespaces: - description: namespaces specifies - a static list of namespace names - that the term applies to. The - term is applied to the union of - the namespaces listed in this - field and the ones selected by - namespaceSelector. null or empty - namespaces list and null namespaceSelector - means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be - co-located (affinity) or not co-located - (anti-affinity) with the pods - matching the labelSelector in - the specified namespaces, where - co-located is defined as running - on a node whose value of the label - with key topologyKey matches that - of any node on which any of the - selected pods is running. Empty - topologyKey is not allowed. + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map + of {key,value} pairs. A single + {key,value} in the matchLabels + map is equivalent to an element + of matchExpressions, whose key + field is "key", the operator is + "In", and the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + namespaces: + description: + namespaces specifies a + static list of namespace names that + the term applies to. The term is applied + to the union of the namespaces listed + in this field and the ones selected + by namespaceSelector. null or empty + namespaces list and null namespaceSelector + means "this pod's namespace". + items: type: string - required: + type: array + topologyKey: + description: + This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where + co-located is defined as running on + a node whose value of the label with + key topologyKey matches that of any + node on which any of the selected + pods is running. Empty topologyKey + is not allowed. + type: string + required: - topologyKey - type: object - weight: - description: weight associated with - matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not met at scheduling - time, the pod will not be scheduled onto - the node. If the affinity requirements specified - by this field cease to be met at some point - during pod execution (e.g. due to a pod - label update), the system may or may not - try to eventually evict the pod from its - node. When there are multiple elements, - the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all - terms must be satisfied. - items: - description: Defines a set of pods (namely - those matching the labelSelector relative - to the given namespace(s)) that this pod - should be co-located (affinity) or not - co-located (anti-affinity) with, where - co-located is defined as running on a - node whose value of the label with key - matches that of any node - on which a pod of the set of pods is running - properties: - labelSelector: - description: A label query over a set - of resources, in this case pods. - properties: - matchExpressions: - description: matchExpressions is - a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates the - key and values. + type: object + type: array + type: object + podAntiAffinity: + description: + Describes pod anti-affinity scheduling + rules (e.g. avoid putting this pod in the same + node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: + The scheduler will prefer to + schedule pods to nodes that satisfy the + anti-affinity expressions specified by this + field, but it may choose a node that violates + one or more of the expressions. The node + that is most preferred is the one with the + greatest sum of weights, i.e. for each node + that meets all of the scheduling requirements + (resource request, requiredDuringScheduling + anti-affinity expressions, etc.), compute + a sum by iterating through the elements + of this field and adding "weight" to the + sum if the node has pods which matches the + corresponding podAffinityTerm; the node(s) + with the highest sum are the most preferred. + items: + description: + The weights of all of the matched + WeightedPodAffinityTerm fields are added + per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: + Required. A pod affinity + term, associated with the corresponding + weight. + properties: + labelSelector: + description: + A label query over + a set of resources, in this case + pods. properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an - array of string values. - If the operator is In or - NotIn, the values array - must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be - empty. This array is replaced - during a strategic merge - patch. + matchExpressions: + description: + matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. items: - type: string + description: + A label selector + requirement is a selector + that contains values, a + key, and an operator that + relates the key and values. + properties: + key: + description: + key is the + label key that the selector + applies to. + type: string + operator: + description: + operator + represents a key's relationship + to a set of values. + Valid operators are + In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is + an array of string values. + If the operator is In + or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the + values array must be + empty. This array is + replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is + a map of {key,value} pairs. + A single {key,value} in the + matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", + the operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. A single - {key,value} in the matchLabels - map is equivalent to an element - of matchExpressions, whose key - field is "key", the operator is - "In", and the values array contains - only "value". The requirements - are ANDed. - type: object - type: object - namespaceSelector: - description: A label query over the - set of namespaces that the term applies - to. The term is applied to the union - of the namespaces selected by this - field and the ones listed in the namespaces - field. null selector and null or empty - namespaces list means "this pod's - namespace". An empty selector ({}) - matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is - a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates the - key and values. + namespaceSelector: + description: + A label query over + the set of namespaces that the + term applies to. The term is applied + to the union of the namespaces + selected by this field and the + ones listed in the namespaces + field. null selector and null + or empty namespaces list means + "this pod's namespace". An empty + selector ({}) matches all namespaces. properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an - array of string values. - If the operator is In or - NotIn, the values array - must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be - empty. This array is replaced - during a strategic merge - patch. + matchExpressions: + description: + matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. items: - type: string - type: array - required: - - key - - operator + description: + A label selector + requirement is a selector + that contains values, a + key, and an operator that + relates the key and values. + properties: + key: + description: + key is the + label key that the selector + applies to. + type: string + operator: + description: + operator + represents a key's relationship + to a set of values. + Valid operators are + In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is + an array of string values. + If the operator is In + or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the + values array must be + empty. This array is + replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is + a map of {key,value} pairs. + A single {key,value} in the + matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", + the operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: + namespaces: + description: + namespaces specifies + a static list of namespace names + that the term applies to. The + term is applied to the union of + the namespaces listed in this + field and the ones selected by + namespaceSelector. null or empty + namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: + This pod should be + co-located (affinity) or not co-located + (anti-affinity) with the pods + matching the labelSelector in + the specified namespaces, where + co-located is defined as running + on a node whose value of the label + with key topologyKey matches that + of any node on which any of the + selected pods is running. Empty + topologyKey is not allowed. type: string - description: matchLabels is a map - of {key,value} pairs. A single - {key,value} in the matchLabels - map is equivalent to an element - of matchExpressions, whose key - field is "key", the operator is - "In", and the values array contains - only "value". The requirements - are ANDed. - type: object - type: object - namespaces: - description: namespaces specifies a - static list of namespace names that - the term applies to. The term is applied - to the union of the namespaces listed - in this field and the ones selected - by namespaceSelector. null or empty - namespaces list and null namespaceSelector - means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where - co-located is defined as running on - a node whose value of the label with - key topologyKey matches that of any - node on which any of the selected - pods is running. Empty topologyKey - is not allowed. - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling - rules (e.g. avoid putting this pod in the same - node, zone, etc. as some other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to - schedule pods to nodes that satisfy the - anti-affinity expressions specified by this - field, but it may choose a node that violates - one or more of the expressions. The node - that is most preferred is the one with the - greatest sum of weights, i.e. for each node - that meets all of the scheduling requirements - (resource request, requiredDuringScheduling - anti-affinity expressions, etc.), compute - a sum by iterating through the elements - of this field and adding "weight" to the - sum if the node has pods which matches the - corresponding podAffinityTerm; the node(s) - with the highest sum are the most preferred. - items: - description: The weights of all of the matched - WeightedPodAffinityTerm fields are added - per-node to find the most preferred node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity - term, associated with the corresponding - weight. - properties: - labelSelector: - description: A label query over - a set of resources, in this case - pods. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a - key, and an operator that - relates the key and values. - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator - represents a key's relationship - to a set of values. - Valid operators are - In, NotIn, Exists and - DoesNotExist. + required: + - topologyKey + type: object + weight: + description: + weight associated with + matching the corresponding podAffinityTerm, + in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: + If the anti-affinity requirements + specified by this field are not met at scheduling + time, the pod will not be scheduled onto + the node. If the anti-affinity requirements + specified by this field cease to be met + at some point during pod execution (e.g. + due to a pod label update), the system may + or may not try to eventually evict the pod + from its node. When there are multiple elements, + the lists of nodes corresponding to each + podAffinityTerm are intersected, i.e. all + terms must be satisfied. + items: + description: + Defines a set of pods (namely + those matching the labelSelector relative + to the given namespace(s)) that this pod + should be co-located (affinity) or not + co-located (anti-affinity) with, where + co-located is defined as running on a + node whose value of the label with key + matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: + A label query over a set + of resources, in this case pods. + properties: + matchExpressions: + description: + matchExpressions is + a list of label selector requirements. + The requirements are ANDed. + items: + description: + A label selector + requirement is a selector that + contains values, a key, and + an operator that relates the + key and values. + properties: + key: + description: + key is the label + key that the selector applies + to. + type: string + operator: + description: + operator represents + a key's relationship to + a set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an + array of string values. + If the operator is In or + NotIn, the values array + must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be + empty. This array is replaced + during a strategic merge + patch. + items: type: string - values: - description: values is - an array of string values. - If the operator is In - or NotIn, the values - array must be non-empty. - If the operator is Exists - or DoesNotExist, the - values array must be - empty. This array is - replaced during a strategic - merge patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - A single {key,value} in the - matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", - the operator is "In", and - the values array contains - only "value". The requirements - are ANDed. type: object - type: object - namespaceSelector: - description: A label query over - the set of namespaces that the - term applies to. The term is applied - to the union of the namespaces - selected by this field and the - ones listed in the namespaces - field. null selector and null - or empty namespaces list means - "this pod's namespace". An empty - selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a - key, and an operator that - relates the key and values. - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator - represents a key's relationship - to a set of values. - Valid operators are - In, NotIn, Exists and - DoesNotExist. + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map + of {key,value} pairs. A single + {key,value} in the matchLabels + map is equivalent to an element + of matchExpressions, whose key + field is "key", the operator is + "In", and the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + namespaceSelector: + description: + A label query over the + set of namespaces that the term applies + to. The term is applied to the union + of the namespaces selected by this + field and the ones listed in the namespaces + field. null selector and null or empty + namespaces list means "this pod's + namespace". An empty selector ({}) + matches all namespaces. + properties: + matchExpressions: + description: + matchExpressions is + a list of label selector requirements. + The requirements are ANDed. + items: + description: + A label selector + requirement is a selector that + contains values, a key, and + an operator that relates the + key and values. + properties: + key: + description: + key is the label + key that the selector applies + to. + type: string + operator: + description: + operator represents + a key's relationship to + a set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an + array of string values. + If the operator is In or + NotIn, the values array + must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be + empty. This array is replaced + during a strategic merge + patch. + items: type: string - values: - description: values is - an array of string values. - If the operator is In - or NotIn, the values - array must be non-empty. - If the operator is Exists - or DoesNotExist, the - values array must be - empty. This array is - replaced during a strategic - merge patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - A single {key,value} in the - matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", - the operator is "In", and - the values array contains - only "value". The requirements - are ANDed. type: object - type: object - namespaces: - description: namespaces specifies - a static list of namespace names - that the term applies to. The - term is applied to the union of - the namespaces listed in this - field and the ones selected by - namespaceSelector. null or empty - namespaces list and null namespaceSelector - means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be - co-located (affinity) or not co-located - (anti-affinity) with the pods - matching the labelSelector in - the specified namespaces, where - co-located is defined as running - on a node whose value of the label - with key topologyKey matches that - of any node on which any of the - selected pods is running. Empty - topologyKey is not allowed. + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map + of {key,value} pairs. A single + {key,value} in the matchLabels + map is equivalent to an element + of matchExpressions, whose key + field is "key", the operator is + "In", and the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + namespaces: + description: + namespaces specifies a + static list of namespace names that + the term applies to. The term is applied + to the union of the namespaces listed + in this field and the ones selected + by namespaceSelector. null or empty + namespaces list and null namespaceSelector + means "this pod's namespace". + items: type: string - required: + type: array + topologyKey: + description: + This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where + co-located is defined as running on + a node whose value of the label with + key topologyKey matches that of any + node on which any of the selected + pods is running. Empty topologyKey + is not allowed. + type: string + required: - topologyKey - type: object - weight: - description: weight associated with - matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object + type: object + type: array + type: object + type: object + automountServiceAccountToken: + description: + AutomountServiceAccountToken indicates + whether a service account token should be automatically + mounted. + type: boolean + containers: + description: + List of containers belonging to the pod. + Containers cannot currently be added or removed. + There must be at least one container in a Pod. Cannot + be updated. + items: + description: + A single application container that + you want to run within a pod. + properties: + args: + description: + 'Arguments to the entrypoint. The + container image''s CMD is used if this is + not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. + If a variable cannot be resolved, the reference + in the input string will be unchanged. Double + $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: + 'Entrypoint array. Not executed + within a shell. The container image''s ENTRYPOINT + is used if this is not provided. Variable + references $(VAR_NAME) are expanded using + the container''s environment. If a variable + cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, + regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements - specified by this field are not met at scheduling - time, the pod will not be scheduled onto - the node. If the anti-affinity requirements - specified by this field cease to be met - at some point during pod execution (e.g. - due to a pod label update), the system may - or may not try to eventually evict the pod - from its node. When there are multiple elements, - the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all - terms must be satisfied. + env: + description: + List of environment variables to + set in the container. Cannot be updated. items: - description: Defines a set of pods (namely - those matching the labelSelector relative - to the given namespace(s)) that this pod - should be co-located (affinity) or not - co-located (anti-affinity) with, where - co-located is defined as running on a - node whose value of the label with key - matches that of any node - on which a pod of the set of pods is running + description: + EnvVar represents an environment + variable present in a Container. properties: - labelSelector: - description: A label query over a set - of resources, in this case pods. + name: + description: + Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: + 'Variable references $(VAR_NAME) + are expanded using the previously defined + environment variables in the container + and any service environment variables. + If a variable cannot be resolved, the + reference in the input string will be + unchanged. Double $$ are reduced to + a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, + regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: + Source for the environment + variable's value. Cannot be used if + value is not empty. properties: - matchExpressions: - description: matchExpressions is - a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates the - key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an - array of string values. - If the operator is In or - NotIn, the values array - must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be - empty. This array is replaced - during a strategic merge - patch. - items: - type: string - type: array - required: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?" + type: string + optional: + description: + Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. A single - {key,value} in the matchLabels - map is equivalent to an element - of matchExpressions, whose key - field is "key", the operator is - "In", and the values array contains - only "value". The requirements - are ANDed. type: object - type: object - namespaceSelector: - description: A label query over the - set of namespaces that the term applies - to. The term is applied to the union - of the namespaces selected by this - field and the ones listed in the namespaces - field. null selector and null or empty - namespaces list means "this pod's - namespace". An empty selector ({}) - matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is - a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates the - key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an - array of string values. - If the operator is In or - NotIn, the values array - must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be - empty. This array is replaced - during a strategic merge - patch. - items: - type: string - type: array - required: + fieldRef: + description: + "Selects a field of the + pod: supports metadata.name, metadata.namespace, + `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: + Version of the schema + the FieldPath is written in + terms of, defaults to "v1". + type: string + fieldPath: + description: + Path of the field + to select in the specified API + version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: + "Selects a resource of + the container: only resources limits + and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported." + properties: + containerName: + description: + "Container name: + required for volumes, optional + for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: + "Required: resource + to select" + type: string + required: + - resource + type: object + secretKeyRef: + description: + Selects a key of a secret + in the pod's namespace + properties: + key: + description: + The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?" + type: string + optional: + description: + Specify whether the + Secret or its key must be defined + type: boolean + required: - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. A single - {key,value} in the matchLabels - map is equivalent to an element - of matchExpressions, whose key - field is "key", the operator is - "In", and the values array contains - only "value". The requirements - are ANDed. type: object type: object - namespaces: - description: namespaces specifies a - static list of namespace names that - the term applies to. The term is applied - to the union of the namespaces listed - in this field and the ones selected - by namespaceSelector. null or empty - namespaces list and null namespaceSelector - means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where - co-located is defined as running on - a node whose value of the label with - key topologyKey matches that of any - node on which any of the selected - pods is running. Empty topologyKey - is not allowed. - type: string required: - - topologyKey + - name type: object type: array - type: object - type: object - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates - whether a service account token should be automatically - mounted. - type: boolean - containers: - description: List of containers belonging to the pod. - Containers cannot currently be added or removed. - There must be at least one container in a Pod. Cannot - be updated. - items: - description: A single application container that - you want to run within a pod. - properties: - args: - description: 'Arguments to the entrypoint. The - container image''s CMD is used if this is - not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. - If a variable cannot be resolved, the reference - in the input string will be unchanged. Double - $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal - "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable - exists or not. Cannot be updated. More info: - https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: + envFrom: + description: + List of sources to populate environment + variables in the container. The keys defined + within a source must be a C_IDENTIFIER. All + invalid keys will be reported as an event + when the container is starting. When a key + exists in multiple sources, the value associated + with the last source will take precedence. + Values defined by an Env with a duplicate + key will take precedence. Cannot be updated. + items: + description: + EnvFromSource represents the + source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + optional: + description: + Specify whether the ConfigMap + must be defined + type: boolean + type: object + prefix: + description: + An optional identifier to + prepend to each key in the ConfigMap. + Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + optional: + description: + Specify whether the Secret + must be defined + type: boolean + type: object + type: object + type: array + image: + description: + "Container image name. More info: + https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level + config management to default or override container + images in workload controllers like Deployments + and StatefulSets." type: string - type: array - command: - description: 'Entrypoint array. Not executed - within a shell. The container image''s ENTRYPOINT - is used if this is not provided. Variable - references $(VAR_NAME) are expanded using - the container''s environment. If a variable - cannot be resolved, the reference in the input - string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the - $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, - regardless of whether the variable exists - or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: + imagePullPolicy: + description: + "Image pull policy. One of Always, + Never, IfNotPresent. Defaults to Always if + :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: string - type: array - env: - description: List of environment variables to - set in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. + lifecycle: + description: + Actions that the management system + should take in response to container lifecycle + events. Cannot be updated. properties: - name: - description: Name of the environment variable. - Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in the container - and any service environment variables. - If a variable cannot be resolved, the - reference in the input string will be - unchanged. Double $$ are reduced to - a single $, which allows for escaping - the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, - regardless of whether the variable exists - or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment - variable's value. Cannot be used if - value is not empty. + postStart: + description: + "PostStart is called immediately + after a container is created. If the handler + fails, the container is terminated and + restarted according to its restart policy. + Other management of the container blocks + until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. + exec: + description: + Exec specifies the action + to take. + properties: + command: + description: + Command is the command + line to execute inside the container, + the working directory for the + command is root ('/') in the + container's filesystem. The command + is simply exec'd, it is not run + inside a shell, so traditional + shell instructions ('|', etc) + won't work. To use a shell, you + need to explicitly call out to + that shell. Exit status of 0 is + treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: + HTTPGet specifies the http + request to perform. properties: - key: - description: The key to select. + host: + description: + Host name to connect + to, defaults to the pod IP. You + probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set + in the request. HTTP allows repeated + headers. + items: + description: + HTTPHeader describes + a custom header to be used in + HTTP probes + properties: + name: + description: + The header field + name + type: string + value: + description: + The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: + Path to access on the + HTTP server. type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. - apiVersion, kind, uid?' + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting + to the host. Defaults to HTTP. type: string - optional: - description: Specify whether the - ConfigMap or its key must be - defined - type: boolean required: - - key + - port type: object - fieldRef: - description: 'Selects a field of the - pod: supports metadata.name, metadata.namespace, - `metadata.labels['''']`, `metadata.annotations['''']`, - spec.nodeName, spec.serviceAccountName, - status.hostIP, status.podIP, status.podIPs.' + tcpSocket: + description: + Deprecated. TCPSocket is + NOT supported as a LifecycleHandler + and kept for the backward compatibility. + There are no validation of this field + and lifecycle hooks will fail in runtime + when tcp handler is specified. properties: - apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field - to select in the specified API - version. + host: + description: + "Optional: Host name + to connect to, defaults to the + pod IP." type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - fieldPath + - port + type: object + type: object + preStop: + description: + "PreStop is called immediately + before a container is terminated due to + an API request or management event such + as liveness/startup probe failure, preemption, + resource contention, etc. The handler + is not called if the container crashes + or exits. The Pod's termination grace + period countdown begins before the PreStop + hook is executed. Regardless of the outcome + of the handler, the container will eventually + terminate within the Pod's termination + grace period (unless delayed by finalizers). + Other management of the container blocks + until the hook completes or until the + termination grace period is reached. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + properties: + exec: + description: + Exec specifies the action + to take. + properties: + command: + description: + Command is the command + line to execute inside the container, + the working directory for the + command is root ('/') in the + container's filesystem. The command + is simply exec'd, it is not run + inside a shell, so traditional + shell instructions ('|', etc) + won't work. To use a shell, you + need to explicitly call out to + that shell. Exit status of 0 is + treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array type: object - resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' + httpGet: + description: + HTTPGet specifies the http + request to perform. properties: - containerName: - description: 'Container name: - required for volumes, optional - for env vars' + host: + description: + Host name to connect + to, defaults to the pod IP. You + probably want to set "Host" in + httpHeaders instead. type: string - divisor: + httpHeaders: + description: + Custom headers to set + in the request. HTTP allows repeated + headers. + items: + description: + HTTPHeader describes + a custom header to be used in + HTTP probes + properties: + name: + description: + The header field + name + type: string + value: + description: + The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: + Path to access on the + HTTP server. + type: string + port: anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - type: integer + - type: string + description: + Name or number of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' + scheme: + description: + Scheme to use for connecting + to the host. Defaults to HTTP. type: string required: - - resource + - port type: object - secretKeyRef: - description: Selects a key of a secret - in the pod's namespace + tcpSocket: + description: + Deprecated. TCPSocket is + NOT supported as a LifecycleHandler + and kept for the backward compatibility. + There are no validation of this field + and lifecycle hooks will fail in runtime + when tcp handler is specified. properties: - key: - description: The key of the secret - to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. - apiVersion, kind, uid?' + host: + description: + "Optional: Host name + to connect to, defaults to the + pod IP." type: string - optional: - description: Specify whether the - Secret or its key must be defined - type: boolean + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - key + - port type: object type: object - required: - - name type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. The keys defined - within a source must be a C_IDENTIFIER. All - invalid keys will be reported as an event - when the container is starting. When a key - exists in multiple sources, the value associated - with the last source will take precedence. - Values defined by an Env with a duplicate - key will take precedence. Cannot be updated. - items: - description: EnvFromSource represents the - source of a set of ConfigMaps + livenessProbe: + description: + "Periodic probe of container liveness. + Container will be restarted if the probe fails. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: - configMapRef: - description: The ConfigMap to select from + exec: + description: + Exec specifies the action to + take. properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap - must be defined - type: boolean + command: + description: + Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array type: object - prefix: - description: An optional identifier to - prepend to each key in the ConfigMap. - Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from + failureThreshold: + description: + Minimum consecutive failures + for the probe to be considered failed + after having succeeded. Defaults to 3. + Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving + a GRPC port. This is a beta field and + requires enabling GRPCContainerProbe feature + gate. properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + port: + description: + Port number of the gRPC + service. Number must be in the range + 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." type: string - optional: - description: Specify whether the Secret - must be defined - type: boolean + required: + - port type: object - type: object - type: array - image: - description: 'Container image name. More info: - https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level - config management to default or override container - images in workload controllers like Deployments - and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, - Never, IfNotPresent. Defaults to Always if - :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - lifecycle: - description: Actions that the management system - should take in response to container lifecycle - events. Cannot be updated. - properties: - postStart: - description: 'PostStart is called immediately - after a container is created. If the handler - fails, the container is terminated and - restarted according to its restart policy. - Other management of the container blocks - until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: Command is the command - line to execute inside the container, - the working directory for the - command is root ('/') in the - container's filesystem. The command - is simply exec'd, it is not run - inside a shell, so traditional - shell instructions ('|', etc) - won't work. To use a shell, you - need to explicitly call out to - that shell. Exit status of 0 is - treated as live/healthy and non-zero - is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. You - probably want to set "Host" in - httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: + httpGet: + description: + HTTPGet specifies the http + request to perform. + properties: + host: + description: + Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: + Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: + HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: + The header field + name + type: string + value: + description: + The header field + value + type: string + required: - name - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: + type: object + type: array + path: + description: + Path to access on the HTTP + server. + type: string + port: + anyOf: - type: integer - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: + description: + Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is - NOT supported as a LifecycleHandler - and kept for the backward compatibility. - There are no validation of this field - and lifecycle hooks will fail in runtime - when tcp handler is specified. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: + type: object + initialDelaySeconds: + description: + "Number of seconds after the + container has started before liveness + probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes + for the probe to be considered successful + after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action + involving a TCP port. + properties: + host: + description: + "Optional: Host name to + connect to, defaults to the pod IP." + type: string + port: + anyOf: - type: integer - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: + description: + Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: - port - type: object - type: object - preStop: - description: 'PreStop is called immediately - before a container is terminated due to - an API request or management event such - as liveness/startup probe failure, preemption, - resource contention, etc. The handler - is not called if the container crashes - or exits. The Pod''s termination grace - period countdown begins before the PreStop - hook is executed. Regardless of the outcome - of the handler, the container will eventually - terminate within the Pod''s termination - grace period (unless delayed by finalizers). - Other management of the container blocks - until the hook completes or until the - termination grace period is reached. More - info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. The grace period is + the duration in seconds after the processes + running in the pod are sent a termination + signal and the time when the processes + are forcibly halted with a kill signal. + Set this value longer than the expected + cleanup time for your process. If this + value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value + zero indicates stop immediately via the + kill signal (no opportunity to shut down). + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + name: + description: + Name of the container specified + as a DNS_LABEL. Each container in a pod must + have a unique name (DNS_LABEL). Cannot be + updated. + type: string + ports: + description: + List of ports to expose from the + container. Exposing a port here gives the + system additional information about the network + connections a container uses, but is primarily + informational. Not specifying a port here + DOES NOT prevent that port from being exposed. + Any port which is listening on the default + "0.0.0.0" address inside a container will + be accessible from the network. Cannot be + updated. + items: + description: + ContainerPort represents a network + port in a single container. properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: Command is the command - line to execute inside the container, - the working directory for the - command is root ('/') in the - container's filesystem. The command - is simply exec'd, it is not run - inside a shell, so traditional - shell instructions ('|', etc) - won't work. To use a shell, you - need to explicitly call out to - that shell. Exit status of 0 is - treated as live/healthy and non-zero - is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. You - probably want to set "Host" in - httpHeaders instead. + containerPort: + description: + Number of port to expose + on the pod's IP address. This must be + a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: + What host IP to bind the + external port to. + type: string + hostPort: + description: + Number of port to expose + on the host. If specified, this must + be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must + match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: + If specified, this must be + an IANA_SVC_NAME and unique within the + pod. Each named port in a pod must have + a unique name. Name for the port that + can be referred to by services. + type: string + protocol: + default: TCP + description: + Protocol for port. Must be + UDP, TCP, or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: + "Periodic probe of container service + readiness. Container will be removed from + service endpoints if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + properties: + exec: + description: + Exec specifies the action to + take. + properties: + command: + description: + Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: + type: array + type: object + failureThreshold: + description: + Minimum consecutive failures + for the probe to be considered failed + after having succeeded. Defaults to 3. + Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving + a GRPC port. This is a beta field and + requires enabling GRPCContainerProbe feature + gate. + properties: + port: + description: + Port number of the gRPC + service. Number must be in the range + 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: + HTTPGet specifies the http + request to perform. + properties: + host: + description: + Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: + Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: + HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: + The header field + name + type: string + value: + description: + The header field + value + type: string + required: - name - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: + type: object + type: array + path: + description: + Path to access on the HTTP + server. + type: string + port: + anyOf: - type: integer - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: + description: + Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is - NOT supported as a LifecycleHandler - and kept for the backward compatibility. - There are no validation of this field - and lifecycle hooks will fail in runtime - when tcp handler is specified. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' + type: object + initialDelaySeconds: + description: + "Number of seconds after the + container has started before liveness + probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes + for the probe to be considered successful + after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action + involving a TCP port. + properties: + host: + description: + "Optional: Host name to + connect to, defaults to the pod IP." + type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. The grace period is + the duration in seconds after the processes + running in the pod are sent a termination + signal and the time when the processes + are forcibly halted with a kill signal. + Set this value longer than the expected + cleanup time for your process. If this + value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value + zero indicates stop immediately via the + kill signal (no opportunity to shut down). + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + resources: + description: + "Compute Resources required by + this container. Cannot be updated. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: + "Limits describes the maximum + amount of compute resources allowed. More + info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: + "Requests describes the minimum + amount of compute resources required. + If Requests is omitted for a container, + it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + type: object + securityContext: + description: + "SecurityContext defines the security + options the container should be run with. + If set, the fields of SecurityContext override + the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + properties: + allowPrivilegeEscalation: + description: + "AllowPrivilegeEscalation controls + whether a process can gain more privileges + than its parent process. This bool directly + controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: + 1) run as Privileged 2) has CAP_SYS_ADMIN + Note that this field cannot be set when + spec.os.name is windows." + type: boolean + capabilities: + description: + The capabilities to add/drop + when running containers. Defaults to the + default set of capabilities granted by + the container runtime. Note that this + field cannot be set when spec.os.name + is windows. + properties: + add: + description: Added capabilities + items: + description: + Capability represent + POSIX capabilities type + type: string + type: array + drop: + description: Removed capabilities + items: + description: + Capability represent + POSIX capabilities type + type: string + type: array + type: object + privileged: + description: + Run container in privileged + mode. Processes in privileged containers + are essentially equivalent to root on + the host. Defaults to false. Note that + this field cannot be set when spec.os.name + is windows. + type: boolean + procMount: + description: + procMount denotes the type + of proc mount to use for the containers. + The default is DefaultProcMount which + uses the container runtime defaults for + readonly paths and masked paths. This + requires the ProcMountType feature flag + to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: + Whether this container has + a read-only root filesystem. Default is + false. Note that this field cannot be + set when spec.os.name is windows. + type: boolean + runAsGroup: + description: + The GID to run the entrypoint + of the container process. Uses runtime + default if unset. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. Note that this field + cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: + Indicates that the container + must run as a non-root user. If true, + the Kubelet will validate the image at + runtime to ensure that it does not run + as UID 0 (root) and fail to start the + container if it does. If unset or false, + no such validation will be performed. + May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. + type: boolean + runAsUser: + description: + The UID to run the entrypoint + of the container process. Defaults to + user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. Note that this field + cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: + The SELinux context to be applied + to the container. If unspecified, the + container runtime will allocate a random + SELinux context for each container. May + also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. Note that this field + cannot be set when spec.os.name is windows. + properties: + level: + description: + Level is SELinux level + label that applies to the container. + type: string + role: + description: + Role is a SELinux role + label that applies to the container. + type: string + type: + description: + Type is a SELinux type + label that applies to the container. + type: string + user: + description: + User is a SELinux user + label that applies to the container. + type: string + type: object + seccompProfile: + description: + The seccomp options to use + by this container. If seccomp options + are provided at both the pod & container + level, the container options override + the pod options. Note that this field + cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: + localhostProfile indicates + a profile defined in a file on the + node should be used. The profile must + be preconfigured on the node to work. + Must be a descending path, relative + to the kubelet's configured seccomp + profile location. Must only be set + if type is "Localhost". + type: string + type: + description: + "type indicates which kind + of seccomp profile will be applied. + Valid options are: \n Localhost - + a profile defined in a file on the + node should be used. RuntimeDefault + - the container runtime default profile + should be used. Unconfined - no profile + should be applied." + type: string + required: + - type + type: object + windowsOptions: + description: + The Windows specific settings + applied to all containers. If unspecified, + the options from the PodSecurityContext + will be used. If set in both SecurityContext + and PodSecurityContext, the value specified + in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: + GMSACredentialSpec is where + the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName + field. + type: string + gmsaCredentialSpecName: + description: + GMSACredentialSpecName + is the name of the GMSA credential + spec to use. + type: string + hostProcess: + description: + HostProcess determines + if a container should be run as a + 'Host Process' container. This field + is alpha-level and will only be honored + by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without + the feature flag will result in errors + when validating the Pod. All of a + Pod's containers must have the same + effective HostProcess value (it is + not allowed to have a mix of HostProcess + containers and non-HostProcess containers). In + addition, if HostProcess is true then + HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: + The UserName in Windows + to run the entrypoint of the container + process. Defaults to the user specified + in image metadata if unspecified. + May also be set in PodSecurityContext. + If set in both SecurityContext and + PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: + "StartupProbe indicates that the + Pod has successfully initialized. If specified, + no other probes are executed until this completes + successfully. If this probe fails, the Pod + will be restarted, just as if the livenessProbe + failed. This can be used to provide different + probe parameters at the beginning of a Pod's + lifecycle, when it might take a long time + to load data or warm a cache, than during + steady-state operation. This cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + properties: + exec: + description: + Exec specifies the action to + take. + properties: + command: + description: + Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: type: string - port: - anyOf: + type: array + type: object + failureThreshold: + description: + Minimum consecutive failures + for the probe to be considered failed + after having succeeded. Defaults to 3. + Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving + a GRPC port. This is a beta field and + requires enabling GRPCContainerProbe feature + gate. + properties: + port: + description: + Port number of the gRPC + service. Number must be in the range + 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: + HTTPGet specifies the http + request to perform. + properties: + host: + description: + Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: + Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: + HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: + The header field + name + type: string + value: + description: + The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: + Path to access on the HTTP + server. + type: string + port: + anyOf: - type: integer - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: + description: + Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: - port - type: object - type: object - type: object - livenessProbe: - description: 'Periodic probe of container liveness. - Container will be restarted if the probe fails. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: Command is the command - line to execute inside the container, - the working directory for the command is - root ('/') in the container's filesystem. - The command is simply exec'd, it is - not run inside a shell, so traditional - shell instructions ('|', etc) won't - work. To use a shell, you need to - explicitly call out to that shell. - Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. - items: + type: object + initialDelaySeconds: + description: + "Number of seconds after the + container has started before liveness + probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes + for the probe to be considered successful + after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action + involving a TCP port. + properties: + host: + description: + "Optional: Host name to + connect to, defaults to the pod IP." type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. Defaults to 3. - Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. This is a beta field and - requires enabling GRPCContainerProbe feature - gate. + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. The grace period is + the duration in seconds after the processes + running in the pod are sent a termination + signal and the time when the processes + are forcibly halted with a kill signal. + Set this value longer than the expected + cleanup time for your process. If this + value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value + zero indicates stop immediately via the + kill signal (no opportunity to shut down). + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + stdin: + description: + Whether this container should allocate + a buffer for stdin in the container runtime. + If this is not set, reads from stdin in the + container will always result in EOF. Default + is false. + type: boolean + stdinOnce: + description: + Whether the container runtime should + close the stdin channel after it has been + opened by a single attach. When stdin is true + the stdin stream will remain open across multiple + attach sessions. If stdinOnce is set to true, + stdin is opened on container start, is empty + until the first client attaches to stdin, + and then remains open and accepts data until + the client disconnects, at which time stdin + is closed and remains closed until the container + is restarted. If this flag is false, a container + processes that reads from stdin will never + receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: + "Optional: Path at which the file + to which the container's termination message + will be written is mounted into the container's + filesystem. Message written is intended to + be brief final status, such as an assertion + failure message. Will be truncated by the + node if greater than 4096 bytes. The total + message length across all containers will + be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated." + type: string + terminationMessagePolicy: + description: + Indicate how the termination message + should be populated. File will use the contents + of terminationMessagePath to populate the + container status message on both success and + failure. FallbackToLogsOnError will use the + last chunk of container log output if the + termination message file is empty and the + container exited with an error. The log output + is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: + Whether this container should allocate + a TTY for itself, also requires 'stdin' to + be true. Default is false. + type: boolean + volumeDevices: + description: + volumeDevices is the list of block + devices to be used by the container. + items: + description: + volumeDevice describes a mapping + of a raw block device within a container. properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default - behavior is defined by gRPC." + devicePath: + description: + devicePath is the path inside + of the container that the device will + be mapped to. + type: string + name: + description: + name must match the name + of a persistentVolumeClaim in the pod type: string required: - - port + - devicePath + - name type: object - httpGet: - description: HTTPGet specifies the http - request to perform. + type: array + volumeMounts: + description: + Pod volumes to mount into the container's + filesystem. Cannot be updated. + items: + description: + VolumeMount describes a mounting + of a Volume within a container. properties: - host: - description: Host name to connect to, - defaults to the pod IP. You probably - want to set "Host" in httpHeaders - instead. + mountPath: + description: + Path within the container + at which the volume should be mounted. Must + not contain ':'. type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. + mountPropagation: + description: + mountPropagation determines + how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is + used. This field is beta in 1.10. type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + name: + description: + This must match the Name + of a Volume. + type: string + readOnly: + description: + Mounted read-only if true, + read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: + Path within the volume from + which the container's volume should + be mounted. Defaults to "" (volume's + root). + type: string + subPathExpr: + description: + Expanded path within the + volume from which the container's volume + should be mounted. Behaves similarly + to SubPath but environment variable + references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and + SubPath are mutually exclusive. type: string required: - - port + - mountPath + - name type: object - initialDelaySeconds: - description: 'Number of seconds after the - container has started before liveness - probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. Defaults to 1. Must - be 1 for liveness and startup. Minimum - value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. The grace period is - the duration in seconds after the processes - running in the pod are sent a termination - signal and the time when the processes - are forcibly halted with a kill signal. - Set this value longer than the expected - cleanup time for your process. If this - value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides - the value provided by the pod spec. Value - must be non-negative integer. The value - zero indicates stop immediately via the - kill signal (no opportunity to shut down). - This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. - Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - name: - description: Name of the container specified - as a DNS_LABEL. Each container in a pod must - have a unique name (DNS_LABEL). Cannot be - updated. - type: string - ports: - description: List of ports to expose from the - container. Exposing a port here gives the - system additional information about the network - connections a container uses, but is primarily - informational. Not specifying a port here - DOES NOT prevent that port from being exposed. - Any port which is listening on the default - "0.0.0.0" address inside a container will - be accessible from the network. Cannot be - updated. + type: array + workingDir: + description: + Container's working directory. + If not specified, the container runtime's + default will be used, which might be configured + in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + dnsConfig: + description: + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the + generated DNS configuration based on DNSPolicy. + properties: + nameservers: + description: + A list of DNS name server IP addresses. + This will be appended to the base nameservers + generated from DNSPolicy. Duplicated nameservers + will be removed. + items: + type: string + type: array + options: + description: + A list of DNS resolver options. This + will be merged with the base options generated + from DNSPolicy. Duplicated entries will be removed. + Resolution options given in Options will override + those that appear in the base DNSPolicy. items: - description: ContainerPort represents a network - port in a single container. + description: + PodDNSConfigOption defines DNS + resolver options of a pod. properties: - containerPort: - description: Number of port to expose - on the pod's IP address. This must be - a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the - external port to. - type: string - hostPort: - description: Number of port to expose - on the host. If specified, this must - be a valid port number, 0 < x < 65536. - If HostNetwork is specified, this must - match ContainerPort. Most containers - do not need this. - format: int32 - type: integer name: - description: If specified, this must be - an IANA_SVC_NAME and unique within the - pod. Each named port in a pod must have - a unique name. Name for the port that - can be referred to by services. + description: Required. type: string - protocol: - default: TCP - description: Protocol for port. Must be - UDP, TCP, or SCTP. Defaults to "TCP". + value: type: string - required: - - containerPort type: object type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service - readiness. Container will be removed from - service endpoints if the probe fails. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: Command is the command - line to execute inside the container, - the working directory for the command is - root ('/') in the container's filesystem. - The command is simply exec'd, it is - not run inside a shell, so traditional - shell instructions ('|', etc) won't - work. To use a shell, you need to - explicitly call out to that shell. - Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. Defaults to 3. - Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. This is a beta field and - requires enabling GRPCContainerProbe feature - gate. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default - behavior is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. You probably - want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the - container has started before liveness - probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. Defaults to 1. Must - be 1 for liveness and startup. Minimum - value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. The grace period is - the duration in seconds after the processes - running in the pod are sent a termination - signal and the time when the processes - are forcibly halted with a kill signal. - Set this value longer than the expected - cleanup time for your process. If this - value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides - the value provided by the pod spec. Value - must be non-negative integer. The value - zero indicates stop immediately via the - kill signal (no opportunity to shut down). - This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. - Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by - this container. Cannot be updated. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. - If Requests is omitted for a container, - it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - securityContext: - description: 'SecurityContext defines the security - options the container should be run with. - If set, the fields of SecurityContext override - the equivalent fields of PodSecurityContext. - More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls - whether a process can gain more privileges - than its parent process. This bool directly - controls if the no_new_privs flag will - be set on the container process. AllowPrivilegeEscalation - is true always when the container is: - 1) run as Privileged 2) has CAP_SYS_ADMIN - Note that this field cannot be set when - spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop - when running containers. Defaults to the - default set of capabilities granted by - the container runtime. Note that this - field cannot be set when spec.os.name - is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged - mode. Processes in privileged containers - are essentially equivalent to root on - the host. Defaults to false. Note that - this field cannot be set when spec.os.name - is windows. - type: boolean - procMount: - description: procMount denotes the type - of proc mount to use for the containers. - The default is DefaultProcMount which - uses the container runtime defaults for - readonly paths and masked paths. This - requires the ProcMountType feature flag - to be enabled. Note that this field cannot - be set when spec.os.name is windows. + searches: + description: + A list of DNS search domains for + host-name lookup. This will be appended to the + base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + type: object + dnsPolicy: + description: + Set DNS policy for the pod. Defaults + to "ClusterFirst". Valid values are 'ClusterFirstWithHostNet', + 'ClusterFirst', 'Default' or 'None'. DNS parameters + given in DNSConfig will be merged with the policy + selected with DNSPolicy. To have DNS options set + along with hostNetwork, you have to specify DNS + policy explicitly to 'ClusterFirstWithHostNet'. + type: string + enableServiceLinks: + description: + "EnableServiceLinks indicates whether + information about services should be injected into + pod's environment variables, matching the syntax + of Docker links. Optional: Defaults to true." + type: boolean + ephemeralContainers: + description: + List of ephemeral containers run in this + pod. Ephemeral containers may be run in an existing + pod to perform user-initiated actions such as debugging. + This list cannot be specified when creating a pod, + and it cannot be modified by updating the pod spec. + In order to add an ephemeral container to an existing + pod, use the pod's ephemeralcontainers subresource. + This field is beta-level and available on clusters + that haven't disabled the EphemeralContainers feature + gate. + items: + description: + "An EphemeralContainer is a temporary + container that you may add to an existing Pod + for user-initiated activities such as debugging. + Ephemeral containers have no resource or scheduling + guarantees, and they will not be restarted when + they exit or when a Pod is removed or restarted. + The kubelet may evict a Pod if an ephemeral container + causes the Pod to exceed its resource allocation. + \n To add an ephemeral container, use the ephemeralcontainers + subresource of an existing Pod. Ephemeral containers + may not be removed or restarted. \n This is a + beta feature available on clusters that haven't + disabled the EphemeralContainers feature gate." + properties: + args: + description: + 'Arguments to the entrypoint. The + image''s CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded + using the container''s environment. If a variable + cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, + regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: type: string - readOnlyRootFilesystem: - description: Whether this container has - a read-only root filesystem. Default is - false. Note that this field cannot be - set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint - of the container process. Uses runtime - default if unset. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext - takes precedence. Note that this field - cannot be set when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container - must run as a non-root user. If true, - the Kubelet will validate the image at - runtime to ensure that it does not run - as UID 0 (root) and fail to start the - container if it does. If unset or false, - no such validation will be performed. - May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext - takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint - of the container process. Defaults to - user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext - takes precedence. Note that this field - cannot be set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to the container. If unspecified, the - container runtime will allocate a random - SELinux context for each container. May - also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext - takes precedence. Note that this field - cannot be set when spec.os.name is windows. - properties: - level: - description: Level is SELinux level - label that applies to the container. - type: string - role: - description: Role is a SELinux role - label that applies to the container. - type: string - type: - description: Type is a SELinux type - label that applies to the container. - type: string - user: - description: User is a SELinux user - label that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use - by this container. If seccomp options - are provided at both the pod & container - level, the container options override - the pod options. Note that this field - cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the - node should be used. The profile must - be preconfigured on the node to work. - Must be a descending path, relative - to the kubelet's configured seccomp - profile location. Must only be set - if type is "Localhost". - type: string - type: - description: "type indicates which kind - of seccomp profile will be applied. - Valid options are: \n Localhost - - a profile defined in a file on the - node should be used. RuntimeDefault - - the container runtime default profile - should be used. Unconfined - no profile - should be applied." - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings - applied to all containers. If unspecified, - the options from the PodSecurityContext - will be used. If set in both SecurityContext - and PodSecurityContext, the value specified - in SecurityContext takes precedence. Note - that this field cannot be set when spec.os.name - is linux. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential - spec named by the GMSACredentialSpecName - field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName - is the name of the GMSA credential - spec to use. - type: string - hostProcess: - description: HostProcess determines - if a container should be run as a - 'Host Process' container. This field - is alpha-level and will only be honored - by components that enable the WindowsHostProcessContainers - feature flag. Setting this field without - the feature flag will result in errors - when validating the Pod. All of a - Pod's containers must have the same - effective HostProcess value (it is - not allowed to have a mix of HostProcess - containers and non-HostProcess containers). In - addition, if HostProcess is true then - HostNetwork must also be set to true. - type: boolean - runAsUserName: - description: The UserName in Windows - to run the entrypoint of the container - process. Defaults to the user specified - in image metadata if unspecified. - May also be set in PodSecurityContext. - If set in both SecurityContext and - PodSecurityContext, the value specified - in SecurityContext takes precedence. - type: string - type: object - type: object - startupProbe: - description: 'StartupProbe indicates that the - Pod has successfully initialized. If specified, - no other probes are executed until this completes - successfully. If this probe fails, the Pod - will be restarted, just as if the livenessProbe - failed. This can be used to provide different - probe parameters at the beginning of a Pod''s - lifecycle, when it might take a long time - to load data or warm a cache, than during - steady-state operation. This cannot be updated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: Command is the command - line to execute inside the container, - the working directory for the command is - root ('/') in the container's filesystem. - The command is simply exec'd, it is - not run inside a shell, so traditional - shell instructions ('|', etc) won't - work. To use a shell, you need to - explicitly call out to that shell. - Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. Defaults to 3. - Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. This is a beta field and - requires enabling GRPCContainerProbe feature - gate. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default - behavior is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. + type: array + command: + description: + 'Entrypoint array. Not executed + within a shell. The image''s ENTRYPOINT is + used if this is not provided. Variable references + $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, + the reference in the input string will be + unchanged. Double $$ are reduced to a single + $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the + string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: + List of environment variables to + set in the container. Cannot be updated. + items: + description: + EnvVar represents an environment + variable present in a Container. properties: - host: - description: Host name to connect to, - defaults to the pod IP. You probably - want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. + name: + description: + Name of the environment variable. + Must be a C_IDENTIFIER. type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + value: + description: + 'Variable references $(VAR_NAME) + are expanded using the previously defined + environment variables in the container + and any service environment variables. + If a variable cannot be resolved, the + reference in the input string will be + unchanged. Double $$ are reduced to + a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, + regardless of whether the variable exists + or not. Defaults to "".' type: string + valueFrom: + description: + Source for the environment + variable's value. Cannot be used if + value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?" + type: string + optional: + description: + Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + fieldRef: + description: + "Selects a field of the + pod: supports metadata.name, metadata.namespace, + `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: + Version of the schema + the FieldPath is written in + terms of, defaults to "v1". + type: string + fieldPath: + description: + Path of the field + to select in the specified API + version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: + "Selects a resource of + the container: only resources limits + and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported." + properties: + containerName: + description: + "Container name: + required for volumes, optional + for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: + "Required: resource + to select" + type: string + required: + - resource + type: object + secretKeyRef: + description: + Selects a key of a secret + in the pod's namespace + properties: + key: + description: + The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?" + type: string + optional: + description: + Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + type: object required: - - port + - name type: object - initialDelaySeconds: - description: 'Number of seconds after the - container has started before liveness - probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. Defaults to 1. Must - be 1 for liveness and startup. Minimum - value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. + type: array + envFrom: + description: + List of sources to populate environment + variables in the container. The keys defined + within a source must be a C_IDENTIFIER. All + invalid keys will be reported as an event + when the container is starting. When a key + exists in multiple sources, the value associated + with the last source will take precedence. + Values defined by an Env with a duplicate + key will take precedence. Cannot be updated. + items: + description: + EnvFromSource represents the + source of a set of ConfigMaps properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + optional: + description: + Specify whether the ConfigMap + must be defined + type: boolean + type: object + prefix: + description: + An optional identifier to + prepend to each key in the ConfigMap. + Must be a C_IDENTIFIER. type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port + secretRef: + description: The Secret to select from + properties: + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + optional: + description: + Specify whether the Secret + must be defined + type: boolean + type: object type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. The grace period is - the duration in seconds after the processes - running in the pod are sent a termination - signal and the time when the processes - are forcibly halted with a kill signal. - Set this value longer than the expected - cleanup time for your process. If this - value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides - the value provided by the pod spec. Value - must be non-negative integer. The value - zero indicates stop immediately via the - kill signal (no opportunity to shut down). - This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. - Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate - a buffer for stdin in the container runtime. - If this is not set, reads from stdin in the - container will always result in EOF. Default - is false. - type: boolean - stdinOnce: - description: Whether the container runtime should - close the stdin channel after it has been - opened by a single attach. When stdin is true - the stdin stream will remain open across multiple - attach sessions. If stdinOnce is set to true, - stdin is opened on container start, is empty - until the first client attaches to stdin, - and then remains open and accepts data until - the client disconnects, at which time stdin - is closed and remains closed until the container - is restarted. If this flag is false, a container - processes that reads from stdin will never - receive an EOF. Default is false - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file - to which the container''s termination message - will be written is mounted into the container''s - filesystem. Message written is intended to - be brief final status, such as an assertion - failure message. Will be truncated by the - node if greater than 4096 bytes. The total - message length across all containers will - be limited to 12kb. Defaults to /dev/termination-log. - Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message - should be populated. File will use the contents - of terminationMessagePath to populate the - container status message on both success and - failure. FallbackToLogsOnError will use the - last chunk of container log output if the - termination message file is empty and the - container exited with an error. The log output - is limited to 2048 bytes or 80 lines, whichever - is smaller. Defaults to File. Cannot be updated. - type: string - tty: - description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to - be true. Default is false. - type: boolean - volumeDevices: - description: volumeDevices is the list of block - devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path inside - of the container that the device will - be mapped to. - type: string - name: - description: name must match the name - of a persistentVolumeClaim in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's - filesystem. Cannot be updated. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container - at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines - how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is - used. This field is beta in 1.10. - type: string - name: - description: This must match the Name - of a Volume. - type: string - readOnly: - description: Mounted read-only if true, - read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - subPath: - description: Path within the volume from - which the container's volume should - be mounted. Defaults to "" (volume's - root). - type: string - subPathExpr: - description: Expanded path within the - volume from which the container's volume - should be mounted. Behaves similarly - to SubPath but environment variable - references $(VAR_NAME) are expanded - using the container's environment. Defaults - to "" (volume's root). SubPathExpr and - SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - If not specified, the container runtime's - default will be used, which might be configured - in the container image. Cannot be updated. - type: string - required: - - name - type: object - type: array - dnsConfig: - description: Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the - generated DNS configuration based on DNSPolicy. - properties: - nameservers: - description: A list of DNS name server IP addresses. - This will be appended to the base nameservers - generated from DNSPolicy. Duplicated nameservers - will be removed. - items: - type: string - type: array - options: - description: A list of DNS resolver options. This - will be merged with the base options generated - from DNSPolicy. Duplicated entries will be removed. - Resolution options given in Options will override - those that appear in the base DNSPolicy. - items: - description: PodDNSConfigOption defines DNS - resolver options of a pod. - properties: - name: - description: Required. - type: string - value: - type: string - type: object - type: array - searches: - description: A list of DNS search domains for - host-name lookup. This will be appended to the - base search paths generated from DNSPolicy. - Duplicated search paths will be removed. - items: - type: string - type: array - type: object - dnsPolicy: - description: Set DNS policy for the pod. Defaults - to "ClusterFirst". Valid values are 'ClusterFirstWithHostNet', - 'ClusterFirst', 'Default' or 'None'. DNS parameters - given in DNSConfig will be merged with the policy - selected with DNSPolicy. To have DNS options set - along with hostNetwork, you have to specify DNS - policy explicitly to 'ClusterFirstWithHostNet'. - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether - information about services should be injected into - pod''s environment variables, matching the syntax - of Docker links. Optional: Defaults to true.' - type: boolean - ephemeralContainers: - description: List of ephemeral containers run in this - pod. Ephemeral containers may be run in an existing - pod to perform user-initiated actions such as debugging. - This list cannot be specified when creating a pod, - and it cannot be modified by updating the pod spec. - In order to add an ephemeral container to an existing - pod, use the pod's ephemeralcontainers subresource. - This field is beta-level and available on clusters - that haven't disabled the EphemeralContainers feature - gate. - items: - description: "An EphemeralContainer is a temporary - container that you may add to an existing Pod - for user-initiated activities such as debugging. - Ephemeral containers have no resource or scheduling - guarantees, and they will not be restarted when - they exit or when a Pod is removed or restarted. - The kubelet may evict a Pod if an ephemeral container - causes the Pod to exceed its resource allocation. - \n To add an ephemeral container, use the ephemeralcontainers - subresource of an existing Pod. Ephemeral containers - may not be removed or restarted. \n This is a - beta feature available on clusters that haven't - disabled the EphemeralContainers feature gate." - properties: - args: - description: 'Arguments to the entrypoint. The - image''s CMD is used if this is not provided. - Variable references $(VAR_NAME) are expanded - using the container''s environment. If a variable - cannot be resolved, the reference in the input - string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the - $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, - regardless of whether the variable exists - or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: + type: array + image: + description: + "Container image name. More info: + https://kubernetes.io/docs/concepts/containers/images" type: string - type: array - command: - description: 'Entrypoint array. Not executed - within a shell. The image''s ENTRYPOINT is - used if this is not provided. Variable references - $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, - the reference in the input string will be - unchanged. Double $$ are reduced to a single - $, which allows for escaping the $(VAR_NAME) - syntax: i.e. "$$(VAR_NAME)" will produce the - string literal "$(VAR_NAME)". Escaped references - will never be expanded, regardless of whether - the variable exists or not. Cannot be updated. - More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: + imagePullPolicy: + description: + "Image pull policy. One of Always, + Never, IfNotPresent. Defaults to Always if + :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: string - type: array - env: - description: List of environment variables to - set in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. + lifecycle: + description: + Lifecycle is not allowed for ephemeral + containers. properties: - name: - description: Name of the environment variable. - Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in the container - and any service environment variables. - If a variable cannot be resolved, the - reference in the input string will be - unchanged. Double $$ are reduced to - a single $, which allows for escaping - the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, - regardless of whether the variable exists - or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment - variable's value. Cannot be used if - value is not empty. + postStart: + description: + "PostStart is called immediately + after a container is created. If the handler + fails, the container is terminated and + restarted according to its restart policy. + Other management of the container blocks + until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. + exec: + description: + Exec specifies the action + to take. + properties: + command: + description: + Command is the command + line to execute inside the container, + the working directory for the + command is root ('/') in the + container's filesystem. The command + is simply exec'd, it is not run + inside a shell, so traditional + shell instructions ('|', etc) + won't work. To use a shell, you + need to explicitly call out to + that shell. Exit status of 0 is + treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: + HTTPGet specifies the http + request to perform. properties: - key: - description: The key to select. + host: + description: + Host name to connect + to, defaults to the pod IP. You + probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set + in the request. HTTP allows repeated + headers. + items: + description: + HTTPHeader describes + a custom header to be used in + HTTP probes + properties: + name: + description: + The header field + name + type: string + value: + description: + The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: + Path to access on the + HTTP server. type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. - apiVersion, kind, uid?' + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting + to the host. Defaults to HTTP. type: string - optional: - description: Specify whether the - ConfigMap or its key must be - defined - type: boolean required: - - key + - port type: object - fieldRef: - description: 'Selects a field of the - pod: supports metadata.name, metadata.namespace, - `metadata.labels['''']`, `metadata.annotations['''']`, - spec.nodeName, spec.serviceAccountName, - status.hostIP, status.podIP, status.podIPs.' + tcpSocket: + description: + Deprecated. TCPSocket is + NOT supported as a LifecycleHandler + and kept for the backward compatibility. + There are no validation of this field + and lifecycle hooks will fail in runtime + when tcp handler is specified. properties: - apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field - to select in the specified API - version. + host: + description: + "Optional: Host name + to connect to, defaults to the + pod IP." type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - fieldPath + - port + type: object + type: object + preStop: + description: + "PreStop is called immediately + before a container is terminated due to + an API request or management event such + as liveness/startup probe failure, preemption, + resource contention, etc. The handler + is not called if the container crashes + or exits. The Pod's termination grace + period countdown begins before the PreStop + hook is executed. Regardless of the outcome + of the handler, the container will eventually + terminate within the Pod's termination + grace period (unless delayed by finalizers). + Other management of the container blocks + until the hook completes or until the + termination grace period is reached. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + properties: + exec: + description: + Exec specifies the action + to take. + properties: + command: + description: + Command is the command + line to execute inside the container, + the working directory for the + command is root ('/') in the + container's filesystem. The command + is simply exec'd, it is not run + inside a shell, so traditional + shell instructions ('|', etc) + won't work. To use a shell, you + need to explicitly call out to + that shell. Exit status of 0 is + treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array type: object - resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' + httpGet: + description: + HTTPGet specifies the http + request to perform. properties: - containerName: - description: 'Container name: - required for volumes, optional - for env vars' + host: + description: + Host name to connect + to, defaults to the pod IP. You + probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set + in the request. HTTP allows repeated + headers. + items: + description: + HTTPHeader describes + a custom header to be used in + HTTP probes + properties: + name: + description: + The header field + name + type: string + value: + description: + The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: + Path to access on the + HTTP server. type: string - divisor: + port: anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - type: integer + - type: string + description: + Name or number of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' + scheme: + description: + Scheme to use for connecting + to the host. Defaults to HTTP. type: string required: - - resource + - port type: object - secretKeyRef: - description: Selects a key of a secret - in the pod's namespace + tcpSocket: + description: + Deprecated. TCPSocket is + NOT supported as a LifecycleHandler + and kept for the backward compatibility. + There are no validation of this field + and lifecycle hooks will fail in runtime + when tcp handler is specified. properties: - key: - description: The key of the secret - to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. - apiVersion, kind, uid?' + host: + description: + "Optional: Host name + to connect to, defaults to the + pod IP." type: string - optional: - description: Specify whether the - Secret or its key must be defined - type: boolean + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - key + - port type: object type: object - required: - - name type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. The keys defined - within a source must be a C_IDENTIFIER. All - invalid keys will be reported as an event - when the container is starting. When a key - exists in multiple sources, the value associated - with the last source will take precedence. - Values defined by an Env with a duplicate - key will take precedence. Cannot be updated. - items: - description: EnvFromSource represents the - source of a set of ConfigMaps + livenessProbe: + description: + Probes are not allowed for ephemeral + containers. properties: - configMapRef: - description: The ConfigMap to select from + exec: + description: + Exec specifies the action to + take. properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap - must be defined - type: boolean + command: + description: + Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array type: object - prefix: - description: An optional identifier to - prepend to each key in the ConfigMap. - Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from + failureThreshold: + description: + Minimum consecutive failures + for the probe to be considered failed + after having succeeded. Defaults to 3. + Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving + a GRPC port. This is a beta field and + requires enabling GRPCContainerProbe feature + gate. properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + port: + description: + Port number of the gRPC + service. Number must be in the range + 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." type: string - optional: - description: Specify whether the Secret - must be defined - type: boolean + required: + - port type: object - type: object - type: array - image: - description: 'Container image name. More info: - https://kubernetes.io/docs/concepts/containers/images' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, - Never, IfNotPresent. Defaults to Always if - :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - lifecycle: - description: Lifecycle is not allowed for ephemeral - containers. - properties: - postStart: - description: 'PostStart is called immediately - after a container is created. If the handler - fails, the container is terminated and - restarted according to its restart policy. - Other management of the container blocks - until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: Command is the command - line to execute inside the container, - the working directory for the - command is root ('/') in the - container's filesystem. The command - is simply exec'd, it is not run - inside a shell, so traditional - shell instructions ('|', etc) - won't work. To use a shell, you - need to explicitly call out to - that shell. Exit status of 0 is - treated as live/healthy and non-zero - is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. You - probably want to set "Host" in - httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: + httpGet: + description: + HTTPGet specifies the http + request to perform. + properties: + host: + description: + Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: + Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: + HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: + The header field + name + type: string + value: + description: + The header field + value + type: string + required: - name - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: + type: object + type: array + path: + description: + Path to access on the HTTP + server. + type: string + port: + anyOf: - type: integer - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: + description: + Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is - NOT supported as a LifecycleHandler - and kept for the backward compatibility. - There are no validation of this field - and lifecycle hooks will fail in runtime - when tcp handler is specified. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: + type: object + initialDelaySeconds: + description: + "Number of seconds after the + container has started before liveness + probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes + for the probe to be considered successful + after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action + involving a TCP port. + properties: + host: + description: + "Optional: Host name to + connect to, defaults to the pod IP." + type: string + port: + anyOf: - type: integer - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: + description: + Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: - port - type: object - type: object - preStop: - description: 'PreStop is called immediately - before a container is terminated due to - an API request or management event such - as liveness/startup probe failure, preemption, - resource contention, etc. The handler - is not called if the container crashes - or exits. The Pod''s termination grace - period countdown begins before the PreStop - hook is executed. Regardless of the outcome - of the handler, the container will eventually - terminate within the Pod''s termination - grace period (unless delayed by finalizers). - Other management of the container blocks - until the hook completes or until the - termination grace period is reached. More - info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. The grace period is + the duration in seconds after the processes + running in the pod are sent a termination + signal and the time when the processes + are forcibly halted with a kill signal. + Set this value longer than the expected + cleanup time for your process. If this + value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value + zero indicates stop immediately via the + kill signal (no opportunity to shut down). + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + name: + description: + Name of the ephemeral container + specified as a DNS_LABEL. This name must be + unique among all containers, init containers + and ephemeral containers. + type: string + ports: + description: + Ports are not allowed for ephemeral + containers. + items: + description: + ContainerPort represents a network + port in a single container. properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: Command is the command - line to execute inside the container, - the working directory for the - command is root ('/') in the - container's filesystem. The command - is simply exec'd, it is not run - inside a shell, so traditional - shell instructions ('|', etc) - won't work. To use a shell, you - need to explicitly call out to - that shell. Exit status of 0 is - treated as live/healthy and non-zero - is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. You - probably want to set "Host" in - httpHeaders instead. + containerPort: + description: + Number of port to expose + on the pod's IP address. This must be + a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: + What host IP to bind the + external port to. + type: string + hostPort: + description: + Number of port to expose + on the host. If specified, this must + be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must + match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: + If specified, this must be + an IANA_SVC_NAME and unique within the + pod. Each named port in a pod must have + a unique name. Name for the port that + can be referred to by services. + type: string + protocol: + default: TCP + description: + Protocol for port. Must be + UDP, TCP, or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: + Probes are not allowed for ephemeral + containers. + properties: + exec: + description: + Exec specifies the action to + take. + properties: + command: + description: + Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: + type: array + type: object + failureThreshold: + description: + Minimum consecutive failures + for the probe to be considered failed + after having succeeded. Defaults to 3. + Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving + a GRPC port. This is a beta field and + requires enabling GRPCContainerProbe feature + gate. + properties: + port: + description: + Port number of the gRPC + service. Number must be in the range + 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: + HTTPGet specifies the http + request to perform. + properties: + host: + description: + Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: + Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: + HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: + The header field + name + type: string + value: + description: + The header field + value + type: string + required: - name - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: + type: object + type: array + path: + description: + Path to access on the HTTP + server. + type: string + port: + anyOf: - type: integer - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: + description: + Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is - NOT supported as a LifecycleHandler - and kept for the backward compatibility. - There are no validation of this field - and lifecycle hooks will fail in runtime - when tcp handler is specified. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: + type: object + initialDelaySeconds: + description: + "Number of seconds after the + container has started before liveness + probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes + for the probe to be considered successful + after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action + involving a TCP port. + properties: + host: + description: + "Optional: Host name to + connect to, defaults to the pod IP." + type: string + port: + anyOf: - type: integer - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: + description: + Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: - port - type: object - type: object - type: object - livenessProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: Command is the command - line to execute inside the container, - the working directory for the command is - root ('/') in the container's filesystem. - The command is simply exec'd, it is - not run inside a shell, so traditional - shell instructions ('|', etc) won't - work. To use a shell, you need to - explicitly call out to that shell. - Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. Defaults to 3. - Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. This is a beta field and - requires enabling GRPCContainerProbe feature - gate. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default - behavior is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. You probably - want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. The grace period is + the duration in seconds after the processes + running in the pod are sent a termination + signal and the time when the processes + are forcibly halted with a kill signal. + Set this value longer than the expected + cleanup time for your process. If this + value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value + zero indicates stop immediately via the + kill signal (no opportunity to shut down). + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + resources: + description: + Resources are not allowed for ephemeral + containers. Ephemeral containers use spare + resources already allocated to the pod. + properties: + limits: + additionalProperties: anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the - container has started before liveness - probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. Defaults to 1. Must - be 1 for liveness and startup. Minimum - value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: + description: + "Limits describes the maximum + amount of compute resources allowed. More + info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + requests: + additionalProperties: anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. The grace period is - the duration in seconds after the processes - running in the pod are sent a termination - signal and the time when the processes - are forcibly halted with a kill signal. - Set this value longer than the expected - cleanup time for your process. If this - value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides - the value provided by the pod spec. Value - must be non-negative integer. The value - zero indicates stop immediately via the - kill signal (no opportunity to shut down). - This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. - Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - name: - description: Name of the ephemeral container - specified as a DNS_LABEL. This name must be - unique among all containers, init containers - and ephemeral containers. - type: string - ports: - description: Ports are not allowed for ephemeral - containers. - items: - description: ContainerPort represents a network - port in a single container. + description: + "Requests describes the minimum + amount of compute resources required. + If Requests is omitted for a container, + it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + type: object + securityContext: + description: + "Optional: SecurityContext defines + the security options the ephemeral container + should be run with. If set, the fields of + SecurityContext override the equivalent fields + of PodSecurityContext." properties: - containerPort: - description: Number of port to expose - on the pod's IP address. This must be - a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the - external port to. + allowPrivilegeEscalation: + description: + "AllowPrivilegeEscalation controls + whether a process can gain more privileges + than its parent process. This bool directly + controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: + 1) run as Privileged 2) has CAP_SYS_ADMIN + Note that this field cannot be set when + spec.os.name is windows." + type: boolean + capabilities: + description: + The capabilities to add/drop + when running containers. Defaults to the + default set of capabilities granted by + the container runtime. Note that this + field cannot be set when spec.os.name + is windows. + properties: + add: + description: Added capabilities + items: + description: + Capability represent + POSIX capabilities type + type: string + type: array + drop: + description: Removed capabilities + items: + description: + Capability represent + POSIX capabilities type + type: string + type: array + type: object + privileged: + description: + Run container in privileged + mode. Processes in privileged containers + are essentially equivalent to root on + the host. Defaults to false. Note that + this field cannot be set when spec.os.name + is windows. + type: boolean + procMount: + description: + procMount denotes the type + of proc mount to use for the containers. + The default is DefaultProcMount which + uses the container runtime defaults for + readonly paths and masked paths. This + requires the ProcMountType feature flag + to be enabled. Note that this field cannot + be set when spec.os.name is windows. type: string - hostPort: - description: Number of port to expose - on the host. If specified, this must - be a valid port number, 0 < x < 65536. - If HostNetwork is specified, this must - match ContainerPort. Most containers - do not need this. - format: int32 + readOnlyRootFilesystem: + description: + Whether this container has + a read-only root filesystem. Default is + false. Note that this field cannot be + set when spec.os.name is windows. + type: boolean + runAsGroup: + description: + The GID to run the entrypoint + of the container process. Uses runtime + default if unset. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. Note that this field + cannot be set when spec.os.name is windows. + format: int64 type: integer - name: - description: If specified, this must be - an IANA_SVC_NAME and unique within the - pod. Each named port in a pod must have - a unique name. Name for the port that - can be referred to by services. - type: string - protocol: - default: TCP - description: Protocol for port. Must be - UDP, TCP, or SCTP. Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: Command is the command - line to execute inside the container, - the working directory for the command is - root ('/') in the container's filesystem. - The command is simply exec'd, it is - not run inside a shell, so traditional - shell instructions ('|', etc) won't - work. To use a shell, you need to - explicitly call out to that shell. - Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. - items: + runAsNonRoot: + description: + Indicates that the container + must run as a non-root user. If true, + the Kubelet will validate the image at + runtime to ensure that it does not run + as UID 0 (root) and fail to start the + container if it does. If unset or false, + no such validation will be performed. + May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. + type: boolean + runAsUser: + description: + The UID to run the entrypoint + of the container process. Defaults to + user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. Note that this field + cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: + The SELinux context to be applied + to the container. If unspecified, the + container runtime will allocate a random + SELinux context for each container. May + also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. Note that this field + cannot be set when spec.os.name is windows. + properties: + level: + description: + Level is SELinux level + label that applies to the container. type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. Defaults to 3. - Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. This is a beta field and - requires enabling GRPCContainerProbe feature - gate. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default - behavior is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. + role: + description: + Role is a SELinux role + label that applies to the container. + type: string + type: + description: + Type is a SELinux type + label that applies to the container. + type: string + user: + description: + User is a SELinux user + label that applies to the container. + type: string + type: object + seccompProfile: + description: + The seccomp options to use + by this container. If seccomp options + are provided at both the pod & container + level, the container options override + the pod options. Note that this field + cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: + localhostProfile indicates + a profile defined in a file on the + node should be used. The profile must + be preconfigured on the node to work. + Must be a descending path, relative + to the kubelet's configured seccomp + profile location. Must only be set + if type is "Localhost". + type: string + type: + description: + "type indicates which kind + of seccomp profile will be applied. + Valid options are: \n Localhost - + a profile defined in a file on the + node should be used. RuntimeDefault + - the container runtime default profile + should be used. Unconfined - no profile + should be applied." + type: string + required: + - type + type: object + windowsOptions: + description: + The Windows specific settings + applied to all containers. If unspecified, + the options from the PodSecurityContext + will be used. If set in both SecurityContext + and PodSecurityContext, the value specified + in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: + GMSACredentialSpec is where + the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName + field. + type: string + gmsaCredentialSpecName: + description: + GMSACredentialSpecName + is the name of the GMSA credential + spec to use. + type: string + hostProcess: + description: + HostProcess determines + if a container should be run as a + 'Host Process' container. This field + is alpha-level and will only be honored + by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without + the feature flag will result in errors + when validating the Pod. All of a + Pod's containers must have the same + effective HostProcess value (it is + not allowed to have a mix of HostProcess + containers and non-HostProcess containers). In + addition, if HostProcess is true then + HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: + The UserName in Windows + to run the entrypoint of the container + process. Defaults to the user specified + in image metadata if unspecified. + May also be set in PodSecurityContext. + If set in both SecurityContext and + PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: + Probes are not allowed for ephemeral + containers. + properties: + exec: + description: + Exec specifies the action to + take. + properties: + command: + description: + Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: + Minimum consecutive failures + for the probe to be considered failed + after having succeeded. Defaults to 3. + Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving + a GRPC port. This is a beta field and + requires enabling GRPCContainerProbe feature + gate. + properties: + port: + description: + Port number of the gRPC + service. Number must be in the range + 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: + HTTPGet specifies the http + request to perform. + properties: + host: + description: + Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: + Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: + HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: + The header field + name + type: string + value: + description: + The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: + Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: + "Number of seconds after the + container has started before liveness + probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes + for the probe to be considered successful + after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action + involving a TCP port. + properties: + host: + description: + "Optional: Host name to + connect to, defaults to the pod IP." + type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. The grace period is + the duration in seconds after the processes + running in the pod are sent a termination + signal and the time when the processes + are forcibly halted with a kill signal. + Set this value longer than the expected + cleanup time for your process. If this + value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value + zero indicates stop immediately via the + kill signal (no opportunity to shut down). + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + stdin: + description: + Whether this container should allocate + a buffer for stdin in the container runtime. + If this is not set, reads from stdin in the + container will always result in EOF. Default + is false. + type: boolean + stdinOnce: + description: + Whether the container runtime should + close the stdin channel after it has been + opened by a single attach. When stdin is true + the stdin stream will remain open across multiple + attach sessions. If stdinOnce is set to true, + stdin is opened on container start, is empty + until the first client attaches to stdin, + and then remains open and accepts data until + the client disconnects, at which time stdin + is closed and remains closed until the container + is restarted. If this flag is false, a container + processes that reads from stdin will never + receive an EOF. Default is false + type: boolean + targetContainerName: + description: + "If set, the name of the container + from PodSpec that this ephemeral container + targets. The ephemeral container will be run + in the namespaces (IPC, PID, etc) of this + container. If not set then the ephemeral container + uses the namespaces configured in the Pod + spec. \n The container runtime must implement + support for this feature. If the runtime does + not support namespace targeting then the result + of setting this field is undefined." + type: string + terminationMessagePath: + description: + "Optional: Path at which the file + to which the container's termination message + will be written is mounted into the container's + filesystem. Message written is intended to + be brief final status, such as an assertion + failure message. Will be truncated by the + node if greater than 4096 bytes. The total + message length across all containers will + be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated." + type: string + terminationMessagePolicy: + description: + Indicate how the termination message + should be populated. File will use the contents + of terminationMessagePath to populate the + container status message on both success and + failure. FallbackToLogsOnError will use the + last chunk of container log output if the + termination message file is empty and the + container exited with an error. The log output + is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: + Whether this container should allocate + a TTY for itself, also requires 'stdin' to + be true. Default is false. + type: boolean + volumeDevices: + description: + volumeDevices is the list of block + devices to be used by the container. + items: + description: + volumeDevice describes a mapping + of a raw block device within a container. properties: - host: - description: Host name to connect to, - defaults to the pod IP. You probably - want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + devicePath: + description: + devicePath is the path inside + of the container that the device will + be mapped to. type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the - container has started before liveness - probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. Defaults to 1. Must - be 1 for liveness and startup. Minimum - value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' + name: + description: + name must match the name + of a persistentVolumeClaim in the pod type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. The grace period is - the duration in seconds after the processes - running in the pod are sent a termination - signal and the time when the processes - are forcibly halted with a kill signal. - Set this value longer than the expected - cleanup time for your process. If this - value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides - the value provided by the pod spec. Value - must be non-negative integer. The value - zero indicates stop immediately via the - kill signal (no opportunity to shut down). - This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. - Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - resources: - description: Resources are not allowed for ephemeral - containers. Ephemeral containers use spare - resources already allocated to the pod. - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. - If Requests is omitted for a container, - it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + - devicePath + - name type: object - type: object - securityContext: - description: 'Optional: SecurityContext defines - the security options the ephemeral container - should be run with. If set, the fields of - SecurityContext override the equivalent fields - of PodSecurityContext.' - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls - whether a process can gain more privileges - than its parent process. This bool directly - controls if the no_new_privs flag will - be set on the container process. AllowPrivilegeEscalation - is true always when the container is: - 1) run as Privileged 2) has CAP_SYS_ADMIN - Note that this field cannot be set when - spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop - when running containers. Defaults to the - default set of capabilities granted by - the container runtime. Note that this - field cannot be set when spec.os.name - is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged - mode. Processes in privileged containers - are essentially equivalent to root on - the host. Defaults to false. Note that - this field cannot be set when spec.os.name - is windows. - type: boolean - procMount: - description: procMount denotes the type - of proc mount to use for the containers. - The default is DefaultProcMount which - uses the container runtime defaults for - readonly paths and masked paths. This - requires the ProcMountType feature flag - to be enabled. Note that this field cannot - be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: Whether this container has - a read-only root filesystem. Default is - false. Note that this field cannot be - set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint - of the container process. Uses runtime - default if unset. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext - takes precedence. Note that this field - cannot be set when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container - must run as a non-root user. If true, - the Kubelet will validate the image at - runtime to ensure that it does not run - as UID 0 (root) and fail to start the - container if it does. If unset or false, - no such validation will be performed. - May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext - takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint - of the container process. Defaults to - user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext - takes precedence. Note that this field - cannot be set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to the container. If unspecified, the - container runtime will allocate a random - SELinux context for each container. May - also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext - takes precedence. Note that this field - cannot be set when spec.os.name is windows. + type: array + volumeMounts: + description: + Pod volumes to mount into the container's + filesystem. Subpath mounts are not allowed + for ephemeral containers. Cannot be updated. + items: + description: + VolumeMount describes a mounting + of a Volume within a container. properties: - level: - description: Level is SELinux level - label that applies to the container. - type: string - role: - description: Role is a SELinux role - label that applies to the container. + mountPath: + description: + Path within the container + at which the volume should be mounted. Must + not contain ':'. type: string - type: - description: Type is a SELinux type - label that applies to the container. + mountPropagation: + description: + mountPropagation determines + how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is + used. This field is beta in 1.10. type: string - user: - description: User is a SELinux user - label that applies to the container. + name: + description: + This must match the Name + of a Volume. type: string - type: object - seccompProfile: - description: The seccomp options to use - by this container. If seccomp options - are provided at both the pod & container - level, the container options override - the pod options. Note that this field - cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the - node should be used. The profile must - be preconfigured on the node to work. - Must be a descending path, relative - to the kubelet's configured seccomp - profile location. Must only be set - if type is "Localhost". + readOnly: + description: + Mounted read-only if true, + read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: + Path within the volume from + which the container's volume should + be mounted. Defaults to "" (volume's + root). type: string - type: - description: "type indicates which kind - of seccomp profile will be applied. - Valid options are: \n Localhost - - a profile defined in a file on the - node should be used. RuntimeDefault - - the container runtime default profile - should be used. Unconfined - no profile - should be applied." + subPathExpr: + description: + Expanded path within the + volume from which the container's volume + should be mounted. Behaves similarly + to SubPath but environment variable + references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and + SubPath are mutually exclusive. type: string required: - - type + - mountPath + - name type: object - windowsOptions: - description: The Windows specific settings - applied to all containers. If unspecified, - the options from the PodSecurityContext - will be used. If set in both SecurityContext - and PodSecurityContext, the value specified - in SecurityContext takes precedence. Note - that this field cannot be set when spec.os.name - is linux. + type: array + workingDir: + description: + Container's working directory. + If not specified, the container runtime's + default will be used, which might be configured + in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + hostAliases: + description: + HostAliases is an optional list of hosts + and IPs that will be injected into the pod's hosts + file if specified. This is only valid for non-hostNetwork + pods. + items: + description: + HostAlias holds the mapping between + IP and hostnames that will be injected as an entry + in the pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + ip: + description: IP address of the host file entry. + type: string + type: object + type: array + hostIPC: + description: + "Use the host's ipc namespace. Optional: + Default to false." + type: boolean + hostNetwork: + description: + Host networking requested for this pod. + Use the host's network namespace. If this option + is set, the ports that will be used must be specified. + Default to false. + type: boolean + hostPID: + description: + "Use the host's pid namespace. Optional: + Default to false." + type: boolean + hostname: + description: + Specifies the hostname of the Pod If + not specified, the pod's hostname will be set to + a system-defined value. + type: string + imagePullSecrets: + description: + "ImagePullSecrets is an optional list + of references to secrets in the same namespace to + use for pulling any of the images used by this PodSpec. + If specified, these secrets will be passed to individual + puller implementations for them to use. More info: + https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod" + items: + description: + LocalObjectReference contains enough + information to let you locate the referenced object + inside the same namespace. + properties: + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + type: object + type: array + initContainers: + description: + "List of initialization containers belonging + to the pod. Init containers are executed in order + prior to containers being started. If any init container + fails, the pod is considered to have failed and + is handled according to its restartPolicy. The name + for an init container or normal container must be + unique among all containers. Init containers may + not have Lifecycle actions, Readiness probes, Liveness + probes, or Startup probes. The resourceRequirements + of an init container are taken into account during + scheduling by finding the highest request/limit + for each resource type, and then using the max of + of that value or the sum of the normal containers. + Limits are applied to init containers in a similar + fashion. Init containers cannot currently be added + or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/" + items: + description: + A single application container that + you want to run within a pod. + properties: + args: + description: + 'Arguments to the entrypoint. The + container image''s CMD is used if this is + not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. + If a variable cannot be resolved, the reference + in the input string will be unchanged. Double + $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: + 'Entrypoint array. Not executed + within a shell. The container image''s ENTRYPOINT + is used if this is not provided. Variable + references $(VAR_NAME) are expanded using + the container''s environment. If a variable + cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, + regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: + List of environment variables to + set in the container. Cannot be updated. + items: + description: + EnvVar represents an environment + variable present in a Container. properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential - spec named by the GMSACredentialSpecName - field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName - is the name of the GMSA credential - spec to use. - type: string - hostProcess: - description: HostProcess determines - if a container should be run as a - 'Host Process' container. This field - is alpha-level and will only be honored - by components that enable the WindowsHostProcessContainers - feature flag. Setting this field without - the feature flag will result in errors - when validating the Pod. All of a - Pod's containers must have the same - effective HostProcess value (it is - not allowed to have a mix of HostProcess - containers and non-HostProcess containers). In - addition, if HostProcess is true then - HostNetwork must also be set to true. - type: boolean - runAsUserName: - description: The UserName in Windows - to run the entrypoint of the container - process. Defaults to the user specified - in image metadata if unspecified. - May also be set in PodSecurityContext. - If set in both SecurityContext and - PodSecurityContext, the value specified - in SecurityContext takes precedence. + name: + description: + Name of the environment variable. + Must be a C_IDENTIFIER. type: string - type: object - type: object - startupProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: Command is the command - line to execute inside the container, - the working directory for the command is - root ('/') in the container's filesystem. - The command is simply exec'd, it is - not run inside a shell, so traditional - shell instructions ('|', etc) won't - work. To use a shell, you need to - explicitly call out to that shell. - Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. Defaults to 3. - Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. This is a beta field and - requires enabling GRPCContainerProbe feature - gate. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default - behavior is defined by gRPC." + value: + description: + 'Variable references $(VAR_NAME) + are expanded using the previously defined + environment variables in the container + and any service environment variables. + If a variable cannot be resolved, the + reference in the input string will be + unchanged. Double $$ are reduced to + a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, + regardless of whether the variable exists + or not. Defaults to "".' type: string + valueFrom: + description: + Source for the environment + variable's value. Cannot be used if + value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?" + type: string + optional: + description: + Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + fieldRef: + description: + "Selects a field of the + pod: supports metadata.name, metadata.namespace, + `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: + Version of the schema + the FieldPath is written in + terms of, defaults to "v1". + type: string + fieldPath: + description: + Path of the field + to select in the specified API + version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: + "Selects a resource of + the container: only resources limits + and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported." + properties: + containerName: + description: + "Container name: + required for volumes, optional + for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: + "Required: resource + to select" + type: string + required: + - resource + type: object + secretKeyRef: + description: + Selects a key of a secret + in the pod's namespace + properties: + key: + description: + The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?" + type: string + optional: + description: + Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + type: object required: - - port + - name type: object - httpGet: - description: HTTPGet specifies the http - request to perform. + type: array + envFrom: + description: + List of sources to populate environment + variables in the container. The keys defined + within a source must be a C_IDENTIFIER. All + invalid keys will be reported as an event + when the container is starting. When a key + exists in multiple sources, the value associated + with the last source will take precedence. + Values defined by an Env with a duplicate + key will take precedence. Cannot be updated. + items: + description: + EnvFromSource represents the + source of a set of ConfigMaps properties: - host: - description: Host name to connect to, - defaults to the pod IP. You probably - want to set "Host" in httpHeaders - instead. + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + optional: + description: + Specify whether the ConfigMap + must be defined + type: boolean + type: object + prefix: + description: + An optional identifier to + prepend to each key in the ConfigMap. + Must be a C_IDENTIFIER. type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes + secretRef: + description: The Secret to select from + properties: + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + optional: + description: + Specify whether the Secret + must be defined + type: boolean + type: object + type: object + type: array + image: + description: + "Container image name. More info: + https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level + config management to default or override container + images in workload controllers like Deployments + and StatefulSets." + type: string + imagePullPolicy: + description: + "Image pull policy. One of Always, + Never, IfNotPresent. Defaults to Always if + :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + type: string + lifecycle: + description: + Actions that the management system + should take in response to container lifecycle + events. Cannot be updated. + properties: + postStart: + description: + "PostStart is called immediately + after a container is created. If the handler + fails, the container is terminated and + restarted according to its restart policy. + Other management of the container blocks + until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + properties: + exec: + description: + Exec specifies the action + to take. + properties: + command: + description: + Command is the command + line to execute inside the container, + the working directory for the + command is root ('/') in the + container's filesystem. The command + is simply exec'd, it is not run + inside a shell, so traditional + shell instructions ('|', etc) + won't work. To use a shell, you + need to explicitly call out to + that shell. Exit status of 0 is + treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: + HTTPGet specifies the http + request to perform. properties: - name: - description: The header field - name + host: + description: + Host name to connect + to, defaults to the pod IP. You + probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set + in the request. HTTP allows repeated + headers. + items: + description: + HTTPHeader describes + a custom header to be used in + HTTP probes + properties: + name: + description: + The header field + name + type: string + value: + description: + The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: + Path to access on the + HTTP server. type: string - value: - description: The header field - value + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting + to the host. Defaults to HTTP. type: string required: - - name - - value + - port type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the - container has started before liveness - probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. Defaults to 1. Must - be 1 for liveness and startup. Minimum - value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. The grace period is - the duration in seconds after the processes - running in the pod are sent a termination - signal and the time when the processes - are forcibly halted with a kill signal. - Set this value longer than the expected - cleanup time for your process. If this - value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides - the value provided by the pod spec. Value - must be non-negative integer. The value - zero indicates stop immediately via the - kill signal (no opportunity to shut down). - This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. - Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate - a buffer for stdin in the container runtime. - If this is not set, reads from stdin in the - container will always result in EOF. Default - is false. - type: boolean - stdinOnce: - description: Whether the container runtime should - close the stdin channel after it has been - opened by a single attach. When stdin is true - the stdin stream will remain open across multiple - attach sessions. If stdinOnce is set to true, - stdin is opened on container start, is empty - until the first client attaches to stdin, - and then remains open and accepts data until - the client disconnects, at which time stdin - is closed and remains closed until the container - is restarted. If this flag is false, a container - processes that reads from stdin will never - receive an EOF. Default is false - type: boolean - targetContainerName: - description: "If set, the name of the container - from PodSpec that this ephemeral container - targets. The ephemeral container will be run - in the namespaces (IPC, PID, etc) of this - container. If not set then the ephemeral container - uses the namespaces configured in the Pod - spec. \n The container runtime must implement - support for this feature. If the runtime does - not support namespace targeting then the result - of setting this field is undefined." - type: string - terminationMessagePath: - description: 'Optional: Path at which the file - to which the container''s termination message - will be written is mounted into the container''s - filesystem. Message written is intended to - be brief final status, such as an assertion - failure message. Will be truncated by the - node if greater than 4096 bytes. The total - message length across all containers will - be limited to 12kb. Defaults to /dev/termination-log. - Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message - should be populated. File will use the contents - of terminationMessagePath to populate the - container status message on both success and - failure. FallbackToLogsOnError will use the - last chunk of container log output if the - termination message file is empty and the - container exited with an error. The log output - is limited to 2048 bytes or 80 lines, whichever - is smaller. Defaults to File. Cannot be updated. - type: string - tty: - description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to - be true. Default is false. - type: boolean - volumeDevices: - description: volumeDevices is the list of block - devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path inside - of the container that the device will - be mapped to. - type: string - name: - description: name must match the name - of a persistentVolumeClaim in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's - filesystem. Subpath mounts are not allowed - for ephemeral containers. Cannot be updated. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container - at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines - how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is - used. This field is beta in 1.10. - type: string - name: - description: This must match the Name - of a Volume. - type: string - readOnly: - description: Mounted read-only if true, - read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - subPath: - description: Path within the volume from - which the container's volume should - be mounted. Defaults to "" (volume's - root). - type: string - subPathExpr: - description: Expanded path within the - volume from which the container's volume - should be mounted. Behaves similarly - to SubPath but environment variable - references $(VAR_NAME) are expanded - using the container's environment. Defaults - to "" (volume's root). SubPathExpr and - SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - If not specified, the container runtime's - default will be used, which might be configured - in the container image. Cannot be updated. - type: string - required: - - name - type: object - type: array - hostAliases: - description: HostAliases is an optional list of hosts - and IPs that will be injected into the pod's hosts - file if specified. This is only valid for non-hostNetwork - pods. - items: - description: HostAlias holds the mapping between - IP and hostnames that will be injected as an entry - in the pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - ip: - description: IP address of the host file entry. - type: string - type: object - type: array - hostIPC: - description: 'Use the host''s ipc namespace. Optional: - Default to false.' - type: boolean - hostNetwork: - description: Host networking requested for this pod. - Use the host's network namespace. If this option - is set, the ports that will be used must be specified. - Default to false. - type: boolean - hostPID: - description: 'Use the host''s pid namespace. Optional: - Default to false.' - type: boolean - hostname: - description: Specifies the hostname of the Pod If - not specified, the pod's hostname will be set to - a system-defined value. - type: string - imagePullSecrets: - description: 'ImagePullSecrets is an optional list - of references to secrets in the same namespace to - use for pulling any of the images used by this PodSpec. - If specified, these secrets will be passed to individual - puller implementations for them to use. More info: - https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - items: - description: LocalObjectReference contains enough - information to let you locate the referenced object - inside the same namespace. - properties: - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - type: object - type: array - initContainers: - description: 'List of initialization containers belonging - to the pod. Init containers are executed in order - prior to containers being started. If any init container - fails, the pod is considered to have failed and - is handled according to its restartPolicy. The name - for an init container or normal container must be - unique among all containers. Init containers may - not have Lifecycle actions, Readiness probes, Liveness - probes, or Startup probes. The resourceRequirements - of an init container are taken into account during - scheduling by finding the highest request/limit - for each resource type, and then using the max of - of that value or the sum of the normal containers. - Limits are applied to init containers in a similar - fashion. Init containers cannot currently be added - or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - items: - description: A single application container that - you want to run within a pod. - properties: - args: - description: 'Arguments to the entrypoint. The - container image''s CMD is used if this is - not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. - If a variable cannot be resolved, the reference - in the input string will be unchanged. Double - $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal - "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable - exists or not. Cannot be updated. More info: - https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: - type: string - type: array - command: - description: 'Entrypoint array. Not executed - within a shell. The container image''s ENTRYPOINT - is used if this is not provided. Variable - references $(VAR_NAME) are expanded using - the container''s environment. If a variable - cannot be resolved, the reference in the input - string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the - $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, - regardless of whether the variable exists - or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: - type: string - type: array - env: - description: List of environment variables to - set in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment variable. - Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in the container - and any service environment variables. - If a variable cannot be resolved, the - reference in the input string will be - unchanged. Double $$ are reduced to - a single $, which allows for escaping - the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, - regardless of whether the variable exists - or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment - variable's value. Cannot be used if - value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. + tcpSocket: + description: + Deprecated. TCPSocket is + NOT supported as a LifecycleHandler + and kept for the backward compatibility. + There are no validation of this field + and lifecycle hooks will fail in runtime + when tcp handler is specified. properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. - apiVersion, kind, uid?' + host: + description: + "Optional: Host name + to connect to, defaults to the + pod IP." type: string - optional: - description: Specify whether the - ConfigMap or its key must be - defined - type: boolean + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - key + - port type: object - fieldRef: - description: 'Selects a field of the - pod: supports metadata.name, metadata.namespace, - `metadata.labels['''']`, `metadata.annotations['''']`, - spec.nodeName, spec.serviceAccountName, - status.hostIP, status.podIP, status.podIPs.' + type: object + preStop: + description: + "PreStop is called immediately + before a container is terminated due to + an API request or management event such + as liveness/startup probe failure, preemption, + resource contention, etc. The handler + is not called if the container crashes + or exits. The Pod's termination grace + period countdown begins before the PreStop + hook is executed. Regardless of the outcome + of the handler, the container will eventually + terminate within the Pod's termination + grace period (unless delayed by finalizers). + Other management of the container blocks + until the hook completes or until the + termination grace period is reached. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + properties: + exec: + description: + Exec specifies the action + to take. properties: - apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field - to select in the specified API - version. - type: string - required: - - fieldPath + command: + description: + Command is the command + line to execute inside the container, + the working directory for the + command is root ('/') in the + container's filesystem. The command + is simply exec'd, it is not run + inside a shell, so traditional + shell instructions ('|', etc) + won't work. To use a shell, you + need to explicitly call out to + that shell. Exit status of 0 is + treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array type: object - resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' + httpGet: + description: + HTTPGet specifies the http + request to perform. properties: - containerName: - description: 'Container name: - required for volumes, optional - for env vars' + host: + description: + Host name to connect + to, defaults to the pod IP. You + probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set + in the request. HTTP allows repeated + headers. + items: + description: + HTTPHeader describes + a custom header to be used in + HTTP probes + properties: + name: + description: + The header field + name + type: string + value: + description: + The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: + Path to access on the + HTTP server. type: string - divisor: + port: anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - type: integer + - type: string + description: + Name or number of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' + scheme: + description: + Scheme to use for connecting + to the host. Defaults to HTTP. type: string required: - - resource + - port type: object - secretKeyRef: - description: Selects a key of a secret - in the pod's namespace + tcpSocket: + description: + Deprecated. TCPSocket is + NOT supported as a LifecycleHandler + and kept for the backward compatibility. + There are no validation of this field + and lifecycle hooks will fail in runtime + when tcp handler is specified. properties: - key: - description: The key of the secret - to select from. Must be a valid - secret key. + host: + description: + "Optional: Host name + to connect to, defaults to the + pod IP." type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. - apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the - Secret or its key must be defined - type: boolean + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - key + - port type: object type: object - required: - - name type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. The keys defined - within a source must be a C_IDENTIFIER. All - invalid keys will be reported as an event - when the container is starting. When a key - exists in multiple sources, the value associated - with the last source will take precedence. - Values defined by an Env with a duplicate - key will take precedence. Cannot be updated. - items: - description: EnvFromSource represents the - source of a set of ConfigMaps + livenessProbe: + description: + "Periodic probe of container liveness. + Container will be restarted if the probe fails. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: - configMapRef: - description: The ConfigMap to select from + exec: + description: + Exec specifies the action to + take. properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap - must be defined - type: boolean + command: + description: + Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array type: object - prefix: - description: An optional identifier to - prepend to each key in the ConfigMap. - Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from + failureThreshold: + description: + Minimum consecutive failures + for the probe to be considered failed + after having succeeded. Defaults to 3. + Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving + a GRPC port. This is a beta field and + requires enabling GRPCContainerProbe feature + gate. properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + port: + description: + Port number of the gRPC + service. Number must be in the range + 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." type: string - optional: - description: Specify whether the Secret - must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Container image name. More info: - https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level - config management to default or override container - images in workload controllers like Deployments - and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, - Never, IfNotPresent. Defaults to Always if - :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - lifecycle: - description: Actions that the management system - should take in response to container lifecycle - events. Cannot be updated. - properties: - postStart: - description: 'PostStart is called immediately - after a container is created. If the handler - fails, the container is terminated and - restarted according to its restart policy. - Other management of the container blocks - until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: Command is the command - line to execute inside the container, - the working directory for the - command is root ('/') in the - container's filesystem. The command - is simply exec'd, it is not run - inside a shell, so traditional - shell instructions ('|', etc) - won't work. To use a shell, you - need to explicitly call out to - that shell. Exit status of 0 is - treated as live/healthy and non-zero - is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. You - probably want to set "Host" in - httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is - NOT supported as a LifecycleHandler - and kept for the backward compatibility. - There are no validation of this field - and lifecycle hooks will fail in runtime - when tcp handler is specified. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: + required: - port - type: object - type: object - preStop: - description: 'PreStop is called immediately - before a container is terminated due to - an API request or management event such - as liveness/startup probe failure, preemption, - resource contention, etc. The handler - is not called if the container crashes - or exits. The Pod''s termination grace - period countdown begins before the PreStop - hook is executed. Regardless of the outcome - of the handler, the container will eventually - terminate within the Pod''s termination - grace period (unless delayed by finalizers). - Other management of the container blocks - until the hook completes or until the - termination grace period is reached. More - info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: Command is the command - line to execute inside the container, - the working directory for the - command is root ('/') in the - container's filesystem. The command - is simply exec'd, it is not run - inside a shell, so traditional - shell instructions ('|', etc) - won't work. To use a shell, you - need to explicitly call out to - that shell. Exit status of 0 is - treated as live/healthy and non-zero - is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. You - probably want to set "Host" in - httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: + type: object + httpGet: + description: + HTTPGet specifies the http + request to perform. + properties: + host: + description: + Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: + Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: + HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: + The header field + name + type: string + value: + description: + The header field + value + type: string + required: - name - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: + type: object + type: array + path: + description: + Path to access on the HTTP + server. + type: string + port: + anyOf: - type: integer - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: + description: + Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is - NOT supported as a LifecycleHandler - and kept for the backward compatibility. - There are no validation of this field - and lifecycle hooks will fail in runtime - when tcp handler is specified. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: + type: object + initialDelaySeconds: + description: + "Number of seconds after the + container has started before liveness + probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes + for the probe to be considered successful + after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action + involving a TCP port. + properties: + host: + description: + "Optional: Host name to + connect to, defaults to the pod IP." + type: string + port: + anyOf: - type: integer - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: + description: + Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: - port - type: object - type: object - type: object - livenessProbe: - description: 'Periodic probe of container liveness. - Container will be restarted if the probe fails. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: Command is the command - line to execute inside the container, - the working directory for the command is - root ('/') in the container's filesystem. - The command is simply exec'd, it is - not run inside a shell, so traditional - shell instructions ('|', etc) won't - work. To use a shell, you need to - explicitly call out to that shell. - Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. Defaults to 3. - Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. This is a beta field and - requires enabling GRPCContainerProbe feature - gate. + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. The grace period is + the duration in seconds after the processes + running in the pod are sent a termination + signal and the time when the processes + are forcibly halted with a kill signal. + Set this value longer than the expected + cleanup time for your process. If this + value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value + zero indicates stop immediately via the + kill signal (no opportunity to shut down). + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + name: + description: + Name of the container specified + as a DNS_LABEL. Each container in a pod must + have a unique name (DNS_LABEL). Cannot be + updated. + type: string + ports: + description: + List of ports to expose from the + container. Exposing a port here gives the + system additional information about the network + connections a container uses, but is primarily + informational. Not specifying a port here + DOES NOT prevent that port from being exposed. + Any port which is listening on the default + "0.0.0.0" address inside a container will + be accessible from the network. Cannot be + updated. + items: + description: + ContainerPort represents a network + port in a single container. properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. + containerPort: + description: + Number of port to expose + on the pod's IP address. This must be + a valid port number, 0 < x < 65536. format: int32 type: integer - service: - description: "Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default - behavior is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. You probably - want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. + hostIP: + description: + What host IP to bind the + external port to. type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + hostPort: + description: + Number of port to expose + on the host. If specified, this must + be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must + match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: + If specified, this must be + an IANA_SVC_NAME and unique within the + pod. Each named port in a pod must have + a unique name. Name for the port that + can be referred to by services. type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the - container has started before liveness - probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. Defaults to 1. Must - be 1 for liveness and startup. Minimum - value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' + protocol: + default: TCP + description: + Protocol for port. Must be + UDP, TCP, or SCTP. Defaults to "TCP". type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true required: - - port + - containerPort type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. The grace period is - the duration in seconds after the processes - running in the pod are sent a termination - signal and the time when the processes - are forcibly halted with a kill signal. - Set this value longer than the expected - cleanup time for your process. If this - value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides - the value provided by the pod spec. Value - must be non-negative integer. The value - zero indicates stop immediately via the - kill signal (no opportunity to shut down). - This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. - Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - name: - description: Name of the container specified - as a DNS_LABEL. Each container in a pod must - have a unique name (DNS_LABEL). Cannot be - updated. - type: string - ports: - description: List of ports to expose from the - container. Exposing a port here gives the - system additional information about the network - connections a container uses, but is primarily - informational. Not specifying a port here - DOES NOT prevent that port from being exposed. - Any port which is listening on the default - "0.0.0.0" address inside a container will - be accessible from the network. Cannot be - updated. - items: - description: ContainerPort represents a network - port in a single container. + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: + "Periodic probe of container service + readiness. Container will be removed from + service endpoints if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: - containerPort: - description: Number of port to expose - on the pod's IP address. This must be - a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the - external port to. - type: string - hostPort: - description: Number of port to expose - on the host. If specified, this must - be a valid port number, 0 < x < 65536. - If HostNetwork is specified, this must - match ContainerPort. Most containers - do not need this. + exec: + description: + Exec specifies the action to + take. + properties: + command: + description: + Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: + Minimum consecutive failures + for the probe to be considered failed + after having succeeded. Defaults to 3. + Minimum value is 1. format: int32 type: integer - name: - description: If specified, this must be - an IANA_SVC_NAME and unique within the - pod. Each named port in a pod must have - a unique name. Name for the port that - can be referred to by services. - type: string - protocol: - default: TCP - description: Protocol for port. Must be - UDP, TCP, or SCTP. Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service - readiness. Container will be removed from - service endpoints if the probe fails. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: Command is the command - line to execute inside the container, - the working directory for the command is - root ('/') in the container's filesystem. - The command is simply exec'd, it is - not run inside a shell, so traditional - shell instructions ('|', etc) won't - work. To use a shell, you need to - explicitly call out to that shell. - Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. Defaults to 3. - Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. This is a beta field and - requires enabling GRPCContainerProbe feature - gate. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default - behavior is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. You probably - want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: + grpc: + description: + GRPC specifies an action involving + a GRPC port. This is a beta field and + requires enabling GRPCContainerProbe feature + gate. + properties: + port: + description: + Port number of the gRPC + service. Number must be in the range + 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: + HTTPGet specifies the http + request to perform. + properties: + host: + description: + Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: + Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: + HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: + The header field + name + type: string + value: + description: + The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: + Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: + "Number of seconds after the + container has started before liveness + probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes + for the probe to be considered successful + after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action + involving a TCP port. + properties: + host: + description: + "Optional: Host name to + connect to, defaults to the pod IP." + type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. The grace period is + the duration in seconds after the processes + running in the pod are sent a termination + signal and the time when the processes + are forcibly halted with a kill signal. + Set this value longer than the expected + cleanup time for your process. If this + value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value + zero indicates stop immediately via the + kill signal (no opportunity to shut down). + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + resources: + description: + "Compute Resources required by + this container. Cannot be updated. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + properties: + limits: + additionalProperties: anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the - container has started before liveness - probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. Defaults to 1. Must - be 1 for liveness and startup. Minimum - value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: + description: + "Limits describes the maximum + amount of compute resources allowed. More + info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + requests: + additionalProperties: anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. The grace period is - the duration in seconds after the processes - running in the pod are sent a termination - signal and the time when the processes - are forcibly halted with a kill signal. - Set this value longer than the expected - cleanup time for your process. If this - value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides - the value provided by the pod spec. Value - must be non-negative integer. The value - zero indicates stop immediately via the - kill signal (no opportunity to shut down). - This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. - Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by - this container. Cannot be updated. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. - If Requests is omitted for a container, - it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - securityContext: - description: 'SecurityContext defines the security - options the container should be run with. - If set, the fields of SecurityContext override - the equivalent fields of PodSecurityContext. - More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls - whether a process can gain more privileges - than its parent process. This bool directly - controls if the no_new_privs flag will - be set on the container process. AllowPrivilegeEscalation - is true always when the container is: - 1) run as Privileged 2) has CAP_SYS_ADMIN - Note that this field cannot be set when - spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop - when running containers. Defaults to the - default set of capabilities granted by - the container runtime. Note that this - field cannot be set when spec.os.name - is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent - POSIX capabilities type + description: + "Requests describes the minimum + amount of compute resources required. + If Requests is omitted for a container, + it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + type: object + securityContext: + description: + "SecurityContext defines the security + options the container should be run with. + If set, the fields of SecurityContext override + the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + properties: + allowPrivilegeEscalation: + description: + "AllowPrivilegeEscalation controls + whether a process can gain more privileges + than its parent process. This bool directly + controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: + 1) run as Privileged 2) has CAP_SYS_ADMIN + Note that this field cannot be set when + spec.os.name is windows." + type: boolean + capabilities: + description: + The capabilities to add/drop + when running containers. Defaults to the + default set of capabilities granted by + the container runtime. Note that this + field cannot be set when spec.os.name + is windows. + properties: + add: + description: Added capabilities + items: + description: + Capability represent + POSIX capabilities type + type: string + type: array + drop: + description: Removed capabilities + items: + description: + Capability represent + POSIX capabilities type + type: string + type: array + type: object + privileged: + description: + Run container in privileged + mode. Processes in privileged containers + are essentially equivalent to root on + the host. Defaults to false. Note that + this field cannot be set when spec.os.name + is windows. + type: boolean + procMount: + description: + procMount denotes the type + of proc mount to use for the containers. + The default is DefaultProcMount which + uses the container runtime defaults for + readonly paths and masked paths. This + requires the ProcMountType feature flag + to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: + Whether this container has + a read-only root filesystem. Default is + false. Note that this field cannot be + set when spec.os.name is windows. + type: boolean + runAsGroup: + description: + The GID to run the entrypoint + of the container process. Uses runtime + default if unset. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. Note that this field + cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: + Indicates that the container + must run as a non-root user. If true, + the Kubelet will validate the image at + runtime to ensure that it does not run + as UID 0 (root) and fail to start the + container if it does. If unset or false, + no such validation will be performed. + May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. + type: boolean + runAsUser: + description: + The UID to run the entrypoint + of the container process. Defaults to + user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. Note that this field + cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: + The SELinux context to be applied + to the container. If unspecified, the + container runtime will allocate a random + SELinux context for each container. May + also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. Note that this field + cannot be set when spec.os.name is windows. + properties: + level: + description: + Level is SELinux level + label that applies to the container. type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent - POSIX capabilities type + role: + description: + Role is a SELinux role + label that applies to the container. type: string - type: array - type: object - privileged: - description: Run container in privileged - mode. Processes in privileged containers - are essentially equivalent to root on - the host. Defaults to false. Note that - this field cannot be set when spec.os.name - is windows. - type: boolean - procMount: - description: procMount denotes the type - of proc mount to use for the containers. - The default is DefaultProcMount which - uses the container runtime defaults for - readonly paths and masked paths. This - requires the ProcMountType feature flag - to be enabled. Note that this field cannot - be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: Whether this container has - a read-only root filesystem. Default is - false. Note that this field cannot be - set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint - of the container process. Uses runtime - default if unset. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext - takes precedence. Note that this field - cannot be set when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container - must run as a non-root user. If true, - the Kubelet will validate the image at - runtime to ensure that it does not run - as UID 0 (root) and fail to start the - container if it does. If unset or false, - no such validation will be performed. - May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext - takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint - of the container process. Defaults to - user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext - takes precedence. Note that this field - cannot be set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to the container. If unspecified, the - container runtime will allocate a random - SELinux context for each container. May - also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext - takes precedence. Note that this field - cannot be set when spec.os.name is windows. - properties: - level: - description: Level is SELinux level - label that applies to the container. - type: string - role: - description: Role is a SELinux role - label that applies to the container. - type: string - type: - description: Type is a SELinux type - label that applies to the container. - type: string - user: - description: User is a SELinux user - label that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use - by this container. If seccomp options - are provided at both the pod & container - level, the container options override - the pod options. Note that this field - cannot be set when spec.os.name is windows. + type: + description: + Type is a SELinux type + label that applies to the container. + type: string + user: + description: + User is a SELinux user + label that applies to the container. + type: string + type: object + seccompProfile: + description: + The seccomp options to use + by this container. If seccomp options + are provided at both the pod & container + level, the container options override + the pod options. Note that this field + cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: + localhostProfile indicates + a profile defined in a file on the + node should be used. The profile must + be preconfigured on the node to work. + Must be a descending path, relative + to the kubelet's configured seccomp + profile location. Must only be set + if type is "Localhost". + type: string + type: + description: + "type indicates which kind + of seccomp profile will be applied. + Valid options are: \n Localhost - + a profile defined in a file on the + node should be used. RuntimeDefault + - the container runtime default profile + should be used. Unconfined - no profile + should be applied." + type: string + required: + - type + type: object + windowsOptions: + description: + The Windows specific settings + applied to all containers. If unspecified, + the options from the PodSecurityContext + will be used. If set in both SecurityContext + and PodSecurityContext, the value specified + in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: + GMSACredentialSpec is where + the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName + field. + type: string + gmsaCredentialSpecName: + description: + GMSACredentialSpecName + is the name of the GMSA credential + spec to use. + type: string + hostProcess: + description: + HostProcess determines + if a container should be run as a + 'Host Process' container. This field + is alpha-level and will only be honored + by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without + the feature flag will result in errors + when validating the Pod. All of a + Pod's containers must have the same + effective HostProcess value (it is + not allowed to have a mix of HostProcess + containers and non-HostProcess containers). In + addition, if HostProcess is true then + HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: + The UserName in Windows + to run the entrypoint of the container + process. Defaults to the user specified + in image metadata if unspecified. + May also be set in PodSecurityContext. + If set in both SecurityContext and + PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: + "StartupProbe indicates that the + Pod has successfully initialized. If specified, + no other probes are executed until this completes + successfully. If this probe fails, the Pod + will be restarted, just as if the livenessProbe + failed. This can be used to provide different + probe parameters at the beginning of a Pod's + lifecycle, when it might take a long time + to load data or warm a cache, than during + steady-state operation. This cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + properties: + exec: + description: + Exec specifies the action to + take. + properties: + command: + description: + Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: + Minimum consecutive failures + for the probe to be considered failed + after having succeeded. Defaults to 3. + Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving + a GRPC port. This is a beta field and + requires enabling GRPCContainerProbe feature + gate. + properties: + port: + description: + Port number of the gRPC + service. Number must be in the range + 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: + HTTPGet specifies the http + request to perform. + properties: + host: + description: + Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: + Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: + HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: + The header field + name + type: string + value: + description: + The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: + Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: + "Number of seconds after the + container has started before liveness + probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes + for the probe to be considered successful + after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action + involving a TCP port. + properties: + host: + description: + "Optional: Host name to + connect to, defaults to the pod IP." + type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. The grace period is + the duration in seconds after the processes + running in the pod are sent a termination + signal and the time when the processes + are forcibly halted with a kill signal. + Set this value longer than the expected + cleanup time for your process. If this + value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value + zero indicates stop immediately via the + kill signal (no opportunity to shut down). + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + stdin: + description: + Whether this container should allocate + a buffer for stdin in the container runtime. + If this is not set, reads from stdin in the + container will always result in EOF. Default + is false. + type: boolean + stdinOnce: + description: + Whether the container runtime should + close the stdin channel after it has been + opened by a single attach. When stdin is true + the stdin stream will remain open across multiple + attach sessions. If stdinOnce is set to true, + stdin is opened on container start, is empty + until the first client attaches to stdin, + and then remains open and accepts data until + the client disconnects, at which time stdin + is closed and remains closed until the container + is restarted. If this flag is false, a container + processes that reads from stdin will never + receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: + "Optional: Path at which the file + to which the container's termination message + will be written is mounted into the container's + filesystem. Message written is intended to + be brief final status, such as an assertion + failure message. Will be truncated by the + node if greater than 4096 bytes. The total + message length across all containers will + be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated." + type: string + terminationMessagePolicy: + description: + Indicate how the termination message + should be populated. File will use the contents + of terminationMessagePath to populate the + container status message on both success and + failure. FallbackToLogsOnError will use the + last chunk of container log output if the + termination message file is empty and the + container exited with an error. The log output + is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: + Whether this container should allocate + a TTY for itself, also requires 'stdin' to + be true. Default is false. + type: boolean + volumeDevices: + description: + volumeDevices is the list of block + devices to be used by the container. + items: + description: + volumeDevice describes a mapping + of a raw block device within a container. properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the - node should be used. The profile must - be preconfigured on the node to work. - Must be a descending path, relative - to the kubelet's configured seccomp - profile location. Must only be set - if type is "Localhost". + devicePath: + description: + devicePath is the path inside + of the container that the device will + be mapped to. type: string - type: - description: "type indicates which kind - of seccomp profile will be applied. - Valid options are: \n Localhost - - a profile defined in a file on the - node should be used. RuntimeDefault - - the container runtime default profile - should be used. Unconfined - no profile - should be applied." + name: + description: + name must match the name + of a persistentVolumeClaim in the pod type: string required: - - type - type: object - windowsOptions: - description: The Windows specific settings - applied to all containers. If unspecified, - the options from the PodSecurityContext - will be used. If set in both SecurityContext - and PodSecurityContext, the value specified - in SecurityContext takes precedence. Note - that this field cannot be set when spec.os.name - is linux. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential - spec named by the GMSACredentialSpecName - field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName - is the name of the GMSA credential - spec to use. - type: string - hostProcess: - description: HostProcess determines - if a container should be run as a - 'Host Process' container. This field - is alpha-level and will only be honored - by components that enable the WindowsHostProcessContainers - feature flag. Setting this field without - the feature flag will result in errors - when validating the Pod. All of a - Pod's containers must have the same - effective HostProcess value (it is - not allowed to have a mix of HostProcess - containers and non-HostProcess containers). In - addition, if HostProcess is true then - HostNetwork must also be set to true. - type: boolean - runAsUserName: - description: The UserName in Windows - to run the entrypoint of the container - process. Defaults to the user specified - in image metadata if unspecified. - May also be set in PodSecurityContext. - If set in both SecurityContext and - PodSecurityContext, the value specified - in SecurityContext takes precedence. - type: string - type: object - type: object - startupProbe: - description: 'StartupProbe indicates that the - Pod has successfully initialized. If specified, - no other probes are executed until this completes - successfully. If this probe fails, the Pod - will be restarted, just as if the livenessProbe - failed. This can be used to provide different - probe parameters at the beginning of a Pod''s - lifecycle, when it might take a long time - to load data or warm a cache, than during - steady-state operation. This cannot be updated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: Command is the command - line to execute inside the container, - the working directory for the command is - root ('/') in the container's filesystem. - The command is simply exec'd, it is - not run inside a shell, so traditional - shell instructions ('|', etc) won't - work. To use a shell, you need to - explicitly call out to that shell. - Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. - items: - type: string - type: array + - devicePath + - name type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. Defaults to 3. - Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. This is a beta field and - requires enabling GRPCContainerProbe feature - gate. + type: array + volumeMounts: + description: + Pod volumes to mount into the container's + filesystem. Cannot be updated. + items: + description: + VolumeMount describes a mounting + of a Volume within a container. properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default - behavior is defined by gRPC." + mountPath: + description: + Path within the container + at which the volume should be mounted. Must + not contain ':'. type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. You probably - want to set "Host" in httpHeaders - instead. + mountPropagation: + description: + mountPropagation determines + how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is + used. This field is beta in 1.10. type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. + name: + description: + This must match the Name + of a Volume. type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + readOnly: + description: + Mounted read-only if true, + read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: + Path within the volume from + which the container's volume should + be mounted. Defaults to "" (volume's + root). type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the - container has started before liveness - probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. Defaults to 1. Must - be 1 for liveness and startup. Minimum - value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' + subPathExpr: + description: + Expanded path within the + volume from which the container's volume + should be mounted. Behaves similarly + to SubPath but environment variable + references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and + SubPath are mutually exclusive. type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true required: - - port + - mountPath + - name type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. The grace period is - the duration in seconds after the processes - running in the pod are sent a termination - signal and the time when the processes - are forcibly halted with a kill signal. - Set this value longer than the expected - cleanup time for your process. If this - value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides - the value provided by the pod spec. Value - must be non-negative integer. The value - zero indicates stop immediately via the - kill signal (no opportunity to shut down). - This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. - Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate - a buffer for stdin in the container runtime. - If this is not set, reads from stdin in the - container will always result in EOF. Default - is false. - type: boolean - stdinOnce: - description: Whether the container runtime should - close the stdin channel after it has been - opened by a single attach. When stdin is true - the stdin stream will remain open across multiple - attach sessions. If stdinOnce is set to true, - stdin is opened on container start, is empty - until the first client attaches to stdin, - and then remains open and accepts data until - the client disconnects, at which time stdin - is closed and remains closed until the container - is restarted. If this flag is false, a container - processes that reads from stdin will never - receive an EOF. Default is false - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file - to which the container''s termination message - will be written is mounted into the container''s - filesystem. Message written is intended to - be brief final status, such as an assertion - failure message. Will be truncated by the - node if greater than 4096 bytes. The total - message length across all containers will - be limited to 12kb. Defaults to /dev/termination-log. - Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message - should be populated. File will use the contents - of terminationMessagePath to populate the - container status message on both success and - failure. FallbackToLogsOnError will use the - last chunk of container log output if the - termination message file is empty and the - container exited with an error. The log output - is limited to 2048 bytes or 80 lines, whichever - is smaller. Defaults to File. Cannot be updated. - type: string - tty: - description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to - be true. Default is false. - type: boolean - volumeDevices: - description: volumeDevices is the list of block - devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path inside - of the container that the device will - be mapped to. - type: string - name: - description: name must match the name - of a persistentVolumeClaim in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's - filesystem. Cannot be updated. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container - at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines - how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is - used. This field is beta in 1.10. - type: string - name: - description: This must match the Name - of a Volume. - type: string - readOnly: - description: Mounted read-only if true, - read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - subPath: - description: Path within the volume from - which the container's volume should - be mounted. Defaults to "" (volume's - root). - type: string - subPathExpr: - description: Expanded path within the - volume from which the container's volume - should be mounted. Behaves similarly - to SubPath but environment variable - references $(VAR_NAME) are expanded - using the container's environment. Defaults - to "" (volume's root). SubPathExpr and - SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - If not specified, the container runtime's - default will be used, which might be configured - in the container image. Cannot be updated. + type: array + workingDir: + description: + Container's working directory. + If not specified, the container runtime's + default will be used, which might be configured + in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + nodeName: + description: + NodeName is a request to schedule this + pod onto a specific node. If it is non-empty, the + scheduler simply schedules this pod onto that node, + assuming that it fits resource requirements. + type: string + nodeSelector: + additionalProperties: + type: string + description: + "NodeSelector is a selector which must + be true for the pod to fit on a node. Selector which + must match a node's labels for the pod to be scheduled + on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" + type: object + x-kubernetes-map-type: atomic + os: + description: + "Specifies the OS of the containers in + the pod. Some pod and container fields are restricted + if this is set. \n If the OS field is set to linux, + the following fields must be unset: -securityContext.windowsOptions + \n If the OS field is set to windows, following + fields must be unset: - spec.hostPID - spec.hostIPC + - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile + - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy + - spec.securityContext.sysctls - spec.shareProcessNamespace + - spec.securityContext.runAsUser - spec.securityContext.runAsGroup + - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions + - spec.containers[*].securityContext.seccompProfile + - spec.containers[*].securityContext.capabilities + - spec.containers[*].securityContext.readOnlyRootFilesystem + - spec.containers[*].securityContext.privileged + - spec.containers[*].securityContext.allowPrivilegeEscalation + - spec.containers[*].securityContext.procMount - + spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup + This is a beta field and requires the IdentifyPodOS + feature" + properties: + name: + description: + "Name is the name of the operating + system. The currently supported values are linux + and windows. Additional value may be defined + in future and can be one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration + Clients should expect to handle additional values + and treat unrecognized values in this field + as os: null" type: string required: - - name + - name type: object - type: array - nodeName: - description: NodeName is a request to schedule this - pod onto a specific node. If it is non-empty, the - scheduler simply schedules this pod onto that node, - assuming that it fits resource requirements. - type: string - nodeSelector: - additionalProperties: - type: string - description: 'NodeSelector is a selector which must - be true for the pod to fit on a node. Selector which - must match a node''s labels for the pod to be scheduled - on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' - type: object - x-kubernetes-map-type: atomic - os: - description: "Specifies the OS of the containers in - the pod. Some pod and container fields are restricted - if this is set. \n If the OS field is set to linux, - the following fields must be unset: -securityContext.windowsOptions - \n If the OS field is set to windows, following - fields must be unset: - spec.hostPID - spec.hostIPC - - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - - spec.securityContext.sysctls - spec.shareProcessNamespace - - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - - spec.containers[*].securityContext.seccompProfile - - spec.containers[*].securityContext.capabilities - - spec.containers[*].securityContext.readOnlyRootFilesystem - - spec.containers[*].securityContext.privileged - - spec.containers[*].securityContext.allowPrivilegeEscalation - - spec.containers[*].securityContext.procMount - - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup - This is a beta field and requires the IdentifyPodOS - feature" - properties: - name: - description: 'Name is the name of the operating - system. The currently supported values are linux - and windows. Additional value may be defined - in future and can be one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration - Clients should expect to handle additional values - and treat unrecognized values in this field - as os: null' - type: string - required: - - name - type: object - overhead: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Overhead represents the resource overhead - associated with running a pod for a given RuntimeClass. - This field will be autopopulated at admission time - by the RuntimeClass admission controller. If the - RuntimeClass admission controller is enabled, overhead - must not be set in Pod create requests. The RuntimeClass - admission controller will reject Pod create requests - which have the overhead already set. If RuntimeClass - is configured and selected in the PodSpec, Overhead - will be set to the value defined in the corresponding - RuntimeClass, otherwise it will remain unset and - treated as zero. More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md' - type: object - preemptionPolicy: - description: PreemptionPolicy is the Policy for preempting - pods with lower priority. One of Never, PreemptLowerPriority. - Defaults to PreemptLowerPriority if unset. - type: string - priority: - description: The priority value. Various system components - use this field to find the priority of the pod. - When Priority Admission Controller is enabled, it - prevents users from setting this field. The admission - controller populates this field from PriorityClassName. - The higher the value, the higher the priority. - format: int32 - type: integer - priorityClassName: - description: If specified, indicates the pod's priority. - "system-node-critical" and "system-cluster-critical" - are two special keywords which indicate the highest - priorities with the former being the highest priority. - Any other name must be defined by creating a PriorityClass - object with that name. If not specified, the pod - priority will be default or zero if there is no - default. - type: string - readinessGates: - description: 'If specified, all readiness gates will - be evaluated for pod readiness. A pod is ready when - all its containers are ready AND all conditions - specified in the readiness gates have status equal - to "True" More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates' - items: - description: PodReadinessGate contains the reference - to a pod condition - properties: - conditionType: - description: ConditionType refers to a condition - in the pod's condition list with matching - type. - type: string - required: - - conditionType + overhead: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: + "Overhead represents the resource overhead + associated with running a pod for a given RuntimeClass. + This field will be autopopulated at admission time + by the RuntimeClass admission controller. If the + RuntimeClass admission controller is enabled, overhead + must not be set in Pod create requests. The RuntimeClass + admission controller will reject Pod create requests + which have the overhead already set. If RuntimeClass + is configured and selected in the PodSpec, Overhead + will be set to the value defined in the corresponding + RuntimeClass, otherwise it will remain unset and + treated as zero. More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md" type: object - type: array - restartPolicy: - description: 'Restart policy for all containers within - the pod. One of Always, OnFailure, Never. Default - to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy' - type: string - runtimeClassName: - description: 'RuntimeClassName refers to a RuntimeClass - object in the node.k8s.io group, which should be - used to run this pod. If no RuntimeClass resource - matches the named class, the pod will not be run. - If unset or empty, the "legacy" RuntimeClass will - be used, which is an implicit class with an empty - definition that uses the default runtime handler. - More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class' - type: string - schedulerName: - description: If specified, the pod will be dispatched - by specified scheduler. If not specified, the pod - will be dispatched by default scheduler. - type: string - securityContext: - description: 'SecurityContext holds pod-level security - attributes and common container settings. Optional: - Defaults to empty. See type description for default - values of each field.' - properties: - fsGroup: - description: "A special supplemental group that - applies to all containers in a pod. Some volume - types allow the Kubelet to change the ownership - of that volume to be owned by the pod: \n 1. - The owning GID will be the FSGroup 2. The setgid - bit is set (new files created in the volume - will be owned by FSGroup) 3. The permission - bits are OR'd with rw-rw---- \n If unset, the - Kubelet will not modify the ownership and permissions - of any volume. Note that this field cannot be - set when spec.os.name is windows." - format: int64 - type: integer - fsGroupChangePolicy: - description: 'fsGroupChangePolicy defines behavior - of changing ownership and permission of the - volume before being exposed inside Pod. This - field will only apply to volume types which - support fsGroup based ownership(and permissions). - It will have no effect on ephemeral volume types - such as: secret, configmaps and emptydir. Valid - values are "OnRootMismatch" and "Always". If - not specified, "Always" is used. Note that this - field cannot be set when spec.os.name is windows.' - type: string - runAsGroup: - description: The GID to run the entrypoint of - the container process. Uses runtime default - if unset. May also be set in SecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence for that container. Note that this - field cannot be set when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must - run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure - that it does not run as UID 0 (root) and fail - to start the container if it does. If unset - or false, no such validation will be performed. - May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of - the container process. Defaults to user specified - in image metadata if unspecified. May also be - set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified - in SecurityContext takes precedence for that - container. Note that this field cannot be set - when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to all containers. If unspecified, the container - runtime will allocate a random SELinux context - for each container. May also be set in SecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence for that container. Note that this - field cannot be set when spec.os.name is windows. - properties: - level: - description: Level is SELinux level label - that applies to the container. - type: string - role: - description: Role is a SELinux role label - that applies to the container. - type: string - type: - description: Type is a SELinux type label - that applies to the container. - type: string - user: - description: User is a SELinux user label - that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by the - containers in this pod. Note that this field - cannot be set when spec.os.name is windows. + preemptionPolicy: + description: + PreemptionPolicy is the Policy for preempting + pods with lower priority. One of Never, PreemptLowerPriority. + Defaults to PreemptLowerPriority if unset. + type: string + priority: + description: + The priority value. Various system components + use this field to find the priority of the pod. + When Priority Admission Controller is enabled, it + prevents users from setting this field. The admission + controller populates this field from PriorityClassName. + The higher the value, the higher the priority. + format: int32 + type: integer + priorityClassName: + description: + If specified, indicates the pod's priority. + "system-node-critical" and "system-cluster-critical" + are two special keywords which indicate the highest + priorities with the former being the highest priority. + Any other name must be defined by creating a PriorityClass + object with that name. If not specified, the pod + priority will be default or zero if there is no + default. + type: string + readinessGates: + description: + 'If specified, all readiness gates will + be evaluated for pod readiness. A pod is ready when + all its containers are ready AND all conditions + specified in the readiness gates have status equal + to "True" More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates' + items: + description: + PodReadinessGate contains the reference + to a pod condition properties: - localhostProfile: - description: localhostProfile indicates a - profile defined in a file on the node should - be used. The profile must be preconfigured - on the node to work. Must be a descending - path, relative to the kubelet's configured - seccomp profile location. Must only be set - if type is "Localhost". - type: string - type: - description: "type indicates which kind of - seccomp profile will be applied. Valid options - are: \n Localhost - a profile defined in - a file on the node should be used. RuntimeDefault - - the container runtime default profile - should be used. Unconfined - no profile - should be applied." + conditionType: + description: + ConditionType refers to a condition + in the pod's condition list with matching + type. type: string required: - - type - type: object - supplementalGroups: - description: A list of groups applied to the first - process run in each container, in addition to - the container's primary GID. If unspecified, - no groups will be added to any container. Note - that this field cannot be set when spec.os.name - is windows. - items: - format: int64 - type: integer - type: array - sysctls: - description: Sysctls hold a list of namespaced - sysctls used for the pod. Pods with unsupported - sysctls (by the container runtime) might fail - to launch. Note that this field cannot be set - when spec.os.name is windows. - items: - description: Sysctl defines a kernel parameter - to be set - properties: - name: - description: Name of a property to set - type: string - value: - description: Value of a property to set - type: string - required: - - name - - value - type: object - type: array - windowsOptions: - description: The Windows specific settings applied - to all containers. If unspecified, the options - within a container's SecurityContext will be - used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. Note that this field cannot be set - when spec.os.name is linux. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the - GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential - spec named by the GMSACredentialSpecName - field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the - name of the GMSA credential spec to use. - type: string - hostProcess: - description: HostProcess determines if a container - should be run as a 'Host Process' container. - This field is alpha-level and will only - be honored by components that enable the - WindowsHostProcessContainers feature flag. - Setting this field without the feature flag - will result in errors when validating the - Pod. All of a Pod's containers must have - the same effective HostProcess value (it - is not allowed to have a mix of HostProcess - containers and non-HostProcess containers). In - addition, if HostProcess is true then HostNetwork - must also be set to true. - type: boolean - runAsUserName: - description: The UserName in Windows to run - the entrypoint of the container process. - Defaults to the user specified in image - metadata if unspecified. May also be set - in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified - in SecurityContext takes precedence. - type: string + - conditionType type: object - type: object - serviceAccount: - description: 'DeprecatedServiceAccount is a depreciated - alias for ServiceAccountName. Deprecated: Use serviceAccountName - instead.' - type: string - serviceAccountName: - description: 'ServiceAccountName is the name of the - ServiceAccount to use to run this pod. More info: - https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - setHostnameAsFQDN: - description: If true the pod's hostname will be configured - as the pod's FQDN, rather than the leaf name (the - default). In Linux containers, this means setting - the FQDN in the hostname field of the kernel (the - nodename field of struct utsname). In Windows containers, - this means setting the registry value of hostname - for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters - to FQDN. If a pod does not have FQDN, this has no - effect. Default to false. - type: boolean - shareProcessNamespace: - description: 'Share a single process namespace between - all of the containers in a pod. When this is set - containers will be able to view and signal processes - from other containers in the same pod, and the first - process in each container will not be assigned PID - 1. HostPID and ShareProcessNamespace cannot both - be set. Optional: Default to false.' - type: boolean - subdomain: - description: If specified, the fully qualified Pod - hostname will be "...svc.". If not specified, the pod will not have - a domainname at all. - type: string - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod - needs to terminate gracefully. May be decreased - in delete request. Value must be non-negative integer. - The value zero indicates stop immediately via the - kill signal (no opportunity to shut down). If this - value is nil, the default grace period will be used - instead. The grace period is the duration in seconds - after the processes running in the pod are sent - a termination signal and the time when the processes - are forcibly halted with a kill signal. Set this - value longer than the expected cleanup time for - your process. Defaults to 30 seconds. - format: int64 - type: integer - tolerations: - description: If specified, the pod's tolerations. - items: - description: The pod this Toleration is attached - to tolerates any taint that matches the triple - using the matching operator - . + type: array + restartPolicy: + description: + "Restart policy for all containers within + the pod. One of Always, OnFailure, Never. Default + to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy" + type: string + runtimeClassName: + description: + 'RuntimeClassName refers to a RuntimeClass + object in the node.k8s.io group, which should be + used to run this pod. If no RuntimeClass resource + matches the named class, the pod will not be run. + If unset or empty, the "legacy" RuntimeClass will + be used, which is an implicit class with an empty + definition that uses the default runtime handler. + More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class' + type: string + schedulerName: + description: + If specified, the pod will be dispatched + by specified scheduler. If not specified, the pod + will be dispatched by default scheduler. + type: string + securityContext: + description: + "SecurityContext holds pod-level security + attributes and common container settings. Optional: + Defaults to empty. See type description for default + values of each field." properties: - effect: - description: Effect indicates the taint effect - to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, - PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; - this combination means to match all values - and all keys. - type: string - operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and - Equal. Defaults to Equal. Exists is equivalent - to wildcard for value, so that a pod can tolerate - all taints of a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the - period of time the toleration (which must - be of effect NoExecute, otherwise this field - is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint - forever (do not evict). Zero and negative - values will be treated as 0 (evict immediately) - by the system. + fsGroup: + description: + "A special supplemental group that + applies to all containers in a pod. Some volume + types allow the Kubelet to change the ownership + of that volume to be owned by the pod: \n 1. + The owning GID will be the FSGroup 2. The setgid + bit is set (new files created in the volume + will be owned by FSGroup) 3. The permission + bits are OR'd with rw-rw---- \n If unset, the + Kubelet will not modify the ownership and permissions + of any volume. Note that this field cannot be + set when spec.os.name is windows." format: int64 type: integer - value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the - value should be empty, otherwise just a regular - string. + fsGroupChangePolicy: + description: + 'fsGroupChangePolicy defines behavior + of changing ownership and permission of the + volume before being exposed inside Pod. This + field will only apply to volume types which + support fsGroup based ownership(and permissions). + It will have no effect on ephemeral volume types + such as: secret, configmaps and emptydir. Valid + values are "OnRootMismatch" and "Always". If + not specified, "Always" is used. Note that this + field cannot be set when spec.os.name is windows.' type: string - type: object - type: array - topologySpreadConstraints: - description: TopologySpreadConstraints describes how - a group of pods ought to spread across topology - domains. Scheduler will schedule pods in a way which - abides by the constraints. All topologySpreadConstraints - are ANDed. - items: - description: TopologySpreadConstraint specifies - how to spread matching pods among the given topology. - properties: - labelSelector: - description: LabelSelector is used to find matching - pods. Pods that match this label selector - are counted to determine the number of pods - in their corresponding topology domain. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - maxSkew: - description: 'MaxSkew describes the degree to - which pods may be unevenly distributed. When - `whenUnsatisfiable=DoNotSchedule`, it is the - maximum permitted difference between the number - of matching pods in the target topology and - the global minimum. The global minimum is - the minimum number of matching pods in an - eligible domain or zero if the number of eligible - domains is less than MinDomains. For example, - in a 3-zone cluster, MaxSkew is set to 1, - and pods with the same labelSelector spread - as 2/2/1: In this case, the global minimum - is 1. | zone1 | zone2 | zone3 | | P P | P - P | P | - if MaxSkew is 1, incoming pod - can only be scheduled to zone3 to become 2/2/2; - scheduling it onto zone1(zone2) would make - the ActualSkew(3-1) on zone1(zone2) violate - MaxSkew(1). - if MaxSkew is 2, incoming pod - can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, - it is used to give higher precedence to topologies - that satisfy it. It''s a required field. Default - value is 1 and 0 is not allowed.' - format: int32 + runAsGroup: + description: + The GID to run the entrypoint of + the container process. Uses runtime default + if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence for that container. Note that this + field cannot be set when spec.os.name is windows. + format: int64 type: integer - minDomains: - description: "MinDomains indicates a minimum - number of eligible domains. When the number - of eligible domains with matching topology - keys is less than minDomains, Pod Topology - Spread treats \"global minimum\" as 0, and - then the calculation of Skew is performed. - And when the number of eligible domains with - matching topology keys equals or greater than - minDomains, this value has no effect on scheduling. - As a result, when the number of eligible domains - is less than minDomains, scheduler won't schedule - more than maxSkew Pods to those domains. If - value is nil, the constraint behaves as if - MinDomains is equal to 1. Valid values are - integers greater than 0. When value is not - nil, WhenUnsatisfiable must be DoNotSchedule. - \n For example, in a 3-zone cluster, MaxSkew - is set to 2, MinDomains is set to 5 and pods - with the same labelSelector spread as 2/2/2: - | zone1 | zone2 | zone3 | | P P | P P | - \ P P | The number of domains is less than - 5(MinDomains), so \"global minimum\" is treated - as 0. In this situation, new pod with the - same labelSelector cannot be scheduled, because - computed skew will be 3(3 - 0) if new Pod - is scheduled to any of the three zones, it - will violate MaxSkew. \n This is an alpha - field and requires enabling MinDomainsInPodTopologySpread - feature gate." - format: int32 + runAsNonRoot: + description: + Indicates that the container must + run as a non-root user. If true, the Kubelet + will validate the image at runtime to ensure + that it does not run as UID 0 (root) and fail + to start the container if it does. If unset + or false, no such validation will be performed. + May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: boolean + runAsUser: + description: + The UID to run the entrypoint of + the container process. Defaults to user specified + in image metadata if unspecified. May also be + set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified + in SecurityContext takes precedence for that + container. Note that this field cannot be set + when spec.os.name is windows. + format: int64 type: integer - topologyKey: - description: TopologyKey is the key of node - labels. Nodes that have a label with this - key and identical values are considered to - be in the same topology. We consider each - as a "bucket", and try to put - balanced number of pods into each bucket. - We define a domain as a particular instance - of a topology. Also, we define an eligible - domain as a domain whose nodes match the node - selector. e.g. If TopologyKey is "kubernetes.io/hostname", - each Node is a domain of that topology. And, - if TopologyKey is "topology.kubernetes.io/zone", - each zone is a domain of that topology. It's - a required field. - type: string - whenUnsatisfiable: - description: 'WhenUnsatisfiable indicates how - to deal with a pod if it doesn''t satisfy - the spread constraint. - DoNotSchedule (default) - tells the scheduler not to schedule it. - - ScheduleAnyway tells the scheduler to schedule - the pod in any location, but giving higher - precedence to topologies that would help reduce - the skew. A constraint is considered "Unsatisfiable" - for an incoming pod if and only if every possible - node assignment for that pod would violate - "MaxSkew" on some topology. For example, in - a 3-zone cluster, MaxSkew is set to 1, and - pods with the same labelSelector spread as - 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | - If WhenUnsatisfiable is set to DoNotSchedule, - incoming pod can only be scheduled to zone2(zone3) - to become 3/2/1(3/1/2) as ActualSkew(2-1) - on zone2(zone3) satisfies MaxSkew(1). In other - words, the cluster can still be imbalanced, - but scheduler won''t make it *more* imbalanced. - It''s a required field.' - type: string - required: - - maxSkew - - topologyKey - - whenUnsatisfiable - type: object - type: array - x-kubernetes-list-map-keys: - - topologyKey - - whenUnsatisfiable - x-kubernetes-list-type: map - volumes: - description: 'List of volumes that can be mounted - by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - items: - description: Volume represents a named volume in - a pod that may be accessed by any container in - the pod. - properties: - awsElasticBlockStore: - description: 'awsElasticBlockStore represents - an AWS Disk resource that is attached to a - kubelet''s host machine and then exposed to - the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - properties: - fsType: - description: 'fsType is the filesystem type - of the volume that you want to mount. - Tip: Ensure that the filesystem type is - supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the - filesystem from compromising the machine' - type: string - partition: - description: 'partition is the partition - in the volume that you want to mount. - If omitted, the default is to mount by - volume name. Examples: For volume /dev/sda1, - you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" - (or you can leave the property empty).' - format: int32 - type: integer - readOnly: - description: 'readOnly value true will force - the readOnly setting in VolumeMounts. - More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: boolean - volumeID: - description: 'volumeID is unique ID of the - persistent disk resource in AWS (Amazon - EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: string - required: - - volumeID - type: object - azureDisk: - description: azureDisk represents an Azure Data - Disk mount on the host and bind mount to the - pod. - properties: - cachingMode: - description: 'cachingMode is the Host Caching - mode: None, Read Only, Read Write.' - type: string - diskName: - description: diskName is the Name of the - data disk in the blob storage - type: string - diskURI: - description: diskURI is the URI of data - disk in the blob storage - type: string - fsType: - description: fsType is Filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to - be "ext4" if unspecified. - type: string - kind: - description: 'kind expected values are Shared: - multiple blob disks per storage account Dedicated: - single blob disk per storage account Managed: - azure managed data disk (only in managed - availability set). defaults to shared' - type: string - readOnly: - description: readOnly Defaults to false - (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - description: azureFile represents an Azure File - Service mount on the host and bind mount to - the pod. + seLinuxOptions: + description: + The SELinux context to be applied + to all containers. If unspecified, the container + runtime will allocate a random SELinux context + for each container. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence for that container. Note that this + field cannot be set when spec.os.name is windows. properties: - readOnly: - description: readOnly defaults to false - (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. - type: boolean - secretName: - description: secretName is the name of - secret that contains Azure Storage Account - Name and Key + level: + description: + Level is SELinux level label + that applies to the container. type: string - shareName: - description: shareName is the azure share - Name - type: string - required: - - secretName - - shareName - type: object - cephfs: - description: cephFS represents a Ceph FS mount - on the host that shares a pod's lifetime - properties: - monitors: - description: 'monitors is Required: Monitors - is a collection of Ceph monitors More - info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - items: - type: string - type: array - path: - description: 'path is Optional: Used as - the mounted root, rather than the full - Ceph tree, default is /' + role: + description: + Role is a SELinux role label + that applies to the container. type: string - readOnly: - description: 'readOnly is Optional: Defaults - to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: boolean - secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default - is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: + description: + Type is a SELinux type label + that applies to the container. type: string - secretRef: - description: 'secretRef is Optional: SecretRef - is reference to the authentication secret - for User, default is empty. More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - type: object user: - description: 'user is optional: User is - the rados user name, default is admin - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: + User is a SELinux user label + that applies to the container. type: string - required: - - monitors type: object - cinder: - description: 'cinder represents a cinder volume - attached and mounted on kubelets host machine. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + seccompProfile: + description: + The seccomp options to use by the + containers in this pod. Note that this field + cannot be set when spec.os.name is windows. properties: - fsType: - description: 'fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: - https://examples.k8s.io/mysql-cinder-pd/README.md' + localhostProfile: + description: + localhostProfile indicates a + profile defined in a file on the node should + be used. The profile must be preconfigured + on the node to work. Must be a descending + path, relative to the kubelet's configured + seccomp profile location. Must only be set + if type is "Localhost". type: string - readOnly: - description: 'readOnly defaults to false - (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: boolean - secretRef: - description: 'secretRef is optional: points - to a secret object containing parameters - used to connect to OpenStack.' - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - type: object - volumeID: - description: 'volumeID used to identify - the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: + description: + "type indicates which kind of + seccomp profile will be applied. Valid options + are: \n Localhost - a profile defined in + a file on the node should be used. RuntimeDefault + - the container runtime default profile + should be used. Unconfined - no profile + should be applied." type: string required: - - volumeID - type: object - configMap: - description: configMap represents a configMap - that should populate this volume - properties: - defaultMode: - description: 'defaultMode is optional: mode - bits used to set permissions on created - files by default. Must be an octal value - between 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. - Directories within the path are not affected - by this setting. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can - be other mode bits set.' - format: int32 - type: integer - items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced ConfigMap will be projected - into the volume as a file whose name is - the key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the ConfigMap, - the volume setup will error unless it - is marked optional. Paths must be relative - and may not contain the '..' path or start - with '..'. - items: - description: Maps a string key to a path - within a volume. - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' - format: int32 - type: integer - path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - optional: - description: optional specify whether the - ConfigMap or its keys must be defined - type: boolean + - type type: object - csi: - description: csi (Container Storage Interface) - represents ephemeral storage that is handled - by certain external CSI drivers (Beta feature). + supplementalGroups: + description: + A list of groups applied to the first + process run in each container, in addition to + the container's primary GID. If unspecified, + no groups will be added to any container. Note + that this field cannot be set when spec.os.name + is windows. + items: + format: int64 + type: integer + type: array + sysctls: + description: + Sysctls hold a list of namespaced + sysctls used for the pod. Pods with unsupported + sysctls (by the container runtime) might fail + to launch. Note that this field cannot be set + when spec.os.name is windows. + items: + description: + Sysctl defines a kernel parameter + to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + description: + The Windows specific settings applied + to all containers. If unspecified, the options + within a container's SecurityContext will be + used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. Note that this field cannot be set + when spec.os.name is linux. properties: - driver: - description: driver is the name of the CSI - driver that handles this volume. Consult - with your admin for the correct name as - registered in the cluster. + gmsaCredentialSpec: + description: + GMSACredentialSpec is where the + GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName + field. type: string - fsType: - description: fsType to mount. Ex. "ext4", - "xfs", "ntfs". If not provided, the empty - value is passed to the associated CSI - driver which will determine the default - filesystem to apply. + gmsaCredentialSpecName: + description: + GMSACredentialSpecName is the + name of the GMSA credential spec to use. type: string - nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive - information to pass to the CSI driver - to complete the CSI NodePublishVolume - and NodeUnpublishVolume calls. This field - is optional, and may be empty if no secret - is required. If the secret object contains - more than one secret, all secret references - are passed. - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - type: object - readOnly: - description: readOnly specifies a read-only - configuration for the volume. Defaults - to false (read/write). + hostProcess: + description: + HostProcess determines if a container + should be run as a 'Host Process' container. + This field is alpha-level and will only + be honored by components that enable the + WindowsHostProcessContainers feature flag. + Setting this field without the feature flag + will result in errors when validating the + Pod. All of a Pod's containers must have + the same effective HostProcess value (it + is not allowed to have a mix of HostProcess + containers and non-HostProcess containers). In + addition, if HostProcess is true then HostNetwork + must also be set to true. type: boolean - volumeAttributes: - additionalProperties: - type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI - driver. Consult your driver's documentation - for supported values. - type: object - required: - - driver - type: object - downwardAPI: - description: downwardAPI represents downward - API about the pod that should populate this - volume - properties: - defaultMode: - description: 'Optional: mode bits to use - on created files by default. Must be a - Optional: mode bits used to set permissions - on created files by default. Must be an - octal value between 0000 and 0777 or a - decimal value between 0 and 511. YAML - accepts both octal and decimal values, - JSON requires decimal values for mode - bits. Defaults to 0644. Directories within - the path are not affected by this setting. - This might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits - set.' - format: int32 - type: integer - items: - description: Items is a list of downward - API volume file - items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field - properties: - fieldRef: - description: 'Required: Selects a - field of the pod: only annotations, - labels, name and namespace are supported.' - properties: - apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field - to select in the specified API - version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' - format: int32 - type: integer - path: - description: 'Required: Path is the - relative path name of the file to - be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not start - with ''..''' - type: string - resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) - are currently supported.' - properties: - containerName: - description: 'Container name: - required for volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - emptyDir: - description: 'emptyDir represents a temporary - directory that shares a pod''s lifetime. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - properties: - medium: - description: 'medium represents what type - of storage medium should back this directory. - The default is "" which means to use the - node''s default medium. Must be an empty - string (default) or Memory. More info: - https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + runAsUserName: + description: + The UserName in Windows to run + the entrypoint of the container process. + Defaults to the user specified in image + metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified + in SecurityContext takes precedence. type: string - sizeLimit: - anyOf: - - type: integer - - type: string - description: 'sizeLimit is the total amount - of local storage required for this EmptyDir - volume. The size limit is also applicable - for memory medium. The maximum usage on - memory medium EmptyDir would be the minimum - value between the SizeLimit specified - here and the sum of memory limits of all - containers in a pod. The default is nil - which means that the limit is undefined. - More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true type: object - ephemeral: - description: "ephemeral represents a volume - that is handled by a cluster storage driver. - The volume's lifecycle is tied to the pod - that defines it - it will be created before - the pod starts, and deleted when the pod is - removed. \n Use this if: a) the volume is - only needed while the pod runs, b) features - of normal volumes like restoring from snapshot - or capacity tracking are needed, c) the - storage driver is specified through a storage - class, and d) the storage driver supports - dynamic volume provisioning through a PersistentVolumeClaim - (see EphemeralVolumeSource for more information - on the connection between this volume type - \ and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes - that persist for longer than the lifecycle - of an individual pod. \n Use CSI for light-weight - local ephemeral volumes if the CSI driver - is meant to be used that way - see the documentation - of the driver for more information. \n A pod - can use both types of ephemeral volumes and - persistent volumes at the same time." - properties: - volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in - which this EphemeralVolumeSource is embedded - will be the owner of the PVC, i.e. the - PVC will be deleted together with the - pod. The name of the PVC will be `-` where `` - is the name from the `PodSpec.Volumes` - array entry. Pod validation will reject - the pod if the concatenated name is not - valid for a PVC (for example, too long). - \n An existing PVC with that name that - is not owned by the pod will *not* be - used for the pod to avoid using an unrelated - volume by mistake. Starting the pod is - then blocked until the unrelated PVC is - removed. If such a pre-created PVC is - meant to be used by the pod, the PVC has - to updated with an owner reference to - the pod once the pod exists. Normally - this should not be necessary, but it may - be useful when manually reconstructing - a broken cluster. \n This field is read-only - and no changes will be made by Kubernetes - to the PVC after it has been created. - \n Required, must not be nil." - properties: - metadata: - description: May contain labels and - annotations that will be copied into - the PVC when creating it. No other - fields are allowed and will be rejected - during validation. - type: object - spec: - description: The specification for the - PersistentVolumeClaim. The entire - content is copied unchanged into the - PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. + type: object + serviceAccount: + description: + "DeprecatedServiceAccount is a depreciated + alias for ServiceAccountName. Deprecated: Use serviceAccountName + instead." + type: string + serviceAccountName: + description: + "ServiceAccountName is the name of the + ServiceAccount to use to run this pod. More info: + https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/" + type: string + setHostnameAsFQDN: + description: + If true the pod's hostname will be configured + as the pod's FQDN, rather than the leaf name (the + default). In Linux containers, this means setting + the FQDN in the hostname field of the kernel (the + nodename field of struct utsname). In Windows containers, + this means setting the registry value of hostname + for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters + to FQDN. If a pod does not have FQDN, this has no + effect. Default to false. + type: boolean + shareProcessNamespace: + description: + "Share a single process namespace between + all of the containers in a pod. When this is set + containers will be able to view and signal processes + from other containers in the same pod, and the first + process in each container will not be assigned PID + 1. HostPID and ShareProcessNamespace cannot both + be set. Optional: Default to false." + type: boolean + subdomain: + description: + If specified, the fully qualified Pod + hostname will be "...svc.". If not specified, the pod will not have + a domainname at all. + type: string + terminationGracePeriodSeconds: + description: + Optional duration in seconds the pod + needs to terminate gracefully. May be decreased + in delete request. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). If this + value is nil, the default grace period will be used + instead. The grace period is the duration in seconds + after the processes running in the pod are sent + a termination signal and the time when the processes + are forcibly halted with a kill signal. Set this + value longer than the expected cleanup time for + your process. Defaults to 30 seconds. + format: int64 + type: integer + tolerations: + description: If specified, the pod's tolerations. + items: + description: + The pod this Toleration is attached + to tolerates any taint that matches the triple + using the matching operator + . + properties: + effect: + description: + Effect indicates the taint effect + to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, + PreferNoSchedule and NoExecute. + type: string + key: + description: + Key is the taint key that the toleration + applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; + this combination means to match all values + and all keys. + type: string + operator: + description: + Operator represents a key's relationship + to the value. Valid operators are Exists and + Equal. Defaults to Equal. Exists is equivalent + to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: + TolerationSeconds represents the + period of time the toleration (which must + be of effect NoExecute, otherwise this field + is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint + forever (do not evict). Zero and negative + values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: + Value is the taint value the toleration + matches to. If the operator is Exists, the + value should be empty, otherwise just a regular + string. + type: string + type: object + type: array + topologySpreadConstraints: + description: + TopologySpreadConstraints describes how + a group of pods ought to spread across topology + domains. Scheduler will schedule pods in a way which + abides by the constraints. All topologySpreadConstraints + are ANDed. + items: + description: + TopologySpreadConstraint specifies + how to spread matching pods among the given topology. + properties: + labelSelector: + description: + LabelSelector is used to find matching + pods. Pods that match this label selector + are counted to determine the number of pods + in their corresponding topology domain. + properties: + matchExpressions: + description: + matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: + A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. properties: - accessModes: - description: 'accessModes contains - the desired access modes the volume - should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + key: + description: + key is the label key + that the selector applies to. + type: string + operator: + description: + operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: + values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. items: type: string type: array - dataSource: - description: 'dataSource field can - be used to specify either: * An - existing VolumeSnapshot object - (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external - controller can support the specified - data source, it will create a - new volume based on the contents - of the specified data source. - If the AnyVolumeDataSource feature - gate is enabled, this field will - always have the same contents - as the DataSourceRef field.' - properties: - apiGroup: - description: APIGroup is the - group for the resource being - referenced. If APIGroup is - not specified, the specified - Kind must be in the core API - group. For any other third-party - types, APIGroup is required. - type: string - kind: - description: Kind is the type - of resource being referenced - type: string - name: - description: Name is the name - of resource being referenced - type: string - required: - - kind - - name - type: object - dataSourceRef: - description: 'dataSourceRef specifies - the object from which to populate - the volume with data, if a non-empty - volume is desired. This may be - any local object from a non-empty - API group (non core object) or - a PersistentVolumeClaim object. - When this field is specified, - volume binding will only succeed - if the type of the specified object - matches some installed volume - populator or dynamic provisioner. - This field will replace the functionality - of the DataSource field and as - such if both fields are non-empty, - they must have the same value. - For backwards compatibility, both - fields (DataSource and DataSourceRef) - will be set to the same value - automatically if one of them is - empty and the other is non-empty. - There are two important differences - between DataSource and DataSourceRef: - * While DataSource only allows - two specific types of objects, - DataSourceRef allows any non-core - object, as well as PersistentVolumeClaim - objects. * While DataSource ignores - disallowed values (dropping them), - DataSourceRef preserves all - values, and generates an error - if a disallowed value is specified. - (Beta) Using this field requires - the AnyVolumeDataSource feature - gate to be enabled.' - properties: - apiGroup: - description: APIGroup is the - group for the resource being - referenced. If APIGroup is - not specified, the specified - Kind must be in the core API - group. For any other third-party - types, APIGroup is required. - type: string - kind: - description: Kind is the type - of resource being referenced - type: string - name: - description: Name is the name - of resource being referenced - type: string - required: - - kind - - name - type: object - resources: - description: 'resources represents - the minimum resources the volume - should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed - to specify resource requirements - that are lower than previous value - but must still be higher than - capacity recorded in the status - field of the claim. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes - the maximum amount of compute - resources allowed. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes - the minimum amount of compute - resources required. If Requests - is omitted for a container, - it defaults to Limits if that - is explicitly specified, otherwise - to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - selector: - description: selector is a label - query over volumes to consider - for binding. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a - key, and an operator that - relates the key and values. - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator - represents a key's relationship - to a set of values. - Valid operators are - In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is - an array of string values. - If the operator is In - or NotIn, the values - array must be non-empty. - If the operator is Exists - or DoesNotExist, the - values array must be - empty. This array is - replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - A single {key,value} in the - matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", - the operator is "In", and - the values array contains - only "value". The requirements - are ANDed. - type: object - type: object - storageClassName: - description: 'storageClassName is - the name of the StorageClass required - by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' - type: string - volumeMode: - description: volumeMode defines - what type of volume is required - by the claim. Value of Filesystem - is implied when not included in - claim spec. - type: string - volumeName: - description: volumeName is the binding - reference to the PersistentVolume - backing this claim. - type: string + required: + - key + - operator type: object - required: - - spec - type: object - type: object - fc: - description: fc represents a Fibre Channel resource - that is attached to a kubelet's host machine - and then exposed to the pod. - properties: - fsType: - description: 'fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to - be "ext4" if unspecified. TODO: how do - we prevent errors in the filesystem from - compromising the machine' - type: string - lun: - description: 'lun is Optional: FC target - lun number' - format: int32 - type: integer - readOnly: - description: 'readOnly is Optional: Defaults - to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts.' - type: boolean - targetWWNs: - description: 'targetWWNs is Optional: FC - target worldwide names (WWNs)' - items: + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + maxSkew: + description: + "MaxSkew describes the degree to + which pods may be unevenly distributed. When + `whenUnsatisfiable=DoNotSchedule`, it is the + maximum permitted difference between the number + of matching pods in the target topology and + the global minimum. The global minimum is + the minimum number of matching pods in an + eligible domain or zero if the number of eligible + domains is less than MinDomains. For example, + in a 3-zone cluster, MaxSkew is set to 1, + and pods with the same labelSelector spread + as 2/2/1: In this case, the global minimum + is 1. | zone1 | zone2 | zone3 | | P P | P + P | P | - if MaxSkew is 1, incoming pod + can only be scheduled to zone3 to become 2/2/2; + scheduling it onto zone1(zone2) would make + the ActualSkew(3-1) on zone1(zone2) violate + MaxSkew(1). - if MaxSkew is 2, incoming pod + can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, + it is used to give higher precedence to topologies + that satisfy it. It's a required field. Default + value is 1 and 0 is not allowed." + format: int32 + type: integer + minDomains: + description: + "MinDomains indicates a minimum + number of eligible domains. When the number + of eligible domains with matching topology + keys is less than minDomains, Pod Topology + Spread treats \"global minimum\" as 0, and + then the calculation of Skew is performed. + And when the number of eligible domains with + matching topology keys equals or greater than + minDomains, this value has no effect on scheduling. + As a result, when the number of eligible domains + is less than minDomains, scheduler won't schedule + more than maxSkew Pods to those domains. If + value is nil, the constraint behaves as if + MinDomains is equal to 1. Valid values are + integers greater than 0. When value is not + nil, WhenUnsatisfiable must be DoNotSchedule. + \n For example, in a 3-zone cluster, MaxSkew + is set to 2, MinDomains is set to 5 and pods + with the same labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | | P P | P P | + \ P P | The number of domains is less than + 5(MinDomains), so \"global minimum\" is treated + as 0. In this situation, new pod with the + same labelSelector cannot be scheduled, because + computed skew will be 3(3 - 0) if new Pod + is scheduled to any of the three zones, it + will violate MaxSkew. \n This is an alpha + field and requires enabling MinDomainsInPodTopologySpread + feature gate." + format: int32 + type: integer + topologyKey: + description: + TopologyKey is the key of node + labels. Nodes that have a label with this + key and identical values are considered to + be in the same topology. We consider each + as a "bucket", and try to put + balanced number of pods into each bucket. + We define a domain as a particular instance + of a topology. Also, we define an eligible + domain as a domain whose nodes match the node + selector. e.g. If TopologyKey is "kubernetes.io/hostname", + each Node is a domain of that topology. And, + if TopologyKey is "topology.kubernetes.io/zone", + each zone is a domain of that topology. It's + a required field. + type: string + whenUnsatisfiable: + description: + 'WhenUnsatisfiable indicates how + to deal with a pod if it doesn''t satisfy + the spread constraint. - DoNotSchedule (default) + tells the scheduler not to schedule it. - + ScheduleAnyway tells the scheduler to schedule + the pod in any location, but giving higher + precedence to topologies that would help reduce + the skew. A constraint is considered "Unsatisfiable" + for an incoming pod if and only if every possible + node assignment for that pod would violate + "MaxSkew" on some topology. For example, in + a 3-zone cluster, MaxSkew is set to 1, and + pods with the same labelSelector spread as + 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, + incoming pod can only be scheduled to zone2(zone3) + to become 3/2/1(3/1/2) as ActualSkew(2-1) + on zone2(zone3) satisfies MaxSkew(1). In other + words, the cluster can still be imbalanced, + but scheduler won''t make it *more* imbalanced. + It''s a required field.' + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumes: + description: + "List of volumes that can be mounted + by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes" + items: + description: + Volume represents a named volume in + a pod that may be accessed by any container in + the pod. + properties: + awsElasticBlockStore: + description: + "awsElasticBlockStore represents + an AWS Disk resource that is attached to a + kubelet's host machine and then exposed to + the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + properties: + fsType: + description: + 'fsType is the filesystem type + of the volume that you want to mount. + Tip: Ensure that the filesystem type is + supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the + filesystem from compromising the machine' type: string - type: array - wwids: - description: 'wwids Optional: FC volume - world wide identifiers (wwids) Either - wwids or combination of targetWWNs and - lun must be set, but not both simultaneously.' - items: + partition: + description: + 'partition is the partition + in the volume that you want to mount. + If omitted, the default is to mount by + volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, + the volume partition for /dev/sda is "0" + (or you can leave the property empty).' + format: int32 + type: integer + readOnly: + description: + "readOnly value true will force + the readOnly setting in VolumeMounts. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + type: boolean + volumeID: + description: + "volumeID is unique ID of the + persistent disk resource in AWS (Amazon + EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: string - type: array - type: object - flexVolume: - description: flexVolume represents a generic - volume resource that is provisioned/attached - using an exec based plugin. - properties: - driver: - description: driver is the name of the driver - to use for this volume. - type: string - fsType: - description: fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". The default filesystem - depends on FlexVolume script. - type: string - options: - additionalProperties: + required: + - volumeID + type: object + azureDisk: + description: + azureDisk represents an Azure Data + Disk mount on the host and bind mount to the + pod. + properties: + cachingMode: + description: + "cachingMode is the Host Caching + mode: None, Read Only, Read Write." type: string - description: 'options is Optional: this - field holds extra command options if any.' - type: object - readOnly: - description: 'readOnly is Optional: defaults - to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts.' - type: boolean - secretRef: - description: 'secretRef is Optional: secretRef - is reference to the secret object containing - sensitive information to pass to the plugin - scripts. This may be empty if no secret - object is specified. If the secret object - contains more than one secret, all secrets - are passed to the plugin scripts.' - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + diskName: + description: + diskName is the Name of the + data disk in the blob storage + type: string + diskURI: + description: + diskURI is the URI of data + disk in the blob storage + type: string + fsType: + description: + fsType is Filesystem type to + mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. + type: string + kind: + description: + "kind expected values are Shared: + multiple blob disks per storage account Dedicated: + single blob disk per storage account Managed: + azure managed data disk (only in managed + availability set). defaults to shared" + type: string + readOnly: + description: + readOnly Defaults to false + (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: + azureFile represents an Azure File + Service mount on the host and bind mount to + the pod. + properties: + readOnly: + description: + readOnly defaults to false + (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: + secretName is the name of + secret that contains Azure Storage Account + Name and Key + type: string + shareName: + description: + shareName is the azure share + Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: + cephFS represents a Ceph FS mount + on the host that shares a pod's lifetime + properties: + monitors: + description: + "monitors is Required: Monitors + is a collection of Ceph monitors More + info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + items: type: string - type: object - required: - - driver - type: object - flocker: - description: flocker represents a Flocker volume - attached to a kubelet's host machine. This - depends on the Flocker control service being - running - properties: - datasetName: - description: datasetName is Name of the - dataset stored as metadata -> name on - the dataset for Flocker should be considered - as deprecated - type: string - datasetUUID: - description: datasetUUID is the UUID of - the dataset. This is unique identifier - of a Flocker dataset - type: string - type: object - gcePersistentDisk: - description: 'gcePersistentDisk represents a - GCE Disk resource that is attached to a kubelet''s - host machine and then exposed to the pod. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - properties: - fsType: - description: 'fsType is filesystem type - of the volume that you want to mount. - Tip: Ensure that the filesystem type is - supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the - filesystem from compromising the machine' - type: string - partition: - description: 'partition is the partition - in the volume that you want to mount. - If omitted, the default is to mount by - volume name. Examples: For volume /dev/sda1, - you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" - (or you can leave the property empty). - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - format: int32 - type: integer - pdName: - description: 'pdName is unique name of the - PD resource in GCE. Used to identify the - disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: string - readOnly: - description: 'readOnly here will force the - ReadOnly setting in VolumeMounts. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: boolean - required: - - pdName - type: object - gitRepo: - description: 'gitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo - is deprecated. To provision a container with - a git repo, mount an EmptyDir into an InitContainer - that clones the repo using git, then mount - the EmptyDir into the Pod''s container.' - properties: - directory: - description: directory is the target directory - name. Must not contain or start with '..'. If - '.' is supplied, the volume directory - will be the git repository. Otherwise, - if specified, the volume will contain - the git repository in the subdirectory - with the given name. - type: string - repository: - description: repository is the URL - type: string - revision: - description: revision is the commit hash - for the specified revision. - type: string - required: - - repository - type: object - glusterfs: - description: 'glusterfs represents a Glusterfs - mount on the host that shares a pod''s lifetime. - More info: https://examples.k8s.io/volumes/glusterfs/README.md' - properties: - endpoints: - description: 'endpoints is the endpoint - name that details Glusterfs topology. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - path: - description: 'path is the Glusterfs volume - path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - readOnly: - description: 'readOnly here will force the - Glusterfs volume to be mounted with read-only - permissions. Defaults to false. More info: - https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: boolean - required: - - endpoints - - path - type: object - hostPath: - description: 'hostPath represents a pre-existing - file or directory on the host machine that - is directly exposed to the container. This - is generally used for system agents or other - privileged things that are allowed to see - the host machine. Most containers will NOT - need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who - can use host directory mounts and who can/can - not mount host directories as read/write.' - properties: - path: - description: 'path of the directory on the - host. If the path is a symlink, it will - follow the link to the real path. More - info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - required: - - path - type: object - iscsi: - description: 'iscsi represents an ISCSI Disk - resource that is attached to a kubelet''s - host machine and then exposed to the pod. - More info: https://examples.k8s.io/volumes/iscsi/README.md' - properties: - chapAuthDiscovery: - description: chapAuthDiscovery defines whether - support iSCSI Discovery CHAP authentication - type: boolean - chapAuthSession: - description: chapAuthSession defines whether - support iSCSI Session CHAP authentication - type: boolean - fsType: - description: 'fsType is the filesystem type - of the volume that you want to mount. - Tip: Ensure that the filesystem type is - supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the - filesystem from compromising the machine' - type: string - initiatorName: - description: initiatorName is the custom - iSCSI Initiator Name. If initiatorName - is specified with iscsiInterface simultaneously, - new iSCSI interface : will be created for the connection. - type: string - iqn: - description: iqn is the target iSCSI Qualified - Name. - type: string - iscsiInterface: - description: iscsiInterface is the interface - Name that uses an iSCSI transport. Defaults - to 'default' (tcp). - type: string - lun: - description: lun represents iSCSI Target - Lun number. - format: int32 - type: integer - portals: - description: portals is the iSCSI Target - Portal List. The portal is either an IP - or ip_addr:port if the port is other than - default (typically TCP ports 860 and 3260). + type: array + path: + description: + "path is Optional: Used as + the mounted root, rather than the full + Ceph tree, default is /" + type: string + readOnly: + description: + "readOnly is Optional: Defaults + to false (read/write). ReadOnly here will + force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + type: boolean + secretFile: + description: + "secretFile is Optional: SecretFile + is the path to key ring for User, default + is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + type: string + secretRef: + description: + "secretRef is Optional: SecretRef + is reference to the authentication secret + for User, default is empty. More info: + https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + properties: + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + type: object + user: + description: + "user is optional: User is + the rados user name, default is admin + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + type: string + required: + - monitors + type: object + cinder: + description: + "cinder represents a cinder volume + attached and mounted on kubelets host machine. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + properties: + fsType: + description: + 'fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. More info: + https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: + "readOnly defaults to false + (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + type: boolean + secretRef: + description: + "secretRef is optional: points + to a secret object containing parameters + used to connect to OpenStack." + properties: + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + type: object + volumeID: + description: + "volumeID used to identify + the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + type: string + required: + - volumeID + type: object + configMap: + description: + configMap represents a configMap + that should populate this volume + properties: + defaultMode: + description: + "defaultMode is optional: mode + bits used to set permissions on created + files by default. Must be an octal value + between 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. + Directories within the path are not affected + by this setting. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can + be other mode bits set." + format: int32 + type: integer items: + description: + items if unspecified, each + key-value pair in the Data field of the + referenced ConfigMap will be projected + into the volume as a file whose name is + the key and content is the value. If specified, + the listed keys will be projected into + the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the ConfigMap, + the volume setup will error unless it + is marked optional. Paths must be relative + and may not contain the '..' path or start + with '..'. + items: + description: + Maps a string key to a path + within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode + bits used to set permissions on + this file. Must be an octal value + between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts + both octal and decimal values, JSON + requires decimal values for mode + bits. If not specified, the volume + defaultMode will be used. This might + be in conflict with other options + that affect the file mode, like + fsGroup, and the result can be other + mode bits set." + format: int32 + type: integer + path: + description: + path is the relative + path of the file to map the key + to. May not be an absolute path. + May not contain the path element + '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: + "Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" type: string - type: array - readOnly: - description: readOnly here will force the - ReadOnly setting in VolumeMounts. Defaults - to false. - type: boolean - secretRef: - description: secretRef is the CHAP Secret - for iSCSI target and initiator authentication - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + optional: + description: + optional specify whether the + ConfigMap or its keys must be defined + type: boolean + type: object + csi: + description: + csi (Container Storage Interface) + represents ephemeral storage that is handled + by certain external CSI drivers (Beta feature). + properties: + driver: + description: + driver is the name of the CSI + driver that handles this volume. Consult + with your admin for the correct name as + registered in the cluster. + type: string + fsType: + description: + fsType to mount. Ex. "ext4", + "xfs", "ntfs". If not provided, the empty + value is passed to the associated CSI + driver which will determine the default + filesystem to apply. + type: string + nodePublishSecretRef: + description: + nodePublishSecretRef is a reference + to the secret object containing sensitive + information to pass to the CSI driver + to complete the CSI NodePublishVolume + and NodeUnpublishVolume calls. This field + is optional, and may be empty if no secret + is required. If the secret object contains + more than one secret, all secret references + are passed. + properties: + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + type: object + readOnly: + description: + readOnly specifies a read-only + configuration for the volume. Defaults + to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: type: string - type: object - targetPortal: - description: targetPortal is iSCSI Target - Portal. The Portal is either an IP or - ip_addr:port if the port is other than - default (typically TCP ports 860 and 3260). - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - description: 'name of the volume. Must be a - DNS_LABEL and unique within the pod. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - nfs: - description: 'nfs represents an NFS mount on - the host that shares a pod''s lifetime More - info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - properties: - path: - description: 'path that is exported by the - NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - readOnly: - description: 'readOnly here will force the - NFS export to be mounted with read-only - permissions. Defaults to false. More info: - https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: boolean - server: - description: 'server is the hostname or - IP address of the NFS server. More info: - https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource - represents a reference to a PersistentVolumeClaim - in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - properties: - claimName: - description: 'claimName is the name of a - PersistentVolumeClaim in the same namespace - as the pod using this volume. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - type: string - readOnly: - description: readOnly Will force the ReadOnly - setting in VolumeMounts. Default false. - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - description: photonPersistentDisk represents - a PhotonController persistent disk attached - and mounted on kubelets host machine - properties: - fsType: - description: fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to - be "ext4" if unspecified. - type: string - pdID: - description: pdID is the ID that identifies - Photon Controller persistent disk - type: string - required: - - pdID - type: object - portworxVolume: - description: portworxVolume represents a portworx - volume attached and mounted on kubelets host - machine - properties: - fsType: - description: fSType represents the filesystem - type to mount Must be a filesystem type - supported by the host operating system. - Ex. "ext4", "xfs". Implicitly inferred - to be "ext4" if unspecified. - type: string - readOnly: - description: readOnly defaults to false - (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. - type: boolean - volumeID: - description: volumeID uniquely identifies - a Portworx volume - type: string - required: - - volumeID - type: object - projected: - description: projected items for all in one - resources secrets, configmaps, and downward - API - properties: - defaultMode: - description: defaultMode are the mode bits - used to set permissions on created files - by default. Must be an octal value between - 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal - values for mode bits. Directories within - the path are not affected by this setting. - This might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits - set. - format: int32 - type: integer - sources: - description: sources is the list of volume - projections + description: + volumeAttributes stores driver-specific + properties that are passed to the CSI + driver. Consult your driver's documentation + for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: + downwardAPI represents downward + API about the pod that should populate this + volume + properties: + defaultMode: + description: + "Optional: mode bits to use + on created files by default. Must be a + Optional: mode bits used to set permissions + on created files by default. Must be an + octal value between 0000 and 0777 or a + decimal value between 0 and 511. YAML + accepts both octal and decimal values, + JSON requires decimal values for mode + bits. Defaults to 0644. Directories within + the path are not affected by this setting. + This might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits + set." + format: int32 + type: integer items: - description: Projection that may be projected - along with other supported volume types + description: + Items is a list of downward + API volume file + items: + description: + DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: + "Required: Selects a + field of the pod: only annotations, + labels, name and namespace are supported." + properties: + apiVersion: + description: + Version of the schema + the FieldPath is written in + terms of, defaults to "v1". + type: string + fieldPath: + description: + Path of the field + to select in the specified API + version. + type: string + required: + - fieldPath + type: object + mode: + description: + "Optional: mode bits + used to set permissions on this + file, must be an octal value between + 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts + both octal and decimal values, JSON + requires decimal values for mode + bits. If not specified, the volume + defaultMode will be used. This might + be in conflict with other options + that affect the file mode, like + fsGroup, and the result can be other + mode bits set." + format: int32 + type: integer + path: + description: + "Required: Path is the + relative path name of the file to + be created. Must not be absolute + or contain the '..' path. Must + be utf-8 encoded. The first item + of the relative path must not start + with '..'" + type: string + resourceFieldRef: + description: + "Selects a resource of + the container: only resources limits + and requests (limits.cpu, limits.memory, + requests.cpu and requests.memory) + are currently supported." + properties: + containerName: + description: + "Container name: + required for volumes, optional + for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: + "Required: resource + to select" + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + description: + "emptyDir represents a temporary + directory that shares a pod's lifetime. More + info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + properties: + medium: + description: + 'medium represents what type + of storage medium should back this directory. + The default is "" which means to use the + node''s default medium. Must be an empty + string (default) or Memory. More info: + https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: + "sizeLimit is the total amount + of local storage required for this EmptyDir + volume. The size limit is also applicable + for memory medium. The maximum usage on + memory medium EmptyDir would be the minimum + value between the SizeLimit specified + here and the sum of memory limits of all + containers in a pod. The default is nil + which means that the limit is undefined. + More info: http://kubernetes.io/docs/user-guide/volumes#emptydir" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: + "ephemeral represents a volume + that is handled by a cluster storage driver. + The volume's lifecycle is tied to the pod + that defines it - it will be created before + the pod starts, and deleted when the pod is + removed. \n Use this if: a) the volume is + only needed while the pod runs, b) features + of normal volumes like restoring from snapshot + or capacity tracking are needed, c) the + storage driver is specified through a storage + class, and d) the storage driver supports + dynamic volume provisioning through a PersistentVolumeClaim + (see EphemeralVolumeSource for more information + on the connection between this volume type + \ and PersistentVolumeClaim). \n Use PersistentVolumeClaim + or one of the vendor-specific APIs for volumes + that persist for longer than the lifecycle + of an individual pod. \n Use CSI for light-weight + local ephemeral volumes if the CSI driver + is meant to be used that way - see the documentation + of the driver for more information. \n A pod + can use both types of ephemeral volumes and + persistent volumes at the same time." + properties: + volumeClaimTemplate: + description: + "Will be used to create a stand-alone + PVC to provision the volume. The pod in + which this EphemeralVolumeSource is embedded + will be the owner of the PVC, i.e. the + PVC will be deleted together with the + pod. The name of the PVC will be `-` where `` + is the name from the `PodSpec.Volumes` + array entry. Pod validation will reject + the pod if the concatenated name is not + valid for a PVC (for example, too long). + \n An existing PVC with that name that + is not owned by the pod will *not* be + used for the pod to avoid using an unrelated + volume by mistake. Starting the pod is + then blocked until the unrelated PVC is + removed. If such a pre-created PVC is + meant to be used by the pod, the PVC has + to updated with an owner reference to + the pod once the pod exists. Normally + this should not be necessary, but it may + be useful when manually reconstructing + a broken cluster. \n This field is read-only + and no changes will be made by Kubernetes + to the PVC after it has been created. + \n Required, must not be nil." properties: - configMap: - description: configMap information - about the configMap data to project - properties: - items: - description: items if unspecified, - each key-value pair in the Data - field of the referenced ConfigMap - will be projected into the volume - as a file whose name is the - key and content is the value. - If specified, the listed keys - will be projected into the specified - paths, and unlisted keys will - not be present. If a key is - specified which is not present - in the ConfigMap, the volume - setup will error unless it is - marked optional. Paths must - be relative and may not contain - the '..' path or start with - '..'. - items: - description: Maps a string key - to a path within a volume. - properties: - key: - description: key is the - key to project. - type: string - mode: - description: 'mode is Optional: - mode bits used to set - permissions on this file. - Must be an octal value - between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts - both octal and decimal - values, JSON requires - decimal values for mode - bits. If not specified, - the volume defaultMode - will be used. This might - be in conflict with other - options that affect the - file mode, like fsGroup, - and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: path is the - relative path of the file - to map the key to. May - not be an absolute path. - May not contain the path - element '..'. May not - start with the string - '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. - apiVersion, kind, uid?' - type: string - optional: - description: optional specify - whether the ConfigMap or its - keys must be defined - type: boolean + metadata: + description: + May contain labels and + annotations that will be copied into + the PVC when creating it. No other + fields are allowed and will be rejected + during validation. type: object - downwardAPI: - description: downwardAPI information - about the downwardAPI data to project + spec: + description: + The specification for the + PersistentVolumeClaim. The entire + content is copied unchanged into the + PVC that gets created from this template. + The same fields as in a PersistentVolumeClaim + are also valid here. properties: - items: - description: Items is a list of - DownwardAPIVolume file + accessModes: + description: + "accessModes contains + the desired access modes the volume + should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: - description: DownwardAPIVolumeFile - represents information to - create the file containing - the pod field - properties: - fieldRef: - description: 'Required: - Selects a field of the - pod: only annotations, - labels, name and namespace - are supported.' + type: string + type: array + dataSource: + description: + "dataSource field can + be used to specify either: * An + existing VolumeSnapshot object + (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external + controller can support the specified + data source, it will create a + new volume based on the contents + of the specified data source. + If the AnyVolumeDataSource feature + gate is enabled, this field will + always have the same contents + as the DataSourceRef field." + properties: + apiGroup: + description: + APIGroup is the + group for the resource being + referenced. If APIGroup is + not specified, the specified + Kind must be in the core API + group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: + Kind is the type + of resource being referenced + type: string + name: + description: + Name is the name + of resource being referenced + type: string + required: + - kind + - name + type: object + dataSourceRef: + description: + "dataSourceRef specifies + the object from which to populate + the volume with data, if a non-empty + volume is desired. This may be + any local object from a non-empty + API group (non core object) or + a PersistentVolumeClaim object. + When this field is specified, + volume binding will only succeed + if the type of the specified object + matches some installed volume + populator or dynamic provisioner. + This field will replace the functionality + of the DataSource field and as + such if both fields are non-empty, + they must have the same value. + For backwards compatibility, both + fields (DataSource and DataSourceRef) + will be set to the same value + automatically if one of them is + empty and the other is non-empty. + There are two important differences + between DataSource and DataSourceRef: + * While DataSource only allows + two specific types of objects, + DataSourceRef allows any non-core + object, as well as PersistentVolumeClaim + objects. * While DataSource ignores + disallowed values (dropping them), + DataSourceRef preserves all + values, and generates an error + if a disallowed value is specified. + (Beta) Using this field requires + the AnyVolumeDataSource feature + gate to be enabled." + properties: + apiGroup: + description: + APIGroup is the + group for the resource being + referenced. If APIGroup is + not specified, the specified + Kind must be in the core API + group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: + Kind is the type + of resource being referenced + type: string + name: + description: + Name is the name + of resource being referenced + type: string + required: + - kind + - name + type: object + resources: + description: + "resources represents + the minimum resources the volume + should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed + to specify resource requirements + that are lower than previous value + but must still be higher than + capacity recorded in the status + field of the claim. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: + "Limits describes + the maximum amount of compute + resources allowed. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: + "Requests describes + the minimum amount of compute + resources required. If Requests + is omitted for a container, + it defaults to Limits if that + is explicitly specified, otherwise + to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + type: object + selector: + description: + selector is a label + query over volumes to consider + for binding. + properties: + matchExpressions: + description: + matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + items: + description: + A label selector + requirement is a selector + that contains values, a + key, and an operator that + relates the key and values. properties: - apiVersion: - description: Version - of the schema the - FieldPath is written - in terms of, defaults - to "v1". + key: + description: + key is the + label key that the selector + applies to. type: string - fieldPath: - description: Path of - the field to select - in the specified API - version. + operator: + description: + operator + represents a key's relationship + to a set of values. + Valid operators are + In, NotIn, Exists and + DoesNotExist. type: string + values: + description: + values is + an array of string values. + If the operator is In + or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the + values array must be + empty. This array is + replaced during a strategic + merge patch. + items: + type: string + type: array required: - - fieldPath + - key + - operator type: object - mode: - description: 'Optional: - mode bits used to set - permissions on this file, - must be an octal value - between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts - both octal and decimal - values, JSON requires - decimal values for mode - bits. If not specified, - the volume defaultMode - will be used. This might - be in conflict with other - options that affect the - file mode, like fsGroup, - and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: 'Required: - Path is the relative - path name of the file - to be created. Must not - be absolute or contain - the ''..'' path. Must - be utf-8 encoded. The - first item of the relative - path must not start with - ''..''' + type: array + matchLabels: + additionalProperties: type: string - resourceFieldRef: - description: 'Selects a - resource of the container: - only resources limits - and requests (limits.cpu, - limits.memory, requests.cpu - and requests.memory) are - currently supported.' - properties: - containerName: - description: 'Container - name: required for - volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies - the output format - of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: - resource to select' - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - description: secret information about - the secret data to project - properties: - items: - description: items if unspecified, - each key-value pair in the Data - field of the referenced Secret - will be projected into the volume - as a file whose name is the - key and content is the value. - If specified, the listed keys - will be projected into the specified - paths, and unlisted keys will - not be present. If a key is - specified which is not present - in the Secret, the volume setup - will error unless it is marked - optional. Paths must be relative - and may not contain the '..' - path or start with '..'. - items: - description: Maps a string key - to a path within a volume. - properties: - key: - description: key is the - key to project. - type: string - mode: - description: 'mode is Optional: - mode bits used to set - permissions on this file. - Must be an octal value - between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts - both octal and decimal - values, JSON requires - decimal values for mode - bits. If not specified, - the volume defaultMode - will be used. This might - be in conflict with other - options that affect the - file mode, like fsGroup, - and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: path is the - relative path of the file - to map the key to. May - not be an absolute path. - May not contain the path - element '..'. May not - start with the string - '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. - apiVersion, kind, uid?' + description: + matchLabels is + a map of {key,value} pairs. + A single {key,value} in the + matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", + the operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + storageClassName: + description: + "storageClassName is + the name of the StorageClass required + by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: string - optional: - description: optional field specify - whether the Secret or its key - must be defined - type: boolean - type: object - serviceAccountToken: - description: serviceAccountToken is - information about the serviceAccountToken - data to project - properties: - audience: - description: audience is the intended - audience of the token. A recipient - of a token must identify itself - with an identifier specified - in the audience of the token, - and otherwise should reject - the token. The audience defaults - to the identifier of the apiserver. + volumeMode: + description: + volumeMode defines + what type of volume is required + by the claim. Value of Filesystem + is implied when not included in + claim spec. type: string - expirationSeconds: - description: expirationSeconds - is the requested duration of - validity of the service account - token. As the token approaches - expiration, the kubelet volume - plugin will proactively rotate - the service account token. The - kubelet will start trying to - rotate the token if the token - is older than 80 percent of - its time to live or if the token - is older than 24 hours.Defaults - to 1 hour and must be at least - 10 minutes. - format: int64 - type: integer - path: - description: path is the path - relative to the mount point - of the file to project the token - into. + volumeName: + description: + volumeName is the binding + reference to the PersistentVolume + backing this claim. type: string - required: - - path type: object + required: + - spec type: object - type: array - type: object - quobyte: - description: quobyte represents a Quobyte mount - on the host that shares a pod's lifetime - properties: - group: - description: group to map volume access - to Default is no group - type: string - readOnly: - description: readOnly here will force the - Quobyte volume to be mounted with read-only - permissions. Defaults to false. - type: boolean - registry: - description: registry represents a single - or multiple Quobyte Registry services - specified as a string as host:port pair - (multiple entries are separated with commas) - which acts as the central registry for - volumes - type: string - tenant: - description: tenant owning the given Quobyte - volume in the Backend Used with dynamically - provisioned Quobyte volumes, value is - set by the plugin - type: string - user: - description: user to map volume access to - Defaults to serivceaccount user - type: string - volume: - description: volume is a string that references - an already created Quobyte volume by name. - type: string - required: - - registry - - volume - type: object - rbd: - description: 'rbd represents a Rados Block Device - mount on the host that shares a pod''s lifetime. - More info: https://examples.k8s.io/volumes/rbd/README.md' - properties: - fsType: - description: 'fsType is the filesystem type - of the volume that you want to mount. - Tip: Ensure that the filesystem type is - supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the - filesystem from compromising the machine' - type: string - image: - description: 'image is the rados image name. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - keyring: - description: 'keyring is the path to key - ring for RBDUser. Default is /etc/ceph/keyring. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - monitors: - description: 'monitors is a collection of - Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - items: + type: object + fc: + description: + fc represents a Fibre Channel resource + that is attached to a kubelet's host machine + and then exposed to the pod. + properties: + fsType: + description: + 'fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. TODO: how do + we prevent errors in the filesystem from + compromising the machine' type: string - type: array - pool: - description: 'pool is the rados pool name. - Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - readOnly: - description: 'readOnly here will force the - ReadOnly setting in VolumeMounts. Defaults - to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: boolean - secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides - keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + lun: + description: + "lun is Optional: FC target + lun number" + format: int32 + type: integer + readOnly: + description: + "readOnly is Optional: Defaults + to false (read/write). ReadOnly here will + force the ReadOnly setting in VolumeMounts." + type: boolean + targetWWNs: + description: + "targetWWNs is Optional: FC + target worldwide names (WWNs)" + items: type: string - type: object - user: - description: 'user is the rados user name. - Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - required: - - image - - monitors - type: object - scaleIO: - description: scaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes - nodes. - properties: - fsType: - description: fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Default is "xfs". - type: string - gateway: - description: gateway is the host address - of the ScaleIO API Gateway. - type: string - protectionDomain: - description: protectionDomain is the name - of the ScaleIO Protection Domain for the - configured storage. - type: string - readOnly: - description: readOnly Defaults to false - (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: secretRef references to the - secret for ScaleIO user and other sensitive - information. If this is not provided, - Login operation will fail. - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + type: array + wwids: + description: + "wwids Optional: FC volume + world wide identifiers (wwids) Either + wwids or combination of targetWWNs and + lun must be set, but not both simultaneously." + items: type: string - type: object - sslEnabled: - description: sslEnabled Flag enable/disable - SSL communication with Gateway, default - false - type: boolean - storageMode: - description: storageMode indicates whether - the storage for a volume should be ThickProvisioned - or ThinProvisioned. Default is ThinProvisioned. - type: string - storagePool: - description: storagePool is the ScaleIO - Storage Pool associated with the protection - domain. - type: string - system: - description: system is the name of the storage - system as configured in ScaleIO. - type: string - volumeName: - description: volumeName is the name of a - volume already created in the ScaleIO - system that is associated with this volume - source. - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - description: 'secret represents a secret that - should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - properties: - defaultMode: - description: 'defaultMode is Optional: mode - bits used to set permissions on created - files by default. Must be an octal value - between 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. - Directories within the path are not affected - by this setting. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can - be other mode bits set.' - format: int32 - type: integer - items: - description: items If unspecified, each - key-value pair in the Data field of the - referenced Secret will be projected into - the volume as a file whose name is the - key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the Secret, the - volume setup will error unless it is marked - optional. Paths must be relative and may - not contain the '..' path or start with - '..'. - items: - description: Maps a string key to a path - within a volume. + type: array + type: object + flexVolume: + description: + flexVolume represents a generic + volume resource that is provisioned/attached + using an exec based plugin. + properties: + driver: + description: + driver is the name of the driver + to use for this volume. + type: string + fsType: + description: + fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". The default filesystem + depends on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: + "options is Optional: this + field holds extra command options if any." + type: object + readOnly: + description: + "readOnly is Optional: defaults + to false (read/write). ReadOnly here will + force the ReadOnly setting in VolumeMounts." + type: boolean + secretRef: + description: + "secretRef is Optional: secretRef + is reference to the secret object containing + sensitive information to pass to the plugin + scripts. This may be empty if no secret + object is specified. If the secret object + contains more than one secret, all secrets + are passed to the plugin scripts." properties: - key: - description: key is the key to project. + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" type: string - mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' - format: int32 - type: integer - path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. + type: object + required: + - driver + type: object + flocker: + description: + flocker represents a Flocker volume + attached to a kubelet's host machine. This + depends on the Flocker control service being + running + properties: + datasetName: + description: + datasetName is Name of the + dataset stored as metadata -> name on + the dataset for Flocker should be considered + as deprecated + type: string + datasetUUID: + description: + datasetUUID is the UUID of + the dataset. This is unique identifier + of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: + "gcePersistentDisk represents a + GCE Disk resource that is attached to a kubelet's + host machine and then exposed to the pod. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + properties: + fsType: + description: + 'fsType is filesystem type + of the volume that you want to mount. + Tip: Ensure that the filesystem type is + supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + partition: + description: + 'partition is the partition + in the volume that you want to mount. + If omitted, the default is to mount by + volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, + the volume partition for /dev/sda is "0" + (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: + "pdName is unique name of the + PD resource in GCE. Used to identify the + disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + type: string + readOnly: + description: + "readOnly here will force the + ReadOnly setting in VolumeMounts. Defaults + to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + type: boolean + required: + - pdName + type: object + gitRepo: + description: + "gitRepo represents a git repository + at a particular revision. DEPRECATED: GitRepo + is deprecated. To provision a container with + a git repo, mount an EmptyDir into an InitContainer + that clones the repo using git, then mount + the EmptyDir into the Pod's container." + properties: + directory: + description: + directory is the target directory + name. Must not contain or start with '..'. If + '.' is supplied, the volume directory + will be the git repository. Otherwise, + if specified, the volume will contain + the git repository in the subdirectory + with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: + revision is the commit hash + for the specified revision. + type: string + required: + - repository + type: object + glusterfs: + description: + "glusterfs represents a Glusterfs + mount on the host that shares a pod's lifetime. + More info: https://examples.k8s.io/volumes/glusterfs/README.md" + properties: + endpoints: + description: + "endpoints is the endpoint + name that details Glusterfs topology. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + type: string + path: + description: + "path is the Glusterfs volume + path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + type: string + readOnly: + description: + "readOnly here will force the + Glusterfs volume to be mounted with read-only + permissions. Defaults to false. More info: + https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: + "hostPath represents a pre-existing + file or directory on the host machine that + is directly exposed to the container. This + is generally used for system agents or other + privileged things that are allowed to see + the host machine. Most containers will NOT + need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who + can use host directory mounts and who can/can + not mount host directories as read/write." + properties: + path: + description: + "path of the directory on the + host. If the path is a symlink, it will + follow the link to the real path. More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + type: string + type: + description: + 'type for HostPath Volume Defaults + to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: + "iscsi represents an ISCSI Disk + resource that is attached to a kubelet's + host machine and then exposed to the pod. + More info: https://examples.k8s.io/volumes/iscsi/README.md" + properties: + chapAuthDiscovery: + description: + chapAuthDiscovery defines whether + support iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: + chapAuthSession defines whether + support iSCSI Session CHAP authentication + type: boolean + fsType: + description: + 'fsType is the filesystem type + of the volume that you want to mount. + Tip: Ensure that the filesystem type is + supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + initiatorName: + description: + initiatorName is the custom + iSCSI Initiator Name. If initiatorName + is specified with iscsiInterface simultaneously, + new iSCSI interface : will be created for the connection. + type: string + iqn: + description: + iqn is the target iSCSI Qualified + Name. + type: string + iscsiInterface: + description: + iscsiInterface is the interface + Name that uses an iSCSI transport. Defaults + to 'default' (tcp). + type: string + lun: + description: + lun represents iSCSI Target + Lun number. + format: int32 + type: integer + portals: + description: + portals is the iSCSI Target + Portal List. The portal is either an IP + or ip_addr:port if the port is other than + default (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: + readOnly here will force the + ReadOnly setting in VolumeMounts. Defaults + to false. + type: boolean + secretRef: + description: + secretRef is the CHAP Secret + for iSCSI target and initiator authentication + properties: + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" type: string - required: - - key - - path type: object - type: array - optional: - description: optional field specify whether - the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of - the secret in the pod''s namespace to - use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - type: object - storageos: - description: storageOS represents a StorageOS - volume attached and mounted on Kubernetes - nodes. - properties: - fsType: - description: fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to - be "ext4" if unspecified. - type: string - readOnly: - description: readOnly defaults to false - (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: secretRef specifies the secret - to use for obtaining the StorageOS API - credentials. If not specified, default - values will be attempted. - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + targetPortal: + description: + targetPortal is iSCSI Target + Portal. The Portal is either an IP or + ip_addr:port if the port is other than + default (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: + "name of the volume. Must be a + DNS_LABEL and unique within the pod. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: string + nfs: + description: + "nfs represents an NFS mount on + the host that shares a pod's lifetime More + info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + properties: + path: + description: + "path that is exported by the + NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + type: string + readOnly: + description: + "readOnly here will force the + NFS export to be mounted with read-only + permissions. Defaults to false. More info: + https://kubernetes.io/docs/concepts/storage/volumes#nfs" + type: boolean + server: + description: + "server is the hostname or + IP address of the NFS server. More info: + https://kubernetes.io/docs/concepts/storage/volumes#nfs" + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: + "persistentVolumeClaimVolumeSource + represents a reference to a PersistentVolumeClaim + in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + properties: + claimName: + description: + "claimName is the name of a + PersistentVolumeClaim in the same namespace + as the pod using this volume. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + type: string + readOnly: + description: + readOnly Will force the ReadOnly + setting in VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: + photonPersistentDisk represents + a PhotonController persistent disk attached + and mounted on kubelets host machine + properties: + fsType: + description: + fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. + type: string + pdID: + description: + pdID is the ID that identifies + Photon Controller persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: + portworxVolume represents a portworx + volume attached and mounted on kubelets host + machine + properties: + fsType: + description: + fSType represents the filesystem + type to mount Must be a filesystem type + supported by the host operating system. + Ex. "ext4", "xfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + readOnly: + description: + readOnly defaults to false + (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: + volumeID uniquely identifies + a Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: + projected items for all in one + resources secrets, configmaps, and downward + API + properties: + defaultMode: + description: + defaultMode are the mode bits + used to set permissions on created files + by default. Must be an octal value between + 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal + values for mode bits. Directories within + the path are not affected by this setting. + This might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits + set. + format: int32 + type: integer + sources: + description: + sources is the list of volume + projections + items: + description: + Projection that may be projected + along with other supported volume types + properties: + configMap: + description: + configMap information + about the configMap data to project + properties: + items: + description: + items if unspecified, + each key-value pair in the Data + field of the referenced ConfigMap + will be projected into the volume + as a file whose name is the + key and content is the value. + If specified, the listed keys + will be projected into the specified + paths, and unlisted keys will + not be present. If a key is + specified which is not present + in the ConfigMap, the volume + setup will error unless it is + marked optional. Paths must + be relative and may not contain + the '..' path or start with + '..'. + items: + description: + Maps a string key + to a path within a volume. + properties: + key: + description: + key is the + key to project. + type: string + mode: + description: + "mode is Optional: + mode bits used to set + permissions on this file. + Must be an octal value + between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts + both octal and decimal + values, JSON requires + decimal values for mode + bits. If not specified, + the volume defaultMode + will be used. This might + be in conflict with other + options that affect the + file mode, like fsGroup, + and the result can be + other mode bits set." + format: int32 + type: integer + path: + description: + path is the + relative path of the file + to map the key to. May + not be an absolute path. + May not contain the path + element '..'. May not + start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?" + type: string + optional: + description: + optional specify + whether the ConfigMap or its + keys must be defined + type: boolean + type: object + downwardAPI: + description: + downwardAPI information + about the downwardAPI data to project + properties: + items: + description: + Items is a list of + DownwardAPIVolume file + items: + description: + DownwardAPIVolumeFile + represents information to + create the file containing + the pod field + properties: + fieldRef: + description: + "Required: + Selects a field of the + pod: only annotations, + labels, name and namespace + are supported." + properties: + apiVersion: + description: + Version + of the schema the + FieldPath is written + in terms of, defaults + to "v1". + type: string + fieldPath: + description: + Path of + the field to select + in the specified API + version. + type: string + required: + - fieldPath + type: object + mode: + description: + "Optional: + mode bits used to set + permissions on this file, + must be an octal value + between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts + both octal and decimal + values, JSON requires + decimal values for mode + bits. If not specified, + the volume defaultMode + will be used. This might + be in conflict with other + options that affect the + file mode, like fsGroup, + and the result can be + other mode bits set." + format: int32 + type: integer + path: + description: + "Required: + Path is the relative + path name of the file + to be created. Must not + be absolute or contain + the '..' path. Must + be utf-8 encoded. The + first item of the relative + path must not start with + '..'" + type: string + resourceFieldRef: + description: + "Selects a + resource of the container: + only resources limits + and requests (limits.cpu, + limits.memory, requests.cpu + and requests.memory) are + currently supported." + properties: + containerName: + description: + "Container + name: required for + volumes, optional + for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies + the output format + of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: + "Required: + resource to select" + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + description: + secret information about + the secret data to project + properties: + items: + description: + items if unspecified, + each key-value pair in the Data + field of the referenced Secret + will be projected into the volume + as a file whose name is the + key and content is the value. + If specified, the listed keys + will be projected into the specified + paths, and unlisted keys will + not be present. If a key is + specified which is not present + in the Secret, the volume setup + will error unless it is marked + optional. Paths must be relative + and may not contain the '..' + path or start with '..'. + items: + description: + Maps a string key + to a path within a volume. + properties: + key: + description: + key is the + key to project. + type: string + mode: + description: + "mode is Optional: + mode bits used to set + permissions on this file. + Must be an octal value + between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts + both octal and decimal + values, JSON requires + decimal values for mode + bits. If not specified, + the volume defaultMode + will be used. This might + be in conflict with other + options that affect the + file mode, like fsGroup, + and the result can be + other mode bits set." + format: int32 + type: integer + path: + description: + path is the + relative path of the file + to map the key to. May + not be an absolute path. + May not contain the path + element '..'. May not + start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?" + type: string + optional: + description: + optional field specify + whether the Secret or its key + must be defined + type: boolean + type: object + serviceAccountToken: + description: + serviceAccountToken is + information about the serviceAccountToken + data to project + properties: + audience: + description: + audience is the intended + audience of the token. A recipient + of a token must identify itself + with an identifier specified + in the audience of the token, + and otherwise should reject + the token. The audience defaults + to the identifier of the apiserver. + type: string + expirationSeconds: + description: + expirationSeconds + is the requested duration of + validity of the service account + token. As the token approaches + expiration, the kubelet volume + plugin will proactively rotate + the service account token. The + kubelet will start trying to + rotate the token if the token + is older than 80 percent of + its time to live or if the token + is older than 24 hours.Defaults + to 1 hour and must be at least + 10 minutes. + format: int64 + type: integer + path: + description: + path is the path + relative to the mount point + of the file to project the token + into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: + quobyte represents a Quobyte mount + on the host that shares a pod's lifetime + properties: + group: + description: + group to map volume access + to Default is no group + type: string + readOnly: + description: + readOnly here will force the + Quobyte volume to be mounted with read-only + permissions. Defaults to false. + type: boolean + registry: + description: + registry represents a single + or multiple Quobyte Registry services + specified as a string as host:port pair + (multiple entries are separated with commas) + which acts as the central registry for + volumes + type: string + tenant: + description: + tenant owning the given Quobyte + volume in the Backend Used with dynamically + provisioned Quobyte volumes, value is + set by the plugin + type: string + user: + description: + user to map volume access to + Defaults to serivceaccount user + type: string + volume: + description: + volume is a string that references + an already created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: + "rbd represents a Rados Block Device + mount on the host that shares a pod's lifetime. + More info: https://examples.k8s.io/volumes/rbd/README.md" + properties: + fsType: + description: + 'fsType is the filesystem type + of the volume that you want to mount. + Tip: Ensure that the filesystem type is + supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + image: + description: + "image is the rados image name. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + keyring: + description: + "keyring is the path to key + ring for RBDUser. Default is /etc/ceph/keyring. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + monitors: + description: + "monitors is a collection of + Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + items: type: string - type: object - volumeName: - description: volumeName is the human-readable - name of the StorageOS volume. Volume - names are only unique within a namespace. - type: string - volumeNamespace: - description: volumeNamespace specifies the - scope of the volume within StorageOS. If - no namespace is specified then the Pod's - namespace will be used. This allows the - Kubernetes name scoping to be mirrored - within StorageOS for tighter integration. - Set VolumeName to any name to override - the default behaviour. Set to "default" - if you are not using namespaces within - StorageOS. Namespaces that do not pre-exist - within StorageOS will be created. - type: string - type: object - vsphereVolume: - description: vsphereVolume represents a vSphere - volume attached and mounted on kubelets host - machine - properties: - fsType: - description: fsType is filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to - be "ext4" if unspecified. - type: string - storagePolicyID: - description: storagePolicyID is the storage - Policy Based Management (SPBM) profile - ID associated with the StoragePolicyName. - type: string - storagePolicyName: - description: storagePolicyName is the storage - Policy Based Management (SPBM) profile - name. - type: string - volumePath: - description: volumePath is the path that - identifies vSphere volume vmdk - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array + type: array + pool: + description: + "pool is the rados pool name. + Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + readOnly: + description: + "readOnly here will force the + ReadOnly setting in VolumeMounts. Defaults + to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: boolean + secretRef: + description: + "secretRef is name of the authentication + secret for RBDUser. If provided overrides + keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + properties: + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + type: object + user: + description: + "user is the rados user name. + Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + required: + - image + - monitors + type: object + scaleIO: + description: + scaleIO represents a ScaleIO persistent + volume attached and mounted on Kubernetes + nodes. + properties: + fsType: + description: + fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: + gateway is the host address + of the ScaleIO API Gateway. + type: string + protectionDomain: + description: + protectionDomain is the name + of the ScaleIO Protection Domain for the + configured storage. + type: string + readOnly: + description: + readOnly Defaults to false + (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: + secretRef references to the + secret for ScaleIO user and other sensitive + information. If this is not provided, + Login operation will fail. + properties: + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + type: object + sslEnabled: + description: + sslEnabled Flag enable/disable + SSL communication with Gateway, default + false + type: boolean + storageMode: + description: + storageMode indicates whether + the storage for a volume should be ThickProvisioned + or ThinProvisioned. Default is ThinProvisioned. + type: string + storagePool: + description: + storagePool is the ScaleIO + Storage Pool associated with the protection + domain. + type: string + system: + description: + system is the name of the storage + system as configured in ScaleIO. + type: string + volumeName: + description: + volumeName is the name of a + volume already created in the ScaleIO + system that is associated with this volume + source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: + "secret represents a secret that + should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + properties: + defaultMode: + description: + "defaultMode is Optional: mode + bits used to set permissions on created + files by default. Must be an octal value + between 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. + Directories within the path are not affected + by this setting. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can + be other mode bits set." + format: int32 + type: integer + items: + description: + items If unspecified, each + key-value pair in the Data field of the + referenced Secret will be projected into + the volume as a file whose name is the + key and content is the value. If specified, + the listed keys will be projected into + the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the Secret, the + volume setup will error unless it is marked + optional. Paths must be relative and may + not contain the '..' path or start with + '..'. + items: + description: + Maps a string key to a path + within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode + bits used to set permissions on + this file. Must be an octal value + between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts + both octal and decimal values, JSON + requires decimal values for mode + bits. If not specified, the volume + defaultMode will be used. This might + be in conflict with other options + that affect the file mode, like + fsGroup, and the result can be other + mode bits set." + format: int32 + type: integer + path: + description: + path is the relative + path of the file to map the key + to. May not be an absolute path. + May not contain the path element + '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: + optional field specify whether + the Secret or its keys must be defined + type: boolean + secretName: + description: + "secretName is the name of + the secret in the pod's namespace to + use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + type: string + type: object + storageos: + description: + storageOS represents a StorageOS + volume attached and mounted on Kubernetes + nodes. + properties: + fsType: + description: + fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. + type: string + readOnly: + description: + readOnly defaults to false + (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: + secretRef specifies the secret + to use for obtaining the StorageOS API + credentials. If not specified, default + values will be attempted. + properties: + name: + description: + "Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + type: object + volumeName: + description: + volumeName is the human-readable + name of the StorageOS volume. Volume + names are only unique within a namespace. + type: string + volumeNamespace: + description: + volumeNamespace specifies the + scope of the volume within StorageOS. If + no namespace is specified then the Pod's + namespace will be used. This allows the + Kubernetes name scoping to be mirrored + within StorageOS for tighter integration. + Set VolumeName to any name to override + the default behaviour. Set to "default" + if you are not using namespaces within + StorageOS. Namespaces that do not pre-exist + within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: + vsphereVolume represents a vSphere + volume attached and mounted on kubelets host + machine + properties: + fsType: + description: + fsType is filesystem type to + mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. + type: string + storagePolicyID: + description: + storagePolicyID is the storage + Policy Based Management (SPBM) profile + ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: + storagePolicyName is the storage + Policy Based Management (SPBM) profile + name. + type: string + volumePath: + description: + volumePath is the path that + identifies vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - containers + type: object + type: object + ttlSecondsAfterFinished: + description: + ttlSecondsAfterFinished limits the lifetime of + a Job that has finished execution (either Complete or Failed). + If this field is set, ttlSecondsAfterFinished after the + Job finishes, it is eligible to be automatically deleted. + When the Job is being deleted, its lifecycle guarantees + (e.g. finalizers) will be honored. If this field is unset, + the Job won't be automatically deleted. If this field is + set to zero, the Job becomes eligible to be deleted immediately + after it finishes. + format: int32 + type: integer + required: + - template + type: object + status: + description: "Current status of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + properties: + active: + description: The number of pending and running pods. + format: int32 + type: integer + completedIndexes: + description: + CompletedIndexes holds the completed indexes + when .spec.completionMode = "Indexed" in a text format. + The indexes are represented as decimal integers separated + by commas. The numbers are listed in increasing order. Three + or more consecutive numbers are compressed and represented + by the first and last element of the series, separated by + a hyphen. For example, if the completed indexes are 1, 3, + 4, 5 and 7, they are represented as "1,3-5,7". + type: string + completionTime: + description: + Represents time when the job was completed. It + is not guaranteed to be set in happens-before order across + separate operations. It is represented in RFC3339 form and + is in UTC. The completion time is only set when the job + finishes successfully. + format: date-time + type: string + conditions: + description: + 'The latest available observations of an object''s + current state. When a Job fails, one of the conditions will + have type "Failed" and status true. When a Job is suspended, + one of the conditions will have type "Suspended" and status + true; when the Job is resumed, the status of this condition + will become false. When a Job is completed, one of the conditions + will have type "Complete" and status true. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/' + items: + description: JobCondition describes current state of a job. + properties: + lastProbeTime: + description: Last time the condition was checked. + format: date-time + type: string + lastTransitionTime: + description: + Last time the condition transit from one + status to another. + format: date-time + type: string + message: + description: + Human readable message indicating details + about last transition. + type: string + reason: + description: + (brief) reason for the condition's last + transition. + type: string + status: + description: + Status of the condition, one of True, False, + Unknown. + type: string + type: + description: Type of job condition, Complete or Failed. + type: string required: - - containers + - status + - type type: object - type: object - ttlSecondsAfterFinished: - description: ttlSecondsAfterFinished limits the lifetime of - a Job that has finished execution (either Complete or Failed). - If this field is set, ttlSecondsAfterFinished after the - Job finishes, it is eligible to be automatically deleted. - When the Job is being deleted, its lifecycle guarantees - (e.g. finalizers) will be honored. If this field is unset, - the Job won't be automatically deleted. If this field is - set to zero, the Job becomes eligible to be deleted immediately - after it finishes. - format: int32 - type: integer - required: - - template - type: object - status: - description: 'Current status of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - properties: - active: - description: The number of pending and running pods. - format: int32 - type: integer - completedIndexes: - description: CompletedIndexes holds the completed indexes - when .spec.completionMode = "Indexed" in a text format. - The indexes are represented as decimal integers separated - by commas. The numbers are listed in increasing order. Three - or more consecutive numbers are compressed and represented - by the first and last element of the series, separated by - a hyphen. For example, if the completed indexes are 1, 3, - 4, 5 and 7, they are represented as "1,3-5,7". - type: string - completionTime: - description: Represents time when the job was completed. It - is not guaranteed to be set in happens-before order across - separate operations. It is represented in RFC3339 form and - is in UTC. The completion time is only set when the job - finishes successfully. - format: date-time - type: string - conditions: - description: 'The latest available observations of an object''s - current state. When a Job fails, one of the conditions will - have type "Failed" and status true. When a Job is suspended, - one of the conditions will have type "Suspended" and status - true; when the Job is resumed, the status of this condition - will become false. When a Job is completed, one of the conditions - will have type "Complete" and status true. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/' - items: - description: JobCondition describes current state of a job. + type: array + x-kubernetes-list-type: atomic + failed: + description: The number of pods which reached phase Failed. + format: int32 + type: integer + ready: + description: + "The number of pods which have a Ready condition. + \n This field is beta-level. The job controller populates + the field when the feature gate JobReadyPods is enabled + (enabled by default)." + format: int32 + type: integer + startTime: + description: + Represents time when the job controller started + processing a job. When a Job is created in the suspended + state, this field is not set until the first time it is + resumed. This field is reset every time a Job is resumed + from suspension. It is represented in RFC3339 form and is + in UTC. + format: date-time + type: string + succeeded: + description: The number of pods which reached phase Succeeded. + format: int32 + type: integer + uncountedTerminatedPods: + description: + "UncountedTerminatedPods holds the UIDs of Pods + that have terminated but the job controller hasn't yet accounted + for in the status counters. \n The job controller creates + pods with a finalizer. When a pod terminates (succeeded + or failed), the controller does three steps to account for + it in the job status: (1) Add the pod UID to the arrays + in this field. (2) Remove the pod finalizer. (3) Remove + the pod UID from the arrays while increasing the corresponding + \ counter. \n This field is beta-level. The job controller + only makes use of this field when the feature gate JobTrackingWithFinalizers + is enabled (enabled by default). Old jobs might not be tracked + using this field, in which case the field remains null." properties: - lastProbeTime: - description: Last time the condition was checked. - format: date-time - type: string - lastTransitionTime: - description: Last time the condition transit from one - status to another. - format: date-time - type: string - message: - description: Human readable message indicating details - about last transition. - type: string - reason: - description: (brief) reason for the condition's last - transition. - type: string - status: - description: Status of the condition, one of True, False, - Unknown. - type: string - type: - description: Type of job condition, Complete or Failed. - type: string - required: - - status - - type + failed: + description: Failed holds UIDs of failed Pods. + items: + description: + UID is a type that holds unique ID values, + including UUIDs. Because we don't ONLY use UUIDs, + this is an alias to string. Being a type captures + intent and helps make sure that UIDs and names do + not get conflated. + type: string + type: array + x-kubernetes-list-type: set + succeeded: + description: Succeeded holds UIDs of succeeded Pods. + items: + description: + UID is a type that holds unique ID values, + including UUIDs. Because we don't ONLY use UUIDs, + this is an alias to string. Being a type captures + intent and helps make sure that UIDs and names do + not get conflated. + type: string + type: array + x-kubernetes-list-type: set type: object - type: array - x-kubernetes-list-type: atomic - failed: - description: The number of pods which reached phase Failed. - format: int32 - type: integer - ready: - description: "The number of pods which have a Ready condition. - \n This field is beta-level. The job controller populates - the field when the feature gate JobReadyPods is enabled - (enabled by default)." - format: int32 - type: integer - startTime: - description: Represents time when the job controller started - processing a job. When a Job is created in the suspended - state, this field is not set until the first time it is - resumed. This field is reset every time a Job is resumed - from suspension. It is represented in RFC3339 form and is - in UTC. - format: date-time - type: string - succeeded: - description: The number of pods which reached phase Succeeded. - format: int32 - type: integer - uncountedTerminatedPods: - description: "UncountedTerminatedPods holds the UIDs of Pods - that have terminated but the job controller hasn't yet accounted - for in the status counters. \n The job controller creates - pods with a finalizer. When a pod terminates (succeeded - or failed), the controller does three steps to account for - it in the job status: (1) Add the pod UID to the arrays - in this field. (2) Remove the pod finalizer. (3) Remove - the pod UID from the arrays while increasing the corresponding - \ counter. \n This field is beta-level. The job controller - only makes use of this field when the feature gate JobTrackingWithFinalizers - is enabled (enabled by default). Old jobs might not be tracked - using this field, in which case the field remains null." - properties: - failed: - description: Failed holds UIDs of failed Pods. - items: - description: UID is a type that holds unique ID values, - including UUIDs. Because we don't ONLY use UUIDs, - this is an alias to string. Being a type captures - intent and helps make sure that UIDs and names do - not get conflated. - type: string - type: array - x-kubernetes-list-type: set - succeeded: - description: Succeeded holds UIDs of succeeded Pods. - items: - description: UID is a type that holds unique ID values, - including UUIDs. Because we don't ONLY use UUIDs, - this is an alias to string. Being a type captures - intent and helps make sure that UIDs and names do - not get conflated. - type: string - type: array - x-kubernetes-list-type: set - type: object - type: object - type: object - type: object - status: - description: ScanTypeStatus defines the observed state of ScanType - type: object - type: object - served: true - storage: true - subresources: {} + type: object + type: object + type: object + status: + description: ScanTypeStatus defines the observed state of ScanType + type: object + type: object + served: true + storage: true + subresources: {} status: acceptedNames: kind: "" diff --git a/operator/crds/execution.securecodebox.io_scheduledscans.yaml b/operator/crds/execution.securecodebox.io_scheduledscans.yaml index 531f4fc623..88b1edf582 100644 --- a/operator/crds/execution.securecodebox.io_scheduledscans.yaml +++ b/operator/crds/execution.securecodebox.io_scheduledscans.yaml @@ -19,4218 +19,4789 @@ spec: singular: scheduledscan scope: Namespaced versions: - - additionalPrinterColumns: - - description: K8s Resource UID - jsonPath: .metadata.uid - name: UID - priority: 1 - type: string - - description: Scan Type - jsonPath: .spec.scanSpec.scanType - name: Type - type: string - - description: Interval - jsonPath: .spec.interval - name: Interval - type: string - - description: Total Finding Count - jsonPath: .status.findings.count - name: Findings - type: string - - description: Arguments passed to the Scanner - jsonPath: .spec.scanSpec.parameters - name: Parameters - priority: 1 - type: string - name: v1 - schema: - openAPIV3Schema: - description: ScheduledScan is the Schema for the scheduledscans API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ScheduledScanSpec defines the desired state of ScheduledScan - properties: - failedJobsHistoryLimit: - description: FailedJobsHistoryLimit determines how many failed past - Scans will be kept until the oldest one will be deleted, defaults - to 3. When set to 0, Scans will be deleted directly after failure - format: int32 - minimum: 0 - type: integer - interval: - description: 'Interval describes how often the scan should be repeated - Examples: ''12h'', ''30m''' - type: string - retriggerOnScanTypeChange: - default: false - description: RetriggerOnScanTypeChange will automatically trigger - a new scan for the scheduledScan if the referenced ScanType was - updated - type: boolean - scanSpec: - description: ScanSpec describes the scan which should be started regularly - properties: - affinity: - description: 'Affinity allows to specify a node affinity, to control - on which nodes you want a scan to run. See: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/' - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for - the pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods - to nodes that satisfy the affinity expressions specified - by this field, but it may choose a node that violates - one or more of the expressions. The node that is most - preferred is the one with the greatest sum of weights, - i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum by iterating - through the elements of this field and adding "weight" - to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - items: - description: An empty preferred scheduling term matches - all objects with implicit weight 0 (i.e. it's a no-op). - A null preferred scheduling term matches no objects - (i.e. is also a no-op). - properties: - preference: - description: A node selector term, associated with - the corresponding weight. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. - items: + - additionalPrinterColumns: + - description: K8s Resource UID + jsonPath: .metadata.uid + name: UID + priority: 1 + type: string + - description: Scan Type + jsonPath: .spec.scanSpec.scanType + name: Type + type: string + - description: Interval + jsonPath: .spec.interval + name: Interval + type: string + - description: Total Finding Count + jsonPath: .status.findings.count + name: Findings + type: string + - description: Arguments passed to the Scanner + jsonPath: .spec.scanSpec.parameters + name: Parameters + priority: 1 + type: string + name: v1 + schema: + openAPIV3Schema: + description: ScheduledScan is the Schema for the scheduledscans API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ScheduledScanSpec defines the desired state of ScheduledScan + properties: + failedJobsHistoryLimit: + description: + FailedJobsHistoryLimit determines how many failed past + Scans will be kept until the oldest one will be deleted, defaults + to 3. When set to 0, Scans will be deleted directly after failure + format: int32 + minimum: 0 + type: integer + interval: + description: + "Interval describes how often the scan should be repeated + Examples: '12h', '30m'" + type: string + retriggerOnScanTypeChange: + default: false + description: + RetriggerOnScanTypeChange will automatically trigger + a new scan for the scheduledScan if the referenced ScanType was + updated + type: boolean + scanSpec: + description: ScanSpec describes the scan which should be started regularly + properties: + affinity: + description: + "Affinity allows to specify a node affinity, to control + on which nodes you want a scan to run. See: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/" + properties: + nodeAffinity: + description: + Describes node affinity scheduling rules for + the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: + The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: + An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects + (i.e. is also a no-op). + properties: + preference: + description: + A node selector term, associated with + the corresponding weight. + properties: + matchExpressions: + description: + A list of node selector requirements + by node's labels. + items: + description: + A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + The label key that the selector + applies to. type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. - items: + operator: + description: + Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - description: Weight associated with matching the - corresponding nodeSelectorTerm, in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by - this field are not met at scheduling time, the pod will - not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point - during pod execution (e.g. due to an update), the system - may or may not try to eventually evict the pod from - its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. - The terms are ORed. - items: - description: A null or empty node selector term - matches no objects. The requirements of them are - ANDed. The TopologySelectorTerm type implements - a subset of the NodeSelectorTerm. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. - items: + values: + description: + An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: + A list of node selector requirements + by node's fields. + items: + description: + A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + The label key that the selector + applies to. type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. - items: + operator: + description: + Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - description: Describes pod affinity scheduling rules (e.g. - co-locate this pod in the same node, zone, etc. as some - other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods - to nodes that satisfy the affinity expressions specified - by this field, but it may choose a node that violates - one or more of the expressions. The node that is most - preferred is the one with the greatest sum of weights, - i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum by iterating - through the elements of this field and adding "weight" - to the sum if the node has pods which matches the corresponding - podAffinityTerm; the node(s) with the highest sum are - the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. + values: + description: + An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: type: string - values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by - this field and the ones listed in the namespaces - field. null selector and null or empty namespaces - list means "this pod's namespace". An empty - selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. + type: array + type: object + weight: + description: + Weight associated with matching the + corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: + If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from + its node. + properties: + nodeSelectorTerms: + description: + Required. A list of node selector terms. + The terms are ORed. + items: + description: + A null or empty node selector term + matches no objects. The requirements of them are + ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: + A list of node selector requirements + by node's labels. + items: + description: + A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + The label key that the selector + applies to. + type: string + operator: + description: + Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: + An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: type: string - operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: + A list of node selector requirements + by node's fields. + items: + description: + A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + The label key that the selector + applies to. + type: string + operator: + description: + Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: + An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: type: string - values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. type: object - type: object - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. - The term is applied to the union of the namespaces - listed in this field and the ones selected - by namespaceSelector. null or empty namespaces - list and null namespaceSelector means "this - pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the - pods matching the labelSelector in the specified - namespaces, where co-located is defined as - running on a node whose value of the label - with key topologyKey matches that of any node - on which any of the selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with matching the - corresponding podAffinityTerm, in the range 1-100. - format: int32 - type: integer + type: array + type: object + type: array required: - - podAffinityTerm - - weight + - nodeSelectorTerms type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by - this field are not met at scheduling time, the pod will - not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point - during pod execution (e.g. due to a pod label update), - the system may or may not try to eventually evict the - pod from its node. When there are multiple elements, - the lists of nodes corresponding to each podAffinityTerm - are intersected, i.e. all terms must be satisfied. - items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not - co-located (anti-affinity) with, where co-located - is defined as running on a node whose value of the - label with key matches that of any node - on which a pod of the set of pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + type: object + podAffinity: + description: + Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: + The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: + The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: + Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: + A label query over a set of resources, + in this case pods. properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. + matchExpressions: + description: + matchExpressions is a list + of label selector requirements. The requirements + are ANDed. items: - type: string + description: + A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: + key is the label key + that the selector applies to. + type: string + operator: + description: + operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: + values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. + matchExpressions: + description: + matchExpressions is a list + of label selector requirements. The requirements + are ANDed. items: - type: string + description: + A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: + key is the label key + that the selector applies to. + type: string + operator: + description: + operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: + values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: + namespaces: + description: + namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules - (e.g. avoid putting this pod in the same node, zone, etc. - as some other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods - to nodes that satisfy the anti-affinity expressions - specified by this field, but it may choose a node that - violates one or more of the expressions. The node that - is most preferred is the one with the greatest sum of - weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - anti-affinity expressions, etc.), compute a sum by iterating - through the elements of this field and adding "weight" - to the sum if the node has pods which matches the corresponding - podAffinityTerm; the node(s) with the highest sum are - the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. + required: + - topologyKey + type: object + weight: + description: + weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: + If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to a pod label update), + the system may or may not try to eventually evict the + pod from its node. When there are multiple elements, + the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: + Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: + A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: type: string - values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by - this field and the ones listed in the namespaces - field. null selector and null or empty namespaces - list means "this pod's namespace". An empty - selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: type: string - values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. type: object - type: object - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. - The term is applied to the union of the namespaces - listed in this field and the ones selected - by namespaceSelector. null or empty namespaces - list and null namespaceSelector means "this - pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the - pods matching the labelSelector in the specified - namespaces, where co-located is defined as - running on a node whose value of the label - with key topologyKey matches that of any node - on which any of the selected pods is running. - Empty topologyKey is not allowed. + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaces: + description: + namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: type: string - required: + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: - topologyKey - type: object - weight: - description: weight associated with matching the - corresponding podAffinityTerm, in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified - by this field are not met at scheduling time, the pod - will not be scheduled onto the node. If the anti-affinity - requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod - label update), the system may or may not try to eventually - evict the pod from its node. When there are multiple - elements, the lists of nodes corresponding to each podAffinityTerm - are intersected, i.e. all terms must be satisfied. - items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not - co-located (anti-affinity) with, where co-located - is defined as running on a node whose value of the - label with key matches that of any node - on which a pod of the set of pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + type: object + type: array + type: object + podAntiAffinity: + description: + Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, etc. + as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: + The scheduler will prefer to schedule pods + to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node that + violates one or more of the expressions. The node that + is most preferred is the one with the greatest sum of + weights, i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + anti-affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: + The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: + Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: + A label query over a set of resources, + in this case pods. properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. + matchExpressions: + description: + matchExpressions is a list + of label selector requirements. The requirements + are ANDed. items: - type: string + description: + A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: + key is the label key + that the selector applies to. + type: string + operator: + description: + operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: + values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. + matchExpressions: + description: + matchExpressions is a list + of label selector requirements. The requirements + are ANDed. items: - type: string + description: + A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: + key is the label key + that the selector applies to. + type: string + operator: + description: + operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: + values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: + namespaces: + description: + namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". - items: + required: + - topologyKey + type: object + weight: + description: + weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: + If the anti-affinity requirements specified + by this field are not met at scheduling time, the pod + will not be scheduled onto the node. If the anti-affinity + requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod + label update), the system may or may not try to eventually + evict the pod from its node. When there are multiple + elements, the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: + Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: + A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: + A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: + matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: + A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: + key is the label key that + the selector applies to. + type: string + operator: + description: + operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: + values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaces: + description: + namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: + This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. + required: + - topologyKey + type: object + type: array + type: object + type: object + cascades: + description: + CascadeSpec describes how and when cascading scans + should be generated. + properties: + inheritAffinity: + default: true + description: + InheritAffinity defines whether cascading scans + should inherit affinity from the parent scan. + type: boolean + inheritAnnotations: + default: true + description: + InheritAnnotations defines whether cascading + scans should inherit annotations from the parent scan + type: boolean + inheritEnv: + default: false + description: + InheritEnv defines whether cascading scans should + inherit environment variables from the parent scan + type: boolean + inheritHookSelector: + default: false + description: + InheritHookSelector defines whether cascading + scans should inherit hookSelector from the parent scan. + type: boolean + inheritInitContainers: + default: false + description: + InheritInitContainers defines whether cascading + scans should inherit initContainers from the parent scan. + Usually only useful when combined with inheritVolumes. + type: boolean + inheritLabels: + default: true + description: + InheritLabels defines whether cascading scans + should inherit labels from the parent scan + type: boolean + inheritTolerations: + default: true + description: + InheritTolerations defines whether cascading + scans should inherit tolerations from the parent scan. + type: boolean + inheritVolumes: + default: false + description: + InheritVolumes defines whether cascading scans + should inherit volumes and volume mounts from the parent + scan + type: boolean + matchExpressions: + description: + matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: + A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: + key is the label key that the selector + applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: + values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - cascades: - description: CascadeSpec describes how and when cascading scans - should be generated. - properties: - inheritAffinity: - default: true - description: InheritAffinity defines whether cascading scans - should inherit affinity from the parent scan. - type: boolean - inheritAnnotations: - default: true - description: InheritAnnotations defines whether cascading - scans should inherit annotations from the parent scan - type: boolean - inheritEnv: - default: false - description: InheritEnv defines whether cascading scans should - inherit environment variables from the parent scan - type: boolean - inheritHookSelector: - default: false - description: InheritHookSelector defines whether cascading - scans should inherit hookSelector from the parent scan. - type: boolean - inheritInitContainers: - default: false - description: InheritInitContainers defines whether cascading - scans should inherit initContainers from the parent scan. - Usually only useful when combined with inheritVolumes. - type: boolean - inheritLabels: - default: true - description: InheritLabels defines whether cascading scans - should inherit labels from the parent scan - type: boolean - inheritTolerations: - default: true - description: InheritTolerations defines whether cascading - scans should inherit tolerations from the parent scan. - type: boolean - inheritVolumes: - default: false - description: InheritVolumes defines whether cascading scans - should inherit volumes and volume mounts from the parent - scan - type: boolean - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that relates - the key and values. + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + scopeLimiter: + description: + InheritLabels defines whether cascading scans + should inherit labels from the parent scan properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, - Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If - the operator is In or NotIn, the values array must - be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced - during a strategic merge patch. + allOf: + description: + AllOf is a list of label selector requirements. + The requirements are ANDed. items: - type: string + description: + ScopeLimiterRequirement is a selector that + contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: + key is the label key that the selector + applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. + type: string + values: + description: values is an array of string values. + items: + type: string + type: array + required: + - key + - operator + - values + type: object + type: array + anyOf: + description: + AnyOf is a list of label selector requirements. + The requirements are ANDed. + items: + description: + ScopeLimiterRequirement is a selector that + contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: + key is the label key that the selector + applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. + type: string + values: + description: values is an array of string values. + items: + type: string + type: array + required: + - key + - operator + - values + type: object + type: array + noneOf: + description: + NoneOf is a list of label selector requirements. + The requirements are ANDed. + items: + description: + ScopeLimiterRequirement is a selector that + contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: + key is the label key that the selector + applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. + type: string + values: + description: values is an array of string values. + items: + type: string + type: array + required: + - key + - operator + - values + type: object type: array - required: - - key - - operator + validOnMissingRender: + default: false + description: + ValidOnMissingRender defines whether if a + templating variable is not present, that condition should + match + type: boolean type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A - single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only - "value". The requirements are ANDed. - type: object - scopeLimiter: - description: InheritLabels defines whether cascading scans - should inherit labels from the parent scan + type: object + env: + description: + Env allows to specify environment vars for the scanner + container. These will be merged will the env vars specified + for the first container of the pod defined in the ScanType + items: + description: + EnvVar represents an environment variable present + in a Container. properties: - allOf: - description: AllOf is a list of label selector requirements. - The requirements are ANDed. - items: - description: ScopeLimiterRequirement is a selector that - contains values, a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. - type: string - values: - description: values is an array of string values. - items: + name: + description: + Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: + 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. If + a variable cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced to a single + $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: + Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. type: string - type: array - required: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: + Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: + "Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['']`, + `metadata.annotations['']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs." + properties: + apiVersion: + description: + Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: + Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: + "Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: + "Container name: required for volumes, + optional for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: string + required: + - resource + type: object + secretKeyRef: + description: + Selects a key of a secret in the pod's + namespace + properties: + key: + description: + The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: + Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + hookSelector: + description: + HookSelector allows to specify a LabelSelector with + which the hooks are selected. + properties: + matchExpressions: + description: + matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: + A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: + key is the label key that the selector + applies to. + type: string + operator: + description: + operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: + values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: - key - operator - - values - type: object + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + initContainers: + description: + InitContainers allows to specify init containers + for the scan container, to pre-load data into them. + items: + description: + A single application container that you want to + run within a pod. + properties: + args: + description: + 'Arguments to the entrypoint. The container + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot + be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: + 'Entrypoint array. Not executed within a shell. + The container image''s ENTRYPOINT is used if this is not + provided. Variable references $(VAR_NAME) are expanded + using the container''s environment. If a variable cannot + be resolved, the reference in the input string will be + unchanged. Double $$ are reduced to a single $, which + allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". Escaped + references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string type: array - anyOf: - description: AnyOf is a list of label selector requirements. - The requirements are ANDed. + env: + description: + List of environment variables to set in the + container. Cannot be updated. items: - description: ScopeLimiterRequirement is a selector that - contains values, a key, and an operator that relates - the key and values. + description: + EnvVar represents an environment variable + present in a Container. properties: - key: - description: key is the label key that the selector - applies to. + name: + description: + Name of the environment variable. Must + be a C_IDENTIFIER. type: string - operator: - description: operator represents a key's relationship - to a set of values. + value: + description: + 'Variable references $(VAR_NAME) are + expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". Escaped + references will never be expanded, regardless of + whether the variable exists or not. Defaults to + "".' type: string - values: - description: values is an array of string values. - items: - type: string - type: array + valueFrom: + description: + Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + optional: + description: + Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: + "Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['']`, + `metadata.annotations['']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs." + properties: + apiVersion: + description: + Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: + Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: + "Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported." + properties: + containerName: + description: + "Container name: required for + volumes, optional for env vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: string + required: + - resource + type: object + secretKeyRef: + description: + Selects a key of a secret in the + pod's namespace + properties: + key: + description: + The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + optional: + description: + Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object required: - - key - - operator - - values + - name type: object type: array - noneOf: - description: NoneOf is a list of label selector requirements. - The requirements are ANDed. + envFrom: + description: + List of sources to populate environment variables + in the container. The keys defined within a source must + be a C_IDENTIFIER. All invalid keys will be reported as + an event when the container is starting. When a key exists + in multiple sources, the value associated with the last + source will take precedence. Values defined by an Env + with a duplicate key will take precedence. Cannot be updated. items: - description: ScopeLimiterRequirement is a selector that - contains values, a key, and an operator that relates - the key and values. + description: + EnvFromSource represents the source of a + set of ConfigMaps properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: + Specify whether the ConfigMap must + be defined + type: boolean + type: object + prefix: + description: + An optional identifier to prepend to + each key in the ConfigMap. Must be a C_IDENTIFIER. type: string - values: - description: values is an array of string values. - items: - type: string - type: array - required: - - key - - operator - - values + secretRef: + description: The Secret to select from + properties: + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + optional: + description: + Specify whether the Secret must be + defined + type: boolean + type: object type: object type: array - validOnMissingRender: - default: false - description: ValidOnMissingRender defines whether if a - templating variable is not present, that condition should - match - type: boolean - type: object - type: object - env: - description: Env allows to specify environment vars for the scanner - container. These will be merged will the env vars specified - for the first container of the pod defined in the ScanType - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in - the container and any service environment variables. If - a variable cannot be resolved, the reference in the input - string will be unchanged. Double $$ are reduced to a single - $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless - of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the pod: supports metadata.name, - metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the - specified API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, requests.memory - and requests.ephemeral-storage) are currently supported.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of the - exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - hookSelector: - description: HookSelector allows to specify a LabelSelector with - which the hooks are selected. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, - Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If - the operator is In or NotIn, the values array must - be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced - during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A - single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only - "value". The requirements are ANDed. - type: object - type: object - initContainers: - description: InitContainers allows to specify init containers - for the scan container, to pre-load data into them. - items: - description: A single application container that you want to - run within a pod. - properties: - args: - description: 'Arguments to the entrypoint. The container - image''s CMD is used if this is not provided. Variable - references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the reference - in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) - syntax: i.e. "$$(VAR_NAME)" will produce the string literal - "$(VAR_NAME)". Escaped references will never be expanded, - regardless of whether the variable exists or not. Cannot - be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: + image: + description: + "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets." type: string - type: array - command: - description: 'Entrypoint array. Not executed within a shell. - The container image''s ENTRYPOINT is used if this is not - provided. Variable references $(VAR_NAME) are expanded - using the container''s environment. If a variable cannot - be resolved, the reference in the input string will be - unchanged. Double $$ are reduced to a single $, which - allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". Escaped - references will never be expanded, regardless of whether - the variable exists or not. Cannot be updated. More info: - https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: + imagePullPolicy: + description: + "Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: string - type: array - env: - description: List of environment variables to set in the - container. Cannot be updated. - items: - description: EnvVar represents an environment variable - present in a Container. + lifecycle: + description: + Actions that the management system should take + in response to container lifecycle events. Cannot be updated. properties: - name: - description: Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are - expanded using the previously defined environment - variables in the container and any service environment - variables. If a variable cannot be resolved, the - reference in the input string will be unchanged. - Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". Escaped - references will never be expanded, regardless of - whether the variable exists or not. Defaults to - "".' - type: string - valueFrom: - description: Source for the environment variable's - value. Cannot be used if value is not empty. + postStart: + description: + "PostStart is called immediately after + a container is created. If the handler fails, the + container is terminated and restarted according to + its restart policy. Other management of the container + blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: + HTTPGet specifies the http request + to perform. properties: - key: - description: The key to select. + host: + description: + Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to + the host. Defaults to HTTP. type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean required: - - key + - port type: object - fieldRef: - description: 'Selects a field of the pod: supports - metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' + tcpSocket: + description: + Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of this + field and lifecycle hooks will fail in runtime + when tcp handler is specified. properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in - the specified API version. + host: + description: + "Optional: Host name to connect + to, defaults to the pod IP." type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - fieldPath + - port + type: object + type: object + preStop: + description: + "PreStop is called immediately before a + container is terminated due to an API request or management + event such as liveness/startup probe failure, preemption, + resource contention, etc. The handler is not called + if the container crashes or exits. The Pod's termination + grace period countdown begins before the PreStop hook + is executed. Regardless of the outcome of the handler, + the container will eventually terminate within the + Pod's termination grace period (unless delayed by + finalizers). Other management of the container blocks + until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array type: object - resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' + httpGet: + description: + HTTPGet specifies the http request + to perform. properties: - containerName: - description: 'Container name: required for - volumes, optional for env vars' + host: + description: + Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. type: string - divisor: + port: anyOf: - - type: integer - - type: string - description: Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' + scheme: + description: + Scheme to use for connecting to + the host. Defaults to HTTP. type: string required: - - resource + - port type: object - secretKeyRef: - description: Selects a key of a secret in the - pod's namespace + tcpSocket: + description: + Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of this + field and lifecycle hooks will fail in runtime + when tcp handler is specified. properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + host: + description: + "Optional: Host name to connect + to, defaults to the pod IP." type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - key + - port type: object type: object - required: - - name type: object - type: array - envFrom: - description: List of sources to populate environment variables - in the container. The keys defined within a source must - be a C_IDENTIFIER. All invalid keys will be reported as - an event when the container is starting. When a key exists - in multiple sources, the value associated with the last - source will take precedence. Values defined by an Env - with a duplicate key will take precedence. Cannot be updated. - items: - description: EnvFromSource represents the source of a - set of ConfigMaps + livenessProbe: + description: + "Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: - configMapRef: - description: The ConfigMap to select from + exec: + description: Exec specifies the action to take. properties: - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap must - be defined - type: boolean + command: + description: + Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array type: object - prefix: - description: An optional identifier to prepend to - each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from + failureThreshold: + description: + Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving a GRPC + port. This is a beta field and requires enabling GRPCContainerProbe + feature gate. properties: - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + port: + description: + Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." type: string - optional: - description: Specify whether the Secret must be - defined - type: boolean - type: object - type: object - type: array - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management - to default or override container images in workload controllers - like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - lifecycle: - description: Actions that the management system should take - in response to container lifecycle events. Cannot be updated. - properties: - postStart: - description: 'PostStart is called immediately after - a container is created. If the handler fails, the - container is terminated and restarted according to - its restart policy. Other management of the container - blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') in - the container's filesystem. The command is - simply exec'd, it is not run inside a shell, - so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is - treated as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom - header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to - the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: + required: - port - type: object - type: object - preStop: - description: 'PreStop is called immediately before a - container is terminated due to an API request or management - event such as liveness/startup probe failure, preemption, - resource contention, etc. The handler is not called - if the container crashes or exits. The Pod''s termination - grace period countdown begins before the PreStop hook - is executed. Regardless of the outcome of the handler, - the container will eventually terminate within the - Pod''s termination grace period (unless delayed by - finalizers). Other management of the container blocks - until the hook completes or until the termination - grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') in - the container's filesystem. The command is - simply exec'd, it is not run inside a shell, - so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is - treated as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom - header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: + Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: - name - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to - the host. Defaults to HTTP. - type: string - required: + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: + type: object + initialDelaySeconds: + description: + "Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: + "Optional: Host name to connect to, + defaults to the pod IP." + type: string + port: + anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: - port - type: object - type: object - type: object - livenessProbe: - description: 'Periodic probe of container liveness. Container - will be restarted if the probe fails. Cannot be updated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a GRPC - port. This is a beta field and requires enabling GRPCContainerProbe - feature gate. + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + name: + description: + Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: + List of ports to expose from the container. + Exposing a port here gives the system additional information + about the network connections a container uses, but is + primarily informational. Not specifying a port here DOES + NOT prevent that port from being exposed. Any port which + is listening on the default "0.0.0.0" address inside a + container will be accessible from the network. Cannot + be updated. + items: + description: + ContainerPort represents a network port in + a single container. properties: - port: - description: Port number of the gRPC service. Number - must be in the range 1 to 65535. + containerPort: + description: + Number of port to expose on the pod's + IP address. This must be a valid port number, 0 + < x < 65536. format: int32 type: integer - service: - description: "Service is the name of the service - to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. + hostIP: + description: + What host IP to bind the external port + to. type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + hostPort: + description: + Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, this + must match ContainerPort. Most containers do not + need this. + format: int32 + type: integer + name: + description: + If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a + pod must have a unique name. Name for the port that + can be referred to by services. type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum - value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect to, - defaults to the pod IP.' + protocol: + default: TCP + description: + Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true required: - - port + - containerPort type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and - the time when the processes are forcibly halted with - a kill signal. Set this value longer than the expected - cleanup time for your process. If this value is nil, - the pod's terminationGracePeriodSeconds will be used. - Otherwise, this value overrides the value provided - by the pod spec. Value must be non-negative integer. - The value zero indicates stop immediately via the - kill signal (no opportunity to shut down). This is - a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - name: - description: Name of the container specified as a DNS_LABEL. - Each container in a pod must have a unique name (DNS_LABEL). - Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. - Exposing a port here gives the system additional information - about the network connections a container uses, but is - primarily informational. Not specifying a port here DOES - NOT prevent that port from being exposed. Any port which - is listening on the default "0.0.0.0" address inside a - container will be accessible from the network. Cannot - be updated. - items: - description: ContainerPort represents a network port in - a single container. + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: + "Periodic probe of container service readiness. + Container will be removed from service endpoints if the + probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: - containerPort: - description: Number of port to expose on the pod's - IP address. This must be a valid port number, 0 - < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the external port - to. - type: string - hostPort: - description: Number of port to expose on the host. - If specified, this must be a valid port number, - 0 < x < 65536. If HostNetwork is specified, this - must match ContainerPort. Most containers do not - need this. + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: + Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. format: int32 type: integer - name: - description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in a - pod must have a unique name. Name for the port that - can be referred to by services. - type: string - protocol: - default: TCP - description: Protocol for port. Must be UDP, TCP, - or SCTP. Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. - Container will be removed from service endpoints if the - probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. - items: + grpc: + description: + GRPC specifies an action involving a GRPC + port. This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: + Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a GRPC - port. This is a beta field and requires enabling GRPCContainerProbe - feature gate. - properties: - port: - description: Port number of the gRPC service. Number - must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of the service - to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: + Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: + "Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: + "Optional: Host name to connect to, + defaults to the pod IP." + type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + resources: + description: + "Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + properties: + limits: + additionalProperties: anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum - value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect to, - defaults to the pod IP.' - type: string - port: + description: + "Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + requests: + additionalProperties: anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and - the time when the processes are forcibly halted with - a kill signal. Set this value longer than the expected - cleanup time for your process. If this value is nil, - the pod's terminationGracePeriodSeconds will be used. - Otherwise, this value overrides the value provided - by the pod spec. Value must be non-negative integer. - The value zero indicates stop immediately via the - kill signal (no opportunity to shut down). This is - a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by this container. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of - compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - securityContext: - description: 'SecurityContext defines the security options - the container should be run with. If set, the fields of - SecurityContext override the equivalent fields of PodSecurityContext. - More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether - a process can gain more privileges than its parent - process. This bool directly controls if the no_new_privs - flag will be set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run as Privileged - 2) has CAP_SYS_ADMIN Note that this field cannot be - set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running - containers. Defaults to the default set of capabilities - granted by the container runtime. Note that this field - cannot be set when spec.os.name is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type + description: + "Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + type: object + securityContext: + description: + "SecurityContext defines the security options + the container should be run with. If set, the fields of + SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + properties: + allowPrivilegeEscalation: + description: + "AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent + process. This bool directly controls if the no_new_privs + flag will be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be + set when spec.os.name is windows." + type: boolean + capabilities: + description: + The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this field + cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: + Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: + Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: + Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: + procMount denotes the type of proc mount + to use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: + Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: + The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set + when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: + Indicates that the container must run as + a non-root user. If true, the Kubelet will validate + the image at runtime to ensure that it does not run + as UID 0 (root) and fail to start the container if + it does. If unset or false, no such validation will + be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: + The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + seLinuxOptions: + description: + The SELinux context to be applied to the + container. If unspecified, the container runtime will + allocate a random SELinux context for each container. May + also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is + windows. + properties: + level: + description: + Level is SELinux level label that applies + to the container. type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type + role: + description: + Role is a SELinux role label that applies + to the container. type: string - type: array - type: object - privileged: - description: Run container in privileged mode. Processes - in privileged containers are essentially equivalent - to root on the host. Defaults to false. Note that - this field cannot be set when spec.os.name is windows. - type: boolean - procMount: - description: procMount denotes the type of proc mount - to use for the containers. The default is DefaultProcMount - which uses the container runtime defaults for readonly - paths and masked paths. This requires the ProcMountType - feature flag to be enabled. Note that this field cannot - be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only - root filesystem. Default is false. Note that this - field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container - process. Uses runtime default if unset. May also be - set in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be set - when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run as - a non-root user. If true, the Kubelet will validate - the image at runtime to ensure that it does not run - as UID 0 (root) and fail to start the container if - it does. If unset or false, no such validation will - be performed. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container - process. Defaults to user specified in image metadata - if unspecified. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name - is windows. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to the - container. If unspecified, the container runtime will - allocate a random SELinux context for each container. May - also be set in PodSecurityContext. If set in both - SecurityContext and PodSecurityContext, the value - specified in SecurityContext takes precedence. Note - that this field cannot be set when spec.os.name is - windows. - properties: - level: - description: Level is SELinux level label that applies - to the container. - type: string - role: - description: Role is a SELinux role label that applies - to the container. - type: string - type: - description: Type is a SELinux type label that applies - to the container. - type: string - user: - description: User is a SELinux user label that applies - to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by this container. - If seccomp options are provided at both the pod & - container level, the container options override the - pod options. Note that this field cannot be set when - spec.os.name is windows. + type: + description: + Type is a SELinux type label that applies + to the container. + type: string + user: + description: + User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: + The seccomp options to use by this container. + If seccomp options are provided at both the pod & + container level, the container options override the + pod options. Note that this field cannot be set when + spec.os.name is windows. + properties: + localhostProfile: + description: + localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative to + the kubelet's configured seccomp profile location. + Must only be set if type is "Localhost". + type: string + type: + description: + "type indicates which kind of seccomp + profile will be applied. Valid options are: \n + Localhost - a profile defined in a file on the + node should be used. RuntimeDefault - the container + runtime default profile should be used. Unconfined + - no profile should be applied." + type: string + required: + - type + type: object + windowsOptions: + description: + The Windows specific settings applied to + all containers. If unspecified, the options from the + PodSecurityContext will be used. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set + when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: + GMSACredentialSpec is where the GMSA + admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec + named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: + GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: + HostProcess determines if a container + should be run as a 'Host Process' container. This + field is alpha-level and will only be honored + by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the feature + flag will result in errors when validating the + Pod. All of a Pod's containers must have the same + effective HostProcess value (it is not allowed + to have a mix of HostProcess containers and non-HostProcess + containers). In addition, if HostProcess is true + then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: + The UserName in Windows to run the + entrypoint of the container process. Defaults + to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: + "StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed + until this completes successfully. If this probe fails, + the Pod will be restarted, just as if the livenessProbe + failed. This can be used to provide different probe parameters + at the beginning of a Pod's lifecycle, when it might + take a long time to load data or warm a cache, than during + steady-state operation. This cannot be updated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: + Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: + Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: + GRPC specifies an action involving a GRPC + port. This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: + Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: + "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: + Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: + Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: + HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: + Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: + Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: + "Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + periodSeconds: + description: + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: + Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: + TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: + "Optional: Host name to connect to, + defaults to the pod IP." + type: string + port: + anyOf: + - type: integer + - type: string + description: + Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: + Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: + "Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: int32 + type: integer + type: object + stdin: + description: + Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, + reads from stdin in the container will always result in + EOF. Default is false. + type: boolean + stdinOnce: + description: + Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce is + set to true, stdin is opened on container start, is empty + until the first client attaches to stdin, and then remains + open and accepts data until the client disconnects, at + which time stdin is closed and remains closed until the + container is restarted. If this flag is false, a container + processes that reads from stdin will never receive an + EOF. Default is false + type: boolean + terminationMessagePath: + description: + "Optional: Path at which the file to which + the container's termination message will be written is + mounted into the container's filesystem. Message written + is intended to be brief final status, such as an assertion + failure message. Will be truncated by the node if greater + than 4096 bytes. The total message length across all containers + will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated." + type: string + terminationMessagePolicy: + description: + Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last chunk + of container log output if the termination message file + is empty and the container exited with an error. The log + output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: + Whether this container should allocate a TTY + for itself, also requires 'stdin' to be true. Default + is false. + type: boolean + volumeDevices: + description: + volumeDevices is the list of block devices + to be used by the container. + items: + description: + volumeDevice describes a mapping of a raw + block device within a container. properties: - localhostProfile: - description: localhostProfile indicates a profile - defined in a file on the node should be used. - The profile must be preconfigured on the node - to work. Must be a descending path, relative to - the kubelet's configured seccomp profile location. - Must only be set if type is "Localhost". + devicePath: + description: + devicePath is the path inside of the + container that the device will be mapped to. type: string - type: - description: "type indicates which kind of seccomp - profile will be applied. Valid options are: \n - Localhost - a profile defined in a file on the - node should be used. RuntimeDefault - the container - runtime default profile should be used. Unconfined - - no profile should be applied." + name: + description: + name must match the name of a persistentVolumeClaim + in the pod type: string required: - - type - type: object - windowsOptions: - description: The Windows specific settings applied to - all containers. If unspecified, the options from the - PodSecurityContext will be used. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be set - when spec.os.name is linux. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA - admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec - named by the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name - of the GMSA credential spec to use. - type: string - hostProcess: - description: HostProcess determines if a container - should be run as a 'Host Process' container. This - field is alpha-level and will only be honored - by components that enable the WindowsHostProcessContainers - feature flag. Setting this field without the feature - flag will result in errors when validating the - Pod. All of a Pod's containers must have the same - effective HostProcess value (it is not allowed - to have a mix of HostProcess containers and non-HostProcess - containers). In addition, if HostProcess is true - then HostNetwork must also be set to true. - type: boolean - runAsUserName: - description: The UserName in Windows to run the - entrypoint of the container process. Defaults - to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set - in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - type: string - type: object - type: object - startupProbe: - description: 'StartupProbe indicates that the Pod has successfully - initialized. If specified, no other probes are executed - until this completes successfully. If this probe fails, - the Pod will be restarted, just as if the livenessProbe - failed. This can be used to provide different probe parameters - at the beginning of a Pod''s lifecycle, when it might - take a long time to load data or warm a cache, than during - steady-state operation. This cannot be updated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. - items: - type: string - type: array + - devicePath + - name type: object - failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a GRPC - port. This is a beta field and requires enabling GRPCContainerProbe - feature gate. + type: array + volumeMounts: + description: + Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: + VolumeMount describes a mounting of a Volume + within a container. properties: - port: - description: Port number of the gRPC service. Number - must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of the service - to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." + mountPath: + description: + Path within the container at which the + volume should be mounted. Must not contain ':'. type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. + mountPropagation: + description: + mountPropagation determines how mounts + are propagated from the host to container and the + other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. + name: + description: This must match the Name of a Volume. type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + readOnly: + description: + Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to false. + type: boolean + subPath: + description: + Path within the volume from which the + container's volume should be mounted. Defaults to + "" (volume's root). type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum - value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect to, - defaults to the pod IP.' + subPathExpr: + description: + Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable + references $(VAR_NAME) are expanded using the container's + environment. Defaults to "" (volume's root). SubPathExpr + and SubPath are mutually exclusive. type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true required: - - port + - mountPath + - name type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and - the time when the processes are forcibly halted with - a kill signal. Set this value longer than the expected - cleanup time for your process. If this value is nil, - the pod's terminationGracePeriodSeconds will be used. - Otherwise, this value overrides the value provided - by the pod spec. Value must be non-negative integer. - The value zero indicates stop immediately via the - kill signal (no opportunity to shut down). This is - a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate a buffer - for stdin in the container runtime. If this is not set, - reads from stdin in the container will always result in - EOF. Default is false. - type: boolean - stdinOnce: - description: Whether the container runtime should close - the stdin channel after it has been opened by a single - attach. When stdin is true the stdin stream will remain - open across multiple attach sessions. If stdinOnce is - set to true, stdin is opened on container start, is empty - until the first client attaches to stdin, and then remains - open and accepts data until the client disconnects, at - which time stdin is closed and remains closed until the - container is restarted. If this flag is false, a container - processes that reads from stdin will never receive an - EOF. Default is false - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file to which - the container''s termination message will be written is - mounted into the container''s filesystem. Message written - is intended to be brief final status, such as an assertion - failure message. Will be truncated by the node if greater - than 4096 bytes. The total message length across all containers - will be limited to 12kb. Defaults to /dev/termination-log. - Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should - be populated. File will use the contents of terminationMessagePath - to populate the container status message on both success - and failure. FallbackToLogsOnError will use the last chunk - of container log output if the termination message file - is empty and the container exited with an error. The log - output is limited to 2048 bytes or 80 lines, whichever - is smaller. Defaults to File. Cannot be updated. - type: string - tty: - description: Whether this container should allocate a TTY - for itself, also requires 'stdin' to be true. Default - is false. - type: boolean - volumeDevices: - description: volumeDevices is the list of block devices - to be used by the container. - items: - description: volumeDevice describes a mapping of a raw - block device within a container. + type: array + workingDir: + description: + Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + parameters: + description: All CLI parameters to configure the scan container. + items: + type: string + type: array + scanType: + description: The name of the scanType which should be started. + type: string + tolerations: + description: + Tolerations are a different way to control on which + nodes your scan is executed. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + items: + description: + The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: + Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: + Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: + Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: + TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: + Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + volumeMounts: + description: + VolumeMounts allows to specify volume mounts for + the scan container. + items: + description: + VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: + Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: + mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationNone is used. This + field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: + Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: + Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: + Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: Volumes allows to specify volumes for the scan container. + items: + description: + Volume represents a named volume in a pod that + may be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: + "awsElasticBlockStore represents an AWS Disk + resource that is attached to a kubelet's host machine + and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: - devicePath: - description: devicePath is the path inside of the - container that the device will be mapped to. + fsType: + description: + 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from + compromising the machine' type: string - name: - description: name must match the name of a persistentVolumeClaim - in the pod + partition: + description: + 'partition is the partition in the volume + that you want to mount. If omitted, the default is + to mount by volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, the volume + partition for /dev/sda is "0" (or you can leave the + property empty).' + format: int32 + type: integer + readOnly: + description: + "readOnly value true will force the readOnly + setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + type: boolean + volumeID: + description: + "volumeID is unique ID of the persistent + disk resource in AWS (Amazon EBS volume). More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: string required: - - devicePath - - name + - volumeID type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's filesystem. - Cannot be updated. - items: - description: VolumeMount describes a mounting of a Volume - within a container. + azureDisk: + description: + azureDisk represents an Azure Data Disk mount + on the host and bind mount to the pod. properties: - mountPath: - description: Path within the container at which the - volume should be mounted. Must not contain ':'. + cachingMode: + description: + "cachingMode is the Host Caching mode: + None, Read Only, Read Write." type: string - mountPropagation: - description: mountPropagation determines how mounts - are propagated from the host to container and the - other way around. When not set, MountPropagationNone - is used. This field is beta in 1.10. + diskName: + description: + diskName is the Name of the data disk in + the blob storage type: string - name: - description: This must match the Name of a Volume. + diskURI: + description: + diskURI is the URI of data disk in the + blob storage + type: string + fsType: + description: + fsType is Filesystem type to mount. Must + be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. type: string + kind: + description: + "kind expected values are Shared: multiple + blob disks per storage account Dedicated: single + blob disk per storage account Managed: azure managed + data disk (only in managed availability set). defaults + to shared" + type: string + readOnly: + description: + readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: + azureFile represents an Azure File Service + mount on the host and bind mount to the pod. + properties: readOnly: - description: Mounted read-only if true, read-write - otherwise (false or unspecified). Defaults to false. + description: + readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. type: boolean - subPath: - description: Path within the volume from which the - container's volume should be mounted. Defaults to - "" (volume's root). + secretName: + description: + secretName is the name of secret that + contains Azure Storage Account Name and Key type: string - subPathExpr: - description: Expanded path within the volume from - which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable - references $(VAR_NAME) are expanded using the container's - environment. Defaults to "" (volume's root). SubPathExpr - and SubPath are mutually exclusive. + shareName: + description: shareName is the azure share Name type: string required: - - mountPath - - name + - secretName + - shareName type: object - type: array - workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which might - be configured in the container image. Cannot be updated. - type: string - required: - - name - type: object - type: array - parameters: - description: All CLI parameters to configure the scan container. - items: - type: string - type: array - scanType: - description: The name of the scanType which should be started. - type: string - tolerations: - description: Tolerations are a different way to control on which - nodes your scan is executed. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ - items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . - properties: - effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. - type: string - operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. - type: string - type: object - type: array - volumeMounts: - description: VolumeMounts allows to specify volume mounts for - the scan container. - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: Path within the container at which the volume - should be mounted. Must not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how mounts are - propagated from the host to container and the other way - around. When not set, MountPropagationNone is used. This - field is beta in 1.10. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). - type: string - subPathExpr: - description: Expanded path within the volume from which - the container's volume should be mounted. Behaves similarly - to SubPath but environment variable references $(VAR_NAME) - are expanded using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath are mutually - exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: Volumes allows to specify volumes for the scan container. - items: - description: Volume represents a named volume in a pod that - may be accessed by any container in the pod. - properties: - awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - properties: - fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default is - to mount by volume name. Examples: For volume /dev/sda1, - you specify the partition as "1". Similarly, the volume - partition for /dev/sda is "0" (or you can leave the - property empty).' - format: int32 - type: integer - readOnly: - description: 'readOnly value true will force the readOnly - setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: boolean - volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: string - required: - - volumeID - type: object - azureDisk: - description: azureDisk represents an Azure Data Disk mount - on the host and bind mount to the pod. - properties: - cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' - type: string - diskName: - description: diskName is the Name of the data disk in - the blob storage - type: string - diskURI: - description: diskURI is the URI of data disk in the - blob storage - type: string - fsType: - description: fsType is Filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. - type: string - kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure managed - data disk (only in managed availability set). defaults - to shared' - type: string - readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts. - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. - properties: - readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts. - type: boolean - secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key - type: string - shareName: - description: shareName is the azure share Name - type: string - required: - - secretName - - shareName - type: object - cephfs: - description: cephFS represents a Ceph FS mount on the host - that shares a pod's lifetime - properties: - monitors: - description: 'monitors is Required: Monitors is a collection - of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - items: - type: string - type: array - path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default is /' - type: string - readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: boolean - secretFile: - description: 'secretFile is Optional: SecretFile is - the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - secretRef: - description: 'secretRef is Optional: SecretRef is reference - to the authentication secret for User, default is - empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - type: object - user: - description: 'user is optional: User is the rados user - name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - required: - - monitors - type: object - cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - properties: - fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: boolean - secretRef: - description: 'secretRef is optional: points to a secret - object containing parameters used to connect to OpenStack.' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + cephfs: + description: + cephFS represents a Ceph FS mount on the host + that shares a pod's lifetime + properties: + monitors: + description: + "monitors is Required: Monitors is a collection + of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + items: type: string - type: object - volumeID: - description: 'volumeID used to identify the volume in - cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - required: - - volumeID - type: object - configMap: - description: configMap represents a configMap that should - populate this volume - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used - to set permissions on created files by default. Must - be an octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within the path - are not affected by this setting. This might be in - conflict with other options that affect the file mode, - like fsGroup, and the result can be other mode bits - set.' - format: int32 - type: integer - items: - description: items if unspecified, each key-value pair - in the Data field of the referenced ConfigMap will - be projected into the volume as a file whose name - is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If a - key is specified which is not present in the ConfigMap, - the volume setup will error unless it is marked optional. - Paths must be relative and may not contain the '..' - path or start with '..'. - items: - description: Maps a string key to a path within a - volume. + type: array + path: + description: + "path is Optional: Used as the mounted + root, rather than the full Ceph tree, default is /" + type: string + readOnly: + description: + "readOnly is Optional: Defaults to false + (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + type: boolean + secretFile: + description: + "secretFile is Optional: SecretFile is + the path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + type: string + secretRef: + description: + "secretRef is Optional: SecretRef is reference + to the authentication secret for User, default is + empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: - key: - description: key is the key to project. + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" type: string - mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal values - for mode bits. If not specified, the volume - defaultMode will be used. This might be in conflict - with other options that affect the file mode, - like fsGroup, and the result can be other mode - bits set.' - format: int32 - type: integer - path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. + type: object + user: + description: + "user is optional: User is the rados user + name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + type: string + required: + - monitors + type: object + cinder: + description: + "cinder represents a cinder volume attached + and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + properties: + fsType: + description: + 'fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: + "readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + type: boolean + secretRef: + description: + "secretRef is optional: points to a secret + object containing parameters used to connect to OpenStack." + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" type: string - required: - - key - - path type: object - type: array - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap - or its keys must be defined - type: boolean - type: object - csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). - properties: - driver: - description: driver is the name of the CSI driver that - handles this volume. Consult with your admin for the - correct name as registered in the cluster. - type: string - fsType: - description: fsType to mount. Ex. "ext4", "xfs", "ntfs". - If not provided, the empty value is passed to the - associated CSI driver which will determine the default - filesystem to apply. - type: string - nodePublishSecretRef: - description: nodePublishSecretRef is a reference to - the secret object containing sensitive information - to pass to the CSI driver to complete the CSI NodePublishVolume - and NodeUnpublishVolume calls. This field is optional, - and may be empty if no secret is required. If the - secret object contains more than one secret, all secret - references are passed. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - type: object - readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). - type: boolean - volumeAttributes: - additionalProperties: + volumeID: + description: + "volumeID used to identify the volume in + cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. Consult - your driver's documentation for supported values. - type: object - required: - - driver - type: object - downwardAPI: - description: downwardAPI represents downward API about the - pod that should populate this volume - properties: - defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits used - to set permissions on created files by default. Must - be an octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within the path - are not affected by this setting. This might be in - conflict with other options that affect the file mode, - like fsGroup, and the result can be other mode bits - set.' - format: int32 - type: integer - items: - description: Items is a list of downward API volume - file + required: + - volumeID + type: object + configMap: + description: + configMap represents a configMap that should + populate this volume + properties: + defaultMode: + description: + "defaultMode is optional: mode bits used + to set permissions on created files by default. Must + be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within the path + are not affected by this setting. This might be in + conflict with other options that affect the file mode, + like fsGroup, and the result can be other mode bits + set." + format: int32 + type: integer items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field + description: + items if unspecified, each key-value pair + in the Data field of the referenced ConfigMap will + be projected into the volume as a file whose name + is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. If a + key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. + Paths must be relative and may not contain the '..' + path or start with '..'. + items: + description: + Maps a string key to a path within a + volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode bits used + to set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal values + for mode bits. If not specified, the volume + defaultMode will be used. This might be in conflict + with other options that affect the file mode, + like fsGroup, and the result can be other mode + bits set." + format: int32 + type: integer + path: + description: + path is the relative path of the + file to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?" + type: string + optional: + description: + optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + csi: + description: + csi (Container Storage Interface) represents + ephemeral storage that is handled by certain external + CSI drivers (Beta feature). + properties: + driver: + description: + driver is the name of the CSI driver that + handles this volume. Consult with your admin for the + correct name as registered in the cluster. + type: string + fsType: + description: + fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the + associated CSI driver which will determine the default + filesystem to apply. + type: string + nodePublishSecretRef: + description: + nodePublishSecretRef is a reference to + the secret object containing sensitive information + to pass to the CSI driver to complete the CSI NodePublishVolume + and NodeUnpublishVolume calls. This field is optional, + and may be empty if no secret is required. If the + secret object contains more than one secret, all secret + references are passed. properties: - fieldRef: - description: 'Required: Selects a field of the - pod: only annotations, labels, name and namespace - are supported.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: mode bits used to set - permissions on this file, must be an octal value - between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict with - other options that affect the file mode, like - fsGroup, and the result can be other mode bits - set.' - format: int32 - type: integer - path: - description: 'Required: Path is the relative - path name of the file to be created. Must not - be absolute or contain the ''..'' path. Must - be utf-8 encoded. The first item of the relative - path must not start with ''..''' + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" type: string - resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' - properties: - containerName: - description: 'Container name: required for - volumes, optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - required: - - path type: object - type: array - type: object - emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - properties: - medium: - description: 'medium represents what type of storage - medium should back this directory. The default is - "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The size - limit is also applicable for memory medium. The maximum - usage on memory medium EmptyDir would be the minimum - value between the SizeLimit specified here and the - sum of memory limits of all containers in a pod. The - default is nil which means that the limit is undefined. - More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - description: "ephemeral represents a volume that is handled - by a cluster storage driver. The volume's lifecycle is - tied to the pod that defines it - it will be created before - the pod starts, and deleted when the pod is removed. \n - Use this if: a) the volume is only needed while the pod - runs, b) features of normal volumes like restoring from - snapshot or capacity tracking are needed, c) the storage - driver is specified through a storage class, and d) the - storage driver supports dynamic volume provisioning through - \ a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that persist - for longer than the lifecycle of an individual pod. \n - Use CSI for light-weight local ephemeral volumes if the - CSI driver is meant to be used that way - see the documentation - of the driver for more information. \n A pod can use both - types of ephemeral volumes and persistent volumes at the - same time." - properties: - volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC - to provision the volume. The pod in which this EphemeralVolumeSource - is embedded will be the owner of the PVC, i.e. the - PVC will be deleted together with the pod. The name - of the PVC will be `-` where - `` is the name from the `PodSpec.Volumes` - array entry. Pod validation will reject the pod if - the concatenated name is not valid for a PVC (for - example, too long). \n An existing PVC with that name - that is not owned by the pod will *not* be used for - the pod to avoid using an unrelated volume by mistake. - Starting the pod is then blocked until the unrelated - PVC is removed. If such a pre-created PVC is meant - to be used by the pod, the PVC has to updated with - an owner reference to the pod once the pod exists. - Normally this should not be necessary, but it may - be useful when manually reconstructing a broken cluster. - \n This field is read-only and no changes will be - made by Kubernetes to the PVC after it has been created. - \n Required, must not be nil." - properties: - metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be rejected - during validation. - type: object - spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into the - PVC that gets created from this template. The - same fields as in a PersistentVolumeClaim are - also valid here. + readOnly: + description: + readOnly specifies a read-only configuration + for the volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: + volumeAttributes stores driver-specific + properties that are passed to the CSI driver. Consult + your driver's documentation for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: + downwardAPI represents downward API about the + pod that should populate this volume + properties: + defaultMode: + description: + "Optional: mode bits to use on created + files by default. Must be a Optional: mode bits used + to set permissions on created files by default. Must + be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within the path + are not affected by this setting. This might be in + conflict with other options that affect the file mode, + like fsGroup, and the result can be other mode bits + set." + format: int32 + type: integer + items: + description: + Items is a list of downward API volume + file + items: + description: + DownwardAPIVolumeFile represents information + to create the file containing the pod field properties: - accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' - items: - type: string - type: array - dataSource: - description: 'dataSource field can be used to - specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, it - will create a new volume based on the contents - of the specified data source. If the AnyVolumeDataSource - feature gate is enabled, this field will always - have the same contents as the DataSourceRef - field.' + fieldRef: + description: + "Required: Selects a field of the + pod: only annotations, labels, name and namespace + are supported." properties: - apiGroup: - description: APIGroup is the group for the - resource being referenced. If APIGroup - is not specified, the specified Kind must - be in the core API group. For any other - third-party types, APIGroup is required. + apiVersion: + description: + Version of the schema the FieldPath + is written in terms of, defaults to "v1". type: string - kind: - description: Kind is the type of resource - being referenced - type: string - name: - description: Name is the name of resource - being referenced + fieldPath: + description: + Path of the field to select in + the specified API version. type: string required: - - kind - - name + - fieldPath type: object - dataSourceRef: - description: 'dataSourceRef specifies the object - from which to populate the volume with data, - if a non-empty volume is desired. This may - be any local object from a non-empty API group - (non core object) or a PersistentVolumeClaim - object. When this field is specified, volume - binding will only succeed if the type of the - specified object matches some installed volume - populator or dynamic provisioner. This field - will replace the functionality of the DataSource - field and as such if both fields are non-empty, - they must have the same value. For backwards - compatibility, both fields (DataSource and - DataSourceRef) will be set to the same value - automatically if one of them is empty and - the other is non-empty. There are two important - differences between DataSource and DataSourceRef: - * While DataSource only allows two specific - types of objects, DataSourceRef allows any - non-core object, as well as PersistentVolumeClaim - objects. * While DataSource ignores disallowed - values (dropping them), DataSourceRef preserves - all values, and generates an error if a disallowed - value is specified. (Beta) Using this field - requires the AnyVolumeDataSource feature gate - to be enabled.' + mode: + description: + "Optional: mode bits used to set + permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode + bits. If not specified, the volume defaultMode + will be used. This might be in conflict with + other options that affect the file mode, like + fsGroup, and the result can be other mode bits + set." + format: int32 + type: integer + path: + description: + "Required: Path is the relative + path name of the file to be created. Must not + be absolute or contain the '..' path. Must + be utf-8 encoded. The first item of the relative + path must not start with '..'" + type: string + resourceFieldRef: + description: + "Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported." properties: - apiGroup: - description: APIGroup is the group for the - resource being referenced. If APIGroup - is not specified, the specified Kind must - be in the core API group. For any other - third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource - being referenced - type: string - name: - description: Name is the name of resource - being referenced + containerName: + description: + "Container name: required for + volumes, optional for env vars" type: string - required: - - kind - - name - type: object - resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to specify - resource requirements that are lower than - previous value but must still be higher than - capacity recorded in the status field of the - claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' - properties: - limits: - additionalProperties: - anyOf: + divisor: + anyOf: - type: integer - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. - If Requests is omitted for a container, - it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - selector: - description: selector is a label query over - volumes to consider for binding. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. - type: object + description: + Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: string + required: + - resource type: object - storageClassName: - description: 'storageClassName is the name of - the StorageClass required by the claim. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' - type: string - volumeMode: - description: volumeMode defines what type of - volume is required by the claim. Value of - Filesystem is implied when not included in - claim spec. - type: string - volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. - type: string + required: + - path type: object - required: - - spec - type: object - type: object - fc: - description: fc represents a Fibre Channel resource that - is attached to a kubelet's host machine and then exposed - to the pod. - properties: - fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. TODO: how do we prevent - errors in the filesystem from compromising the machine' - type: string - lun: - description: 'lun is Optional: FC target lun number' - format: int32 - type: integer - readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' - type: boolean - targetWWNs: - description: 'targetWWNs is Optional: FC target worldwide - names (WWNs)' - items: + type: array + type: object + emptyDir: + description: + "emptyDir represents a temporary directory + that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + properties: + medium: + description: + 'medium represents what type of storage + medium should back this directory. The default is + "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More + info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string - type: array - wwids: - description: 'wwids Optional: FC volume world wide identifiers - (wwids) Either wwids or combination of targetWWNs - and lun must be set, but not both simultaneously.' - items: + sizeLimit: + anyOf: + - type: integer + - type: string + description: + "sizeLimit is the total amount of local + storage required for this EmptyDir volume. The size + limit is also applicable for memory medium. The maximum + usage on memory medium EmptyDir would be the minimum + value between the SizeLimit specified here and the + sum of memory limits of all containers in a pod. The + default is nil which means that the limit is undefined. + More info: http://kubernetes.io/docs/user-guide/volumes#emptydir" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: + "ephemeral represents a volume that is handled + by a cluster storage driver. The volume's lifecycle is + tied to the pod that defines it - it will be created before + the pod starts, and deleted when the pod is removed. \n + Use this if: a) the volume is only needed while the pod + runs, b) features of normal volumes like restoring from + snapshot or capacity tracking are needed, c) the storage + driver is specified through a storage class, and d) the + storage driver supports dynamic volume provisioning through + \ a PersistentVolumeClaim (see EphemeralVolumeSource + for more information on the connection between this + volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim + or one of the vendor-specific APIs for volumes that persist + for longer than the lifecycle of an individual pod. \n + Use CSI for light-weight local ephemeral volumes if the + CSI driver is meant to be used that way - see the documentation + of the driver for more information. \n A pod can use both + types of ephemeral volumes and persistent volumes at the + same time." + properties: + volumeClaimTemplate: + description: + "Will be used to create a stand-alone PVC + to provision the volume. The pod in which this EphemeralVolumeSource + is embedded will be the owner of the PVC, i.e. the + PVC will be deleted together with the pod. The name + of the PVC will be `-` where + `` is the name from the `PodSpec.Volumes` + array entry. Pod validation will reject the pod if + the concatenated name is not valid for a PVC (for + example, too long). \n An existing PVC with that name + that is not owned by the pod will *not* be used for + the pod to avoid using an unrelated volume by mistake. + Starting the pod is then blocked until the unrelated + PVC is removed. If such a pre-created PVC is meant + to be used by the pod, the PVC has to updated with + an owner reference to the pod once the pod exists. + Normally this should not be necessary, but it may + be useful when manually reconstructing a broken cluster. + \n This field is read-only and no changes will be + made by Kubernetes to the PVC after it has been created. + \n Required, must not be nil." + properties: + metadata: + description: + May contain labels and annotations + that will be copied into the PVC when creating + it. No other fields are allowed and will be rejected + during validation. + type: object + spec: + description: + The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into the + PVC that gets created from this template. The + same fields as in a PersistentVolumeClaim are + also valid here. + properties: + accessModes: + description: + "accessModes contains the desired + access modes the volume should have. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + items: + type: string + type: array + dataSource: + description: + "dataSource field can be used to + specify either: * An existing VolumeSnapshot + object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller + can support the specified data source, it + will create a new volume based on the contents + of the specified data source. If the AnyVolumeDataSource + feature gate is enabled, this field will always + have the same contents as the DataSourceRef + field." + properties: + apiGroup: + description: + APIGroup is the group for the + resource being referenced. If APIGroup + is not specified, the specified Kind must + be in the core API group. For any other + third-party types, APIGroup is required. + type: string + kind: + description: + Kind is the type of resource + being referenced + type: string + name: + description: + Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + dataSourceRef: + description: + "dataSourceRef specifies the object + from which to populate the volume with data, + if a non-empty volume is desired. This may + be any local object from a non-empty API group + (non core object) or a PersistentVolumeClaim + object. When this field is specified, volume + binding will only succeed if the type of the + specified object matches some installed volume + populator or dynamic provisioner. This field + will replace the functionality of the DataSource + field and as such if both fields are non-empty, + they must have the same value. For backwards + compatibility, both fields (DataSource and + DataSourceRef) will be set to the same value + automatically if one of them is empty and + the other is non-empty. There are two important + differences between DataSource and DataSourceRef: + * While DataSource only allows two specific + types of objects, DataSourceRef allows any + non-core object, as well as PersistentVolumeClaim + objects. * While DataSource ignores disallowed + values (dropping them), DataSourceRef preserves + all values, and generates an error if a disallowed + value is specified. (Beta) Using this field + requires the AnyVolumeDataSource feature gate + to be enabled." + properties: + apiGroup: + description: + APIGroup is the group for the + resource being referenced. If APIGroup + is not specified, the specified Kind must + be in the core API group. For any other + third-party types, APIGroup is required. + type: string + kind: + description: + Kind is the type of resource + being referenced + type: string + name: + description: + Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + resources: + description: + "resources represents the minimum + resources the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify + resource requirements that are lower than + previous value but must still be higher than + capacity recorded in the status field of the + claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: + "Limits describes the maximum + amount of compute resources allowed. More + info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: + "Requests describes the minimum + amount of compute resources required. + If Requests is omitted for a container, + it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: object + type: object + selector: + description: + selector is a label query over + volumes to consider for binding. + properties: + matchExpressions: + description: + matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: + A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: + key is the label key + that the selector applies to. + type: string + operator: + description: + operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: + values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: + matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + storageClassName: + description: + "storageClassName is the name of + the StorageClass required by the claim. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + type: string + volumeMode: + description: + volumeMode defines what type of + volume is required by the claim. Value of + Filesystem is implied when not included in + claim spec. + type: string + volumeName: + description: + volumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: + fc represents a Fibre Channel resource that + is attached to a kubelet's host machine and then exposed + to the pod. + properties: + fsType: + description: + 'fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. TODO: how do we prevent + errors in the filesystem from compromising the machine' type: string - type: array - type: object - flexVolume: - description: flexVolume represents a generic volume resource - that is provisioned/attached using an exec based plugin. - properties: - driver: - description: driver is the name of the driver to use - for this volume. - type: string - fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". The default filesystem - depends on FlexVolume script. - type: string - options: - additionalProperties: + lun: + description: "lun is Optional: FC target lun number" + format: int32 + type: integer + readOnly: + description: + "readOnly is Optional: Defaults to false + (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts." + type: boolean + targetWWNs: + description: + "targetWWNs is Optional: FC target worldwide + names (WWNs)" + items: + type: string + type: array + wwids: + description: + "wwids Optional: FC volume world wide identifiers + (wwids) Either wwids or combination of targetWWNs + and lun must be set, but not both simultaneously." + items: + type: string + type: array + type: object + flexVolume: + description: + flexVolume represents a generic volume resource + that is provisioned/attached using an exec based plugin. + properties: + driver: + description: + driver is the name of the driver to use + for this volume. type: string - description: 'options is Optional: this field holds - extra command options if any.' - type: object - readOnly: - description: 'readOnly is Optional: defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' - type: boolean - secretRef: - description: 'secretRef is Optional: secretRef is reference - to the secret object containing sensitive information - to pass to the plugin scripts. This may be empty if - no secret object is specified. If the secret object - contains more than one secret, all secrets are passed - to the plugin scripts.' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + fsType: + description: + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". The default filesystem + depends on FlexVolume script. + type: string + options: + additionalProperties: type: string - type: object - required: - - driver - type: object - flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running - properties: - datasetName: - description: datasetName is Name of the dataset stored - as metadata -> name on the dataset for Flocker should - be considered as deprecated - type: string - datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset - type: string - type: object - gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk resource - that is attached to a kubelet''s host machine and then - exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - properties: - fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default is - to mount by volume name. Examples: For volume /dev/sda1, - you specify the partition as "1". Similarly, the volume - partition for /dev/sda is "0" (or you can leave the - property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - format: int32 - type: integer - pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More info: - https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: string - readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More info: - https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: boolean - required: - - pdName - type: object - gitRepo: - description: 'gitRepo represents a git repository at a particular - revision. DEPRECATED: GitRepo is deprecated. To provision - a container with a git repo, mount an EmptyDir into an - InitContainer that clones the repo using git, then mount - the EmptyDir into the Pod''s container.' - properties: - directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is supplied, - the volume directory will be the git repository. Otherwise, - if specified, the volume will contain the git repository - in the subdirectory with the given name. - type: string - repository: - description: repository is the URL - type: string - revision: - description: revision is the commit hash for the specified - revision. - type: string - required: - - repository - type: object - glusterfs: - description: 'glusterfs represents a Glusterfs mount on - the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' - properties: - endpoints: - description: 'endpoints is the endpoint name that details - Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - path: - description: 'path is the Glusterfs volume path. More - info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. Defaults - to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: boolean - required: - - endpoints - - path - type: object - hostPath: - description: 'hostPath represents a pre-existing file or - directory on the host machine that is directly exposed - to the container. This is generally used for system agents - or other privileged things that are allowed to see the - host machine. Most containers will NOT need this. More - info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host - directory mounts and who can/can not mount host directories - as read/write.' - properties: - path: - description: 'path of the directory on the host. If - the path is a symlink, it will follow the link to - the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - type: - description: 'type for HostPath Volume Defaults to "" - More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - required: - - path - type: object - iscsi: - description: 'iscsi represents an ISCSI Disk resource that - is attached to a kubelet''s host machine and then exposed - to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' - properties: - chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication - type: boolean - chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication - type: boolean - fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. - type: string - iqn: - description: iqn is the target iSCSI Qualified Name. - type: string - iscsiInterface: - description: iscsiInterface is the interface Name that - uses an iSCSI transport. Defaults to 'default' (tcp). - type: string - lun: - description: lun represents iSCSI Target Lun number. - format: int32 - type: integer - portals: - description: portals is the iSCSI Target Portal List. - The portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports 860 - and 3260). - items: + description: + "options is Optional: this field holds + extra command options if any." + type: object + readOnly: + description: + "readOnly is Optional: defaults to false + (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts." + type: boolean + secretRef: + description: + "secretRef is Optional: secretRef is reference + to the secret object containing sensitive information + to pass to the plugin scripts. This may be empty if + no secret object is specified. If the secret object + contains more than one secret, all secrets are passed + to the plugin scripts." + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + type: object + required: + - driver + type: object + flocker: + description: + flocker represents a Flocker volume attached + to a kubelet's host machine. This depends on the Flocker + control service being running + properties: + datasetName: + description: + datasetName is Name of the dataset stored + as metadata -> name on the dataset for Flocker should + be considered as deprecated type: string - type: array - readOnly: - description: readOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. - type: boolean - secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + datasetUUID: + description: + datasetUUID is the UUID of the dataset. + This is unique identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: + "gcePersistentDisk represents a GCE Disk resource + that is attached to a kubelet's host machine and then + exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + properties: + fsType: + description: + 'fsType is filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: + 'partition is the partition in the volume + that you want to mount. If omitted, the default is + to mount by volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, the volume + partition for /dev/sda is "0" (or you can leave the + property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: + "pdName is unique name of the PD resource + in GCE. Used to identify the disk in GCE. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + type: string + readOnly: + description: + "readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + type: boolean + required: + - pdName + type: object + gitRepo: + description: + "gitRepo represents a git repository at a particular + revision. DEPRECATED: GitRepo is deprecated. To provision + a container with a git repo, mount an EmptyDir into an + InitContainer that clones the repo using git, then mount + the EmptyDir into the Pod's container." + properties: + directory: + description: + directory is the target directory name. + Must not contain or start with '..'. If '.' is supplied, + the volume directory will be the git repository. Otherwise, + if specified, the volume will contain the git repository + in the subdirectory with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: + revision is the commit hash for the specified + revision. + type: string + required: + - repository + type: object + glusterfs: + description: + "glusterfs represents a Glusterfs mount on + the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + properties: + endpoints: + description: + "endpoints is the endpoint name that details + Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + type: string + path: + description: + "path is the Glusterfs volume path. More + info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + type: string + readOnly: + description: + "readOnly here will force the Glusterfs + volume to be mounted with read-only permissions. Defaults + to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: + "hostPath represents a pre-existing file or + directory on the host machine that is directly exposed + to the container. This is generally used for system agents + or other privileged things that are allowed to see the + host machine. Most containers will NOT need this. More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use host + directory mounts and who can/can not mount host directories + as read/write." + properties: + path: + description: + "path of the directory on the host. If + the path is a symlink, it will follow the link to + the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + type: string + type: + description: + 'type for HostPath Volume Defaults to "" + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: + "iscsi represents an ISCSI Disk resource that + is attached to a kubelet's host machine and then exposed + to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" + properties: + chapAuthDiscovery: + description: + chapAuthDiscovery defines whether support + iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: + chapAuthSession defines whether support + iSCSI Session CHAP authentication + type: boolean + fsType: + description: + 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + initiatorName: + description: + initiatorName is the custom iSCSI Initiator + Name. If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified Name. + type: string + iscsiInterface: + description: + iscsiInterface is the interface Name that + uses an iSCSI transport. Defaults to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: + portals is the iSCSI Target Portal List. + The portal is either an IP or ip_addr:port if the + port is other than default (typically TCP ports 860 + and 3260). + items: type: string - type: object - targetPortal: - description: targetPortal is iSCSI Target Portal. The - Portal is either an IP or ip_addr:port if the port - is other than default (typically TCP ports 860 and - 3260). - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - description: 'name of the volume. Must be a DNS_LABEL and - unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - nfs: - description: 'nfs represents an NFS mount on the host that - shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - properties: - path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: boolean - server: - description: 'server is the hostname or IP address of - the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - properties: - claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - type: string - readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine - properties: - fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. - type: string - pdID: - description: pdID is the ID that identifies Photon Controller - persistent disk - type: string - required: - - pdID - type: object - portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine - properties: - fsType: - description: fSType represents the filesystem type to - mount Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs". Implicitly inferred - to be "ext4" if unspecified. - type: string - readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts. - type: boolean - volumeID: - description: volumeID uniquely identifies a Portworx - volume - type: string - required: - - volumeID - type: object - projected: - description: projected items for all in one resources secrets, - configmaps, and downward API - properties: - defaultMode: - description: defaultMode are the mode bits used to set - permissions on created files by default. Must be an - octal value between 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode bits. - Directories within the path are not affected by this - setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set. - format: int32 - type: integer - sources: - description: sources is the list of volume projections - items: - description: Projection that may be projected along - with other supported volume types + type: array + readOnly: + description: + readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: + secretRef is the CHAP Secret for iSCSI + target and initiator authentication properties: - configMap: - description: configMap information about the configMap - data to project - properties: - items: - description: items if unspecified, each key-value - pair in the Data field of the referenced - ConfigMap will be projected into the volume - as a file whose name is the key and content - is the value. If specified, the listed keys - will be projected into the specified paths, - and unlisted keys will not be present. If - a key is specified which is not present - in the ConfigMap, the volume setup will - error unless it is marked optional. Paths - must be relative and may not contain the - '..' path or start with '..'. + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + type: object + targetPortal: + description: + targetPortal is iSCSI Target Portal. The + Portal is either an IP or ip_addr:port if the port + is other than default (typically TCP ports 860 and + 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: + "name of the volume. Must be a DNS_LABEL and + unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: string + nfs: + description: + "nfs represents an NFS mount on the host that + shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + properties: + path: + description: + "path that is exported by the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + type: string + readOnly: + description: + "readOnly here will force the NFS export + to be mounted with read-only permissions. Defaults + to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + type: boolean + server: + description: + "server is the hostname or IP address of + the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: + "persistentVolumeClaimVolumeSource represents + a reference to a PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + properties: + claimName: + description: + "claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + type: string + readOnly: + description: + readOnly Will force the ReadOnly setting + in VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: + photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host + machine + properties: + fsType: + description: + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + pdID: + description: + pdID is the ID that identifies Photon Controller + persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: + portworxVolume represents a portworx volume + attached and mounted on kubelets host machine + properties: + fsType: + description: + fSType represents the filesystem type to + mount Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + readOnly: + description: + readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: + volumeID uniquely identifies a Portworx + volume + type: string + required: + - volumeID + type: object + projected: + description: + projected items for all in one resources secrets, + configmaps, and downward API + properties: + defaultMode: + description: + defaultMode are the mode bits used to set + permissions on created files by default. Must be an + octal value between 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode bits. + Directories within the path are not affected by this + setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: + Projection that may be projected along + with other supported volume types + properties: + configMap: + description: + configMap information about the configMap + data to project + properties: items: - description: Maps a string key to a path - within a volume. - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode - bits used to set permissions on this - file. Must be an octal value between - 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. If not - specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the - file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path - of the file to map the key to. May - not be an absolute path. May not contain - the path element '..'. May not start - with the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - optional: - description: optional specify whether the - ConfigMap or its keys must be defined - type: boolean - type: object - downwardAPI: - description: downwardAPI information about the - downwardAPI data to project - properties: - items: - description: Items is a list of DownwardAPIVolume - file + description: + items if unspecified, each key-value + pair in the Data field of the referenced + ConfigMap will be projected into the volume + as a file whose name is the key and content + is the value. If specified, the listed keys + will be projected into the specified paths, + and unlisted keys will not be present. If + a key is specified which is not present + in the ConfigMap, the volume setup will + error unless it is marked optional. Paths + must be relative and may not contain the + '..' path or start with '..'. + items: + description: + Maps a string key to a path + within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode + bits used to set permissions on this + file. Must be an octal value between + 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal + and decimal values, JSON requires + decimal values for mode bits. If not + specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the + file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + path: + description: + path is the relative path + of the file to map the key to. May + not be an absolute path. May not contain + the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + optional: + description: + optional specify whether the + ConfigMap or its keys must be defined + type: boolean + type: object + downwardAPI: + description: + downwardAPI information about the + downwardAPI data to project + properties: items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field - properties: - fieldRef: - description: 'Required: Selects a field - of the pod: only annotations, labels, - name and namespace are supported.' - properties: - apiVersion: - description: Version of the schema - the FieldPath is written in terms - of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to - select in the specified API version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: mode bits used - to set permissions on this file, must - be an octal value between 0000 and - 0777 or a decimal value between 0 - and 511. YAML accepts both octal and - decimal values, JSON requires decimal - values for mode bits. If not specified, - the volume defaultMode will be used. - This might be in conflict with other - options that affect the file mode, - like fsGroup, and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: 'Required: Path is the - relative path name of the file to - be created. Must not be absolute or - contain the ''..'' path. Must be utf-8 - encoded. The first item of the relative - path must not start with ''..''' - type: string - resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) - are currently supported.' - properties: - containerName: - description: 'Container name: required - for volumes, optional for env - vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - description: secret information about the secret - data to project - properties: - items: - description: items if unspecified, each key-value - pair in the Data field of the referenced - Secret will be projected into the volume - as a file whose name is the key and content - is the value. If specified, the listed keys - will be projected into the specified paths, - and unlisted keys will not be present. If - a key is specified which is not present - in the Secret, the volume setup will error - unless it is marked optional. Paths must - be relative and may not contain the '..' - path or start with '..'. + description: + Items is a list of DownwardAPIVolume + file + items: + description: + DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: + "Required: Selects a field + of the pod: only annotations, labels, + name and namespace are supported." + properties: + apiVersion: + description: + Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: + Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: + "Optional: mode bits used + to set permissions on this file, must + be an octal value between 0000 and + 0777 or a decimal value between 0 + and 511. YAML accepts both octal and + decimal values, JSON requires decimal + values for mode bits. If not specified, + the volume defaultMode will be used. + This might be in conflict with other + options that affect the file mode, + like fsGroup, and the result can be + other mode bits set." + format: int32 + type: integer + path: + description: + "Required: Path is the + relative path name of the file to + be created. Must not be absolute or + contain the '..' path. Must be utf-8 + encoded. The first item of the relative + path must not start with '..'" + type: string + resourceFieldRef: + description: + "Selects a resource of + the container: only resources limits + and requests (limits.cpu, limits.memory, + requests.cpu and requests.memory) + are currently supported." + properties: + containerName: + description: + "Container name: required + for volumes, optional for env + vars" + type: string + divisor: + anyOf: + - type: integer + - type: string + description: + Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: + "Required: resource + to select" + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + description: + secret information about the secret + data to project + properties: items: - description: Maps a string key to a path - within a volume. - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode - bits used to set permissions on this - file. Must be an octal value between - 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. If not - specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the - file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path - of the file to map the key to. May - not be an absolute path. May not contain - the path element '..'. May not start - with the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - optional: - description: optional field specify whether - the Secret or its key must be defined - type: boolean - type: object - serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project - properties: - audience: - description: audience is the intended audience - of the token. A recipient of a token must - identify itself with an identifier specified - in the audience of the token, and otherwise - should reject the token. The audience defaults - to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested - duration of validity of the service account - token. As the token approaches expiration, - the kubelet volume plugin will proactively - rotate the service account token. The kubelet - will start trying to rotate the token if - the token is older than 80 percent of its - time to live or if the token is older than - 24 hours.Defaults to 1 hour and must be - at least 10 minutes. - format: int64 - type: integer - path: - description: path is the path relative to - the mount point of the file to project the - token into. - type: string - required: - - path - type: object - type: object - type: array - type: object - quobyte: - description: quobyte represents a Quobyte mount on the host - that shares a pod's lifetime - properties: - group: - description: group to map volume access to Default is - no group - type: string - readOnly: - description: readOnly here will force the Quobyte volume - to be mounted with read-only permissions. Defaults - to false. - type: boolean - registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string as - host:port pair (multiple entries are separated with - commas) which acts as the central registry for volumes - type: string - tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned Quobyte - volumes, value is set by the plugin - type: string - user: - description: user to map volume access to Defaults to - serivceaccount user - type: string - volume: - description: volume is a string that references an already - created Quobyte volume by name. - type: string - required: - - registry - - volume - type: object - rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' - properties: - fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem from - compromising the machine' - type: string - image: - description: 'image is the rados image name. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - keyring: - description: 'keyring is the path to key ring for RBDUser. - Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - items: + description: + items if unspecified, each key-value + pair in the Data field of the referenced + Secret will be projected into the volume + as a file whose name is the key and content + is the value. If specified, the listed keys + will be projected into the specified paths, + and unlisted keys will not be present. If + a key is specified which is not present + in the Secret, the volume setup will error + unless it is marked optional. Paths must + be relative and may not contain the '..' + path or start with '..'. + items: + description: + Maps a string key to a path + within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode + bits used to set permissions on this + file. Must be an octal value between + 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal + and decimal values, JSON requires + decimal values for mode bits. If not + specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the + file mode, like fsGroup, and the result + can be other mode bits set." + format: int32 + type: integer + path: + description: + path is the relative path + of the file to map the key to. May + not be an absolute path. May not contain + the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: + "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?" + type: string + optional: + description: + optional field specify whether + the Secret or its key must be defined + type: boolean + type: object + serviceAccountToken: + description: + serviceAccountToken is information + about the serviceAccountToken data to project + properties: + audience: + description: + audience is the intended audience + of the token. A recipient of a token must + identify itself with an identifier specified + in the audience of the token, and otherwise + should reject the token. The audience defaults + to the identifier of the apiserver. + type: string + expirationSeconds: + description: + expirationSeconds is the requested + duration of validity of the service account + token. As the token approaches expiration, + the kubelet volume plugin will proactively + rotate the service account token. The kubelet + will start trying to rotate the token if + the token is older than 80 percent of its + time to live or if the token is older than + 24 hours.Defaults to 1 hour and must be + at least 10 minutes. + format: int64 + type: integer + path: + description: + path is the path relative to + the mount point of the file to project the + token into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: + quobyte represents a Quobyte mount on the host + that shares a pod's lifetime + properties: + group: + description: + group to map volume access to Default is + no group type: string - type: array - pool: - description: 'pool is the rados pool name. Default is - rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: boolean - secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - type: object - user: - description: 'user is the rados user name. Default is - admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - required: - - image - - monitors - type: object - scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. - properties: - fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". - type: string - gateway: - description: gateway is the host address of the ScaleIO - API Gateway. - type: string - protectionDomain: - description: protectionDomain is the name of the ScaleIO - Protection Domain for the configured storage. - type: string - readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: secretRef references to the secret for - ScaleIO user and other sensitive information. If this - is not provided, Login operation will fail. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + readOnly: + description: + readOnly here will force the Quobyte volume + to be mounted with read-only permissions. Defaults + to false. + type: boolean + registry: + description: + registry represents a single or multiple + Quobyte Registry services specified as a string as + host:port pair (multiple entries are separated with + commas) which acts as the central registry for volumes + type: string + tenant: + description: + tenant owning the given Quobyte volume + in the Backend Used with dynamically provisioned Quobyte + volumes, value is set by the plugin + type: string + user: + description: + user to map volume access to Defaults to + serivceaccount user + type: string + volume: + description: + volume is a string that references an already + created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: + "rbd represents a Rados Block Device mount + on the host that shares a pod's lifetime. More info: + https://examples.k8s.io/volumes/rbd/README.md" + properties: + fsType: + description: + 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + image: + description: + "image is the rados image name. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + keyring: + description: + "keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + monitors: + description: + "monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + items: type: string - type: object - sslEnabled: - description: sslEnabled Flag enable/disable SSL communication - with Gateway, default false - type: boolean - storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. - type: string - storagePool: - description: storagePool is the ScaleIO Storage Pool - associated with the protection domain. - type: string - system: - description: system is the name of the storage system - as configured in ScaleIO. - type: string - volumeName: - description: volumeName is the name of a volume already - created in the ScaleIO system that is associated with - this volume source. - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - description: 'secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used - to set permissions on created files by default. Must - be an octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within the path - are not affected by this setting. This might be in - conflict with other options that affect the file mode, - like fsGroup, and the result can be other mode bits - set.' - format: int32 - type: integer - items: - description: items If unspecified, each key-value pair - in the Data field of the referenced Secret will be - projected into the volume as a file whose name is - the key and content is the value. If specified, the - listed keys will be projected into the specified paths, - and unlisted keys will not be present. If a key is - specified which is not present in the Secret, the - volume setup will error unless it is marked optional. - Paths must be relative and may not contain the '..' - path or start with '..'. - items: - description: Maps a string key to a path within a - volume. + type: array + pool: + description: + "pool is the rados pool name. Default is + rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + readOnly: + description: + "readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: boolean + secretRef: + description: + "secretRef is name of the authentication + secret for RBDUser. If provided overrides keyring. + Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: - key: - description: key is the key to project. + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" type: string - mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal values - for mode bits. If not specified, the volume - defaultMode will be used. This might be in conflict - with other options that affect the file mode, - like fsGroup, and the result can be other mode - bits set.' - format: int32 - type: integer - path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. + type: object + user: + description: + "user is the rados user name. Default is + admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: string + required: + - image + - monitors + type: object + scaleIO: + description: + scaleIO represents a ScaleIO persistent volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: + gateway is the host address of the ScaleIO + API Gateway. + type: string + protectionDomain: + description: + protectionDomain is the name of the ScaleIO + Protection Domain for the configured storage. + type: string + readOnly: + description: + readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: + secretRef references to the secret for + ScaleIO user and other sensitive information. If this + is not provided, Login operation will fail. + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" type: string - required: - - key - - path type: object - type: array - optional: - description: optional field specify whether the Secret - or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in - the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - type: object - storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. - properties: - fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. - type: string - readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: secretRef specifies the secret to use for - obtaining the StorageOS API credentials. If not specified, - default values will be attempted. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - type: object - volumeName: - description: volumeName is the human-readable name of - the StorageOS volume. Volume names are only unique - within a namespace. - type: string - volumeNamespace: - description: volumeNamespace specifies the scope of - the volume within StorageOS. If no namespace is specified - then the Pod's namespace will be used. This allows - the Kubernetes name scoping to be mirrored within - StorageOS for tighter integration. Set VolumeName - to any name to override the default behaviour. Set - to "default" if you are not using namespaces within - StorageOS. Namespaces that do not pre-exist within - StorageOS will be created. - type: string - type: object - vsphereVolume: - description: vsphereVolume represents a vSphere volume attached - and mounted on kubelets host machine - properties: - fsType: - description: fsType is filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. - type: string - storagePolicyID: - description: storagePolicyID is the storage Policy Based - Management (SPBM) profile ID associated with the StoragePolicyName. - type: string - storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. - type: string - volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk - type: string - required: - - volumePath - type: object - required: - - name + sslEnabled: + description: + sslEnabled Flag enable/disable SSL communication + with Gateway, default false + type: boolean + storageMode: + description: + storageMode indicates whether the storage + for a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: + storagePool is the ScaleIO Storage Pool + associated with the protection domain. + type: string + system: + description: + system is the name of the storage system + as configured in ScaleIO. + type: string + volumeName: + description: + volumeName is the name of a volume already + created in the ScaleIO system that is associated with + this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: + "secret represents a secret that should populate + this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + properties: + defaultMode: + description: + "defaultMode is Optional: mode bits used + to set permissions on created files by default. Must + be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within the path + are not affected by this setting. This might be in + conflict with other options that affect the file mode, + like fsGroup, and the result can be other mode bits + set." + format: int32 + type: integer + items: + description: + items If unspecified, each key-value pair + in the Data field of the referenced Secret will be + projected into the volume as a file whose name is + the key and content is the value. If specified, the + listed keys will be projected into the specified paths, + and unlisted keys will not be present. If a key is + specified which is not present in the Secret, the + volume setup will error unless it is marked optional. + Paths must be relative and may not contain the '..' + path or start with '..'. + items: + description: + Maps a string key to a path within a + volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: + "mode is Optional: mode bits used + to set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal values + for mode bits. If not specified, the volume + defaultMode will be used. This might be in conflict + with other options that affect the file mode, + like fsGroup, and the result can be other mode + bits set." + format: int32 + type: integer + path: + description: + path is the relative path of the + file to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: + optional field specify whether the Secret + or its keys must be defined + type: boolean + secretName: + description: + "secretName is the name of the secret in + the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + type: string + type: object + storageos: + description: + storageOS represents a StorageOS volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + readOnly: + description: + readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: + secretRef specifies the secret to use for + obtaining the StorageOS API credentials. If not specified, + default values will be attempted. + properties: + name: + description: + "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?" + type: string + type: object + volumeName: + description: + volumeName is the human-readable name of + the StorageOS volume. Volume names are only unique + within a namespace. + type: string + volumeNamespace: + description: + volumeNamespace specifies the scope of + the volume within StorageOS. If no namespace is specified + then the Pod's namespace will be used. This allows + the Kubernetes name scoping to be mirrored within + StorageOS for tighter integration. Set VolumeName + to any name to override the default behaviour. Set + to "default" if you are not using namespaces within + StorageOS. Namespaces that do not pre-exist within + StorageOS will be created. + type: string + type: object + vsphereVolume: + description: + vsphereVolume represents a vSphere volume attached + and mounted on kubelets host machine + properties: + fsType: + description: + fsType is filesystem type to mount. Must + be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + storagePolicyID: + description: + storagePolicyID is the storage Policy Based + Management (SPBM) profile ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: + storagePolicyName is the storage Policy + Based Management (SPBM) profile name. + type: string + volumePath: + description: + volumePath is the path that identifies + vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + type: object + successfulJobsHistoryLimit: + description: + SuccessfulJobsHistoryLimit determines how many past Scans + will be kept until the oldest one will be deleted, defaults to 3. + When set to 0, Scans will be deleted directly after completion + format: int32 + minimum: 0 + type: integer + required: + - interval + - scanSpec + type: object + status: + description: ScheduledScanStatus defines the observed state of ScheduledScan + properties: + findings: + description: + Findings Contains the findings stats of the most recent + completed scan + properties: + categories: + additionalProperties: + format: int64 + type: integer + description: + FindingCategories indicates the count of finding + broken down by their categories type: object - type: array - type: object - successfulJobsHistoryLimit: - description: SuccessfulJobsHistoryLimit determines how many past Scans - will be kept until the oldest one will be deleted, defaults to 3. - When set to 0, Scans will be deleted directly after completion - format: int32 - minimum: 0 - type: integer - required: - - interval - - scanSpec - type: object - status: - description: ScheduledScanStatus defines the observed state of ScheduledScan - properties: - findings: - description: Findings Contains the findings stats of the most recent - completed scan - properties: - categories: - additionalProperties: + count: + description: + Count indicates how many findings were identified + in total format: int64 type: integer - description: FindingCategories indicates the count of finding - broken down by their categories - type: object - count: - description: Count indicates how many findings were identified - in total - format: int64 - type: integer - severities: - description: FindingSeverities indicates the count of finding - with the respective severity - properties: - high: - format: int64 - type: integer - informational: - format: int64 - type: integer - low: - format: int64 - type: integer - medium: - format: int64 - type: integer - type: object - type: object - lastScheduleTime: - format: date-time - type: string - scanTypeHash: - description: ScanTypeHash contains a hash of the scanType used. Hash - is generated after the ScheduledScan is applied to the cluster and - is currently not guaranteed to be the one used by the scan controller. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + severities: + description: + FindingSeverities indicates the count of finding + with the respective severity + properties: + high: + format: int64 + type: integer + informational: + format: int64 + type: integer + low: + format: int64 + type: integer + medium: + format: int64 + type: integer + type: object + type: object + lastScheduleTime: + format: date-time + type: string + scanTypeHash: + description: + ScanTypeHash contains a hash of the scanType used. Hash + is generated after the ScheduledScan is applied to the cluster and + is currently not guaranteed to be the one used by the scan controller. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} status: acceptedNames: kind: "" diff --git a/operator/internal/telemetry/telemetry.go b/operator/internal/telemetry/telemetry.go index 52b1d0e887..e582a3d31e 100644 --- a/operator/internal/telemetry/telemetry.go +++ b/operator/internal/telemetry/telemetry.go @@ -67,7 +67,7 @@ func Loop(apiClient client.Client, log logr.Logger) { if envVersion, ok := os.LookupEnv("VERSION"); ok { version = envVersion } else { - version = "unkown" + version = "unknown" } ctx := context.Background() diff --git a/operator/templates/rbac/auth_proxy_role.yaml b/operator/templates/rbac/auth_proxy_role.yaml index b6d55774be..a46465e004 100644 --- a/operator/templates/rbac/auth_proxy_role.yaml +++ b/operator/templates/rbac/auth_proxy_role.yaml @@ -7,11 +7,11 @@ kind: ClusterRole metadata: name: proxy-role rules: -- apiGroups: ["authentication.k8s.io"] - resources: - - tokenreviews - verbs: ["create"] -- apiGroups: ["authorization.k8s.io"] - resources: - - subjectaccessreviews - verbs: ["create"] + - apiGroups: ["authentication.k8s.io"] + resources: + - tokenreviews + verbs: ["create"] + - apiGroups: ["authorization.k8s.io"] + resources: + - subjectaccessreviews + verbs: ["create"] diff --git a/operator/templates/rbac/auth_proxy_role_binding.yaml b/operator/templates/rbac/auth_proxy_role_binding.yaml index 1837483c87..4f80d4d18a 100644 --- a/operator/templates/rbac/auth_proxy_role_binding.yaml +++ b/operator/templates/rbac/auth_proxy_role_binding.yaml @@ -11,7 +11,6 @@ roleRef: kind: ClusterRole name: proxy-role subjects: -- kind: ServiceAccount - name: {{ .Values.serviceAccount.name }} - namespace: {{ .Release.Namespace }} - + - kind: ServiceAccount + name: { { .Values.serviceAccount.name } } + namespace: { { .Release.Namespace } } diff --git a/operator/templates/rbac/auth_proxy_service.yaml b/operator/templates/rbac/auth_proxy_service.yaml index 8f5f74a03a..4ff2326d1e 100644 --- a/operator/templates/rbac/auth_proxy_service.yaml +++ b/operator/templates/rbac/auth_proxy_service.yaml @@ -8,11 +8,11 @@ metadata: labels: control-plane: controller-manager name: controller-manager-metrics-service - namespace: {{ .Release.Namespace }} + namespace: { { .Release.Namespace } } spec: ports: - - name: https - port: 8443 - targetPort: https + - name: https + port: 8443 + targetPort: https selector: control-plane: controller-manager diff --git a/operator/templates/rbac/leader_election_role.yaml b/operator/templates/rbac/leader_election_role.yaml index 6efd65a7d3..35ee462bcc 100644 --- a/operator/templates/rbac/leader_election_role.yaml +++ b/operator/templates/rbac/leader_election_role.yaml @@ -8,34 +8,34 @@ kind: Role metadata: name: leader-election-role rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch diff --git a/operator/templates/rbac/leader_election_role_binding.yaml b/operator/templates/rbac/leader_election_role_binding.yaml index cdeb6b116b..2faf8217eb 100644 --- a/operator/templates/rbac/leader_election_role_binding.yaml +++ b/operator/templates/rbac/leader_election_role_binding.yaml @@ -11,6 +11,6 @@ roleRef: kind: Role name: leader-election-role subjects: -- kind: ServiceAccount - name: {{ .Values.serviceAccount.name }} - namespace: {{ .Release.Namespace }} + - kind: ServiceAccount + name: { { .Values.serviceAccount.name } } + namespace: { { .Release.Namespace } } diff --git a/operator/templates/rbac/parsedefinition_editor_role.yaml b/operator/templates/rbac/parsedefinition_editor_role.yaml index a6468109ba..e3bbe6ad24 100644 --- a/operator/templates/rbac/parsedefinition_editor_role.yaml +++ b/operator/templates/rbac/parsedefinition_editor_role.yaml @@ -8,21 +8,21 @@ kind: ClusterRole metadata: name: parsedefinition-editor-role rules: -- apiGroups: - - execution.securecodebox.io - resources: - - parsedefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - execution.securecodebox.io - resources: - - parsedefinitions/status - verbs: - - get + - apiGroups: + - execution.securecodebox.io + resources: + - parsedefinitions + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - execution.securecodebox.io + resources: + - parsedefinitions/status + verbs: + - get diff --git a/operator/templates/rbac/parsedefinition_viewer_role.yaml b/operator/templates/rbac/parsedefinition_viewer_role.yaml index ffd2cb7348..4bc72d0428 100644 --- a/operator/templates/rbac/parsedefinition_viewer_role.yaml +++ b/operator/templates/rbac/parsedefinition_viewer_role.yaml @@ -8,17 +8,17 @@ kind: ClusterRole metadata: name: parsedefinition-viewer-role rules: -- apiGroups: - - execution.securecodebox.io - resources: - - parsedefinitions - verbs: - - get - - list - - watch -- apiGroups: - - execution.securecodebox.io - resources: - - parsedefinitions/status - verbs: - - get + - apiGroups: + - execution.securecodebox.io + resources: + - parsedefinitions + verbs: + - get + - list + - watch + - apiGroups: + - execution.securecodebox.io + resources: + - parsedefinitions/status + verbs: + - get diff --git a/operator/templates/rbac/role_binding.yaml b/operator/templates/rbac/role_binding.yaml index 7e3674a3b7..76c830bc3c 100644 --- a/operator/templates/rbac/role_binding.yaml +++ b/operator/templates/rbac/role_binding.yaml @@ -11,6 +11,6 @@ roleRef: kind: ClusterRole name: manager-role subjects: -- kind: ServiceAccount - name: {{ .Values.serviceAccount.name }} - namespace: {{ .Release.Namespace }} + - kind: ServiceAccount + name: { { .Values.serviceAccount.name } } + namespace: { { .Release.Namespace } } diff --git a/operator/templates/rbac/scan_editor_role.yaml b/operator/templates/rbac/scan_editor_role.yaml index f084311de9..a5e1b07573 100644 --- a/operator/templates/rbac/scan_editor_role.yaml +++ b/operator/templates/rbac/scan_editor_role.yaml @@ -8,21 +8,21 @@ kind: ClusterRole metadata: name: scan-editor-role rules: -- apiGroups: - - execution.securecodebox.io - resources: - - scans - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - execution.securecodebox.io - resources: - - scans/status - verbs: - - get + - apiGroups: + - execution.securecodebox.io + resources: + - scans + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - execution.securecodebox.io + resources: + - scans/status + verbs: + - get diff --git a/operator/templates/rbac/scan_viewer_role.yaml b/operator/templates/rbac/scan_viewer_role.yaml index 5d7ef5bed5..9301ae9b61 100644 --- a/operator/templates/rbac/scan_viewer_role.yaml +++ b/operator/templates/rbac/scan_viewer_role.yaml @@ -8,17 +8,17 @@ kind: ClusterRole metadata: name: scan-viewer-role rules: -- apiGroups: - - execution.securecodebox.io - resources: - - scans - verbs: - - get - - list - - watch -- apiGroups: - - execution.securecodebox.io - resources: - - scans/status - verbs: - - get + - apiGroups: + - execution.securecodebox.io + resources: + - scans + verbs: + - get + - list + - watch + - apiGroups: + - execution.securecodebox.io + resources: + - scans/status + verbs: + - get diff --git a/operator/templates/rbac/scantype_editor_role.yaml b/operator/templates/rbac/scantype_editor_role.yaml index 3cc7613a67..53ed4ac2b6 100644 --- a/operator/templates/rbac/scantype_editor_role.yaml +++ b/operator/templates/rbac/scantype_editor_role.yaml @@ -8,21 +8,21 @@ kind: ClusterRole metadata: name: scantype-editor-role rules: -- apiGroups: - - execution.securecodebox.io - resources: - - scantypes - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - execution.securecodebox.io - resources: - - scantypes/status - verbs: - - get + - apiGroups: + - execution.securecodebox.io + resources: + - scantypes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - execution.securecodebox.io + resources: + - scantypes/status + verbs: + - get diff --git a/operator/templates/rbac/scantype_viewer_role.yaml b/operator/templates/rbac/scantype_viewer_role.yaml index 917a64bea7..eac6ba3875 100644 --- a/operator/templates/rbac/scantype_viewer_role.yaml +++ b/operator/templates/rbac/scantype_viewer_role.yaml @@ -8,17 +8,17 @@ kind: ClusterRole metadata: name: scantype-viewer-role rules: -- apiGroups: - - execution.securecodebox.io - resources: - - scantypes - verbs: - - get - - list - - watch -- apiGroups: - - execution.securecodebox.io - resources: - - scantypes/status - verbs: - - get + - apiGroups: + - execution.securecodebox.io + resources: + - scantypes + verbs: + - get + - list + - watch + - apiGroups: + - execution.securecodebox.io + resources: + - scantypes/status + verbs: + - get diff --git a/operator/templates/rbac/scheduledscan_editor_role.yaml b/operator/templates/rbac/scheduledscan_editor_role.yaml index 1f182e57af..2237f02799 100644 --- a/operator/templates/rbac/scheduledscan_editor_role.yaml +++ b/operator/templates/rbac/scheduledscan_editor_role.yaml @@ -8,21 +8,21 @@ kind: ClusterRole metadata: name: scheduledscan-editor-role rules: -- apiGroups: - - execution.securecodebox.io - resources: - - scheduledscans - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - execution.securecodebox.io - resources: - - scheduledscans/status - verbs: - - get + - apiGroups: + - execution.securecodebox.io + resources: + - scheduledscans + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - execution.securecodebox.io + resources: + - scheduledscans/status + verbs: + - get diff --git a/operator/templates/rbac/scheduledscan_viewer_role.yaml b/operator/templates/rbac/scheduledscan_viewer_role.yaml index 3387642230..9772f30875 100644 --- a/operator/templates/rbac/scheduledscan_viewer_role.yaml +++ b/operator/templates/rbac/scheduledscan_viewer_role.yaml @@ -8,17 +8,17 @@ kind: ClusterRole metadata: name: scheduledscan-viewer-role rules: -- apiGroups: - - execution.securecodebox.io - resources: - - scheduledscans - verbs: - - get - - list - - watch -- apiGroups: - - execution.securecodebox.io - resources: - - scheduledscans/status - verbs: - - get + - apiGroups: + - execution.securecodebox.io + resources: + - scheduledscans + verbs: + - get + - list + - watch + - apiGroups: + - execution.securecodebox.io + resources: + - scheduledscans/status + verbs: + - get diff --git a/operator/templates/rbac/serviceaccount.yaml b/operator/templates/rbac/serviceaccount.yaml index 6f3b1202ac..041432ce18 100644 --- a/operator/templates/rbac/serviceaccount.yaml +++ b/operator/templates/rbac/serviceaccount.yaml @@ -5,8 +5,6 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ .Values.serviceAccount.name }} - annotations: - {{ .Values.serviceAccount.annotations | toYaml | indent 4}} - labels: - {{ .Values.serviceAccount.labels | toYaml | indent 4 }} + name: { { .Values.serviceAccount.name } } + annotations: { { .Values.serviceAccount.annotations | toYaml | indent 4 } } + labels: { { .Values.serviceAccount.labels | toYaml | indent 4 } } diff --git a/operator/values.yaml b/operator/values.yaml index bc2fd80e5e..951770411e 100644 --- a/operator/values.yaml +++ b/operator/values.yaml @@ -81,7 +81,7 @@ minio: # Config for external s3 systems s3: - # s3.enabled Enable this and disable minio if you want to directly connect agains AWS S3, Google Cloud Storage, DigitalOcean Spaces etc. + # s3.enabled Enable this and disable minio if you want to directly connect against AWS S3, Google Cloud Storage, DigitalOcean Spaces etc. enabled: false endpoint: "fra1.digitaloceanspaces.com" bucket: "my-bucket" diff --git a/parser-sdk/nodejs/findings-schema.json b/parser-sdk/nodejs/findings-schema.json index 97ead32c9f..ae18db17b4 100644 --- a/parser-sdk/nodejs/findings-schema.json +++ b/parser-sdk/nodejs/findings-schema.json @@ -41,12 +41,7 @@ "severity": { "description": "Indicates the severity of the finding.", "type": "string", - "enum": [ - "INFORMATIONAL", - "LOW", - "MEDIUM", - "HIGH" - ] + "enum": ["INFORMATIONAL", "LOW", "MEDIUM", "HIGH"] }, "attributes": { "description": "Attributes are not standardized. They differ from Scanner to Scanner.", @@ -58,13 +53,7 @@ "nullable": true } }, - "required": [ - "id", - "parsed_at", - "severity", - "category", - "name" - ] + "required": ["id", "parsed_at", "severity", "category", "name"] } } } diff --git a/parser-sdk/nodejs/package.json b/parser-sdk/nodejs/package.json index 883eb2062d..bb95a8ae0a 100644 --- a/parser-sdk/nodejs/package.json +++ b/parser-sdk/nodejs/package.json @@ -16,4 +16,4 @@ "uuid": "^8.3.2", "ws": "^8.7.0" } -} \ No newline at end of file +} diff --git a/scanners/amass/parser/parser.test.js b/scanners/amass/parser/parser.test.js index 8f37f88d6e..3bbf933383 100644 --- a/scanners/amass/parser/parser.test.js +++ b/scanners/amass/parser/parser.test.js @@ -31,7 +31,7 @@ test("example parser parses empty json files to zero findings", async () => { // expect(await parse(0)).toEqual([]); // }); -test("example parser parses single line json successully", async () => { +test("example parser parses single line json successfully", async () => { const fileContent = await readFile( __dirname + "/__testFiles__/example.com.jsonl", { diff --git a/scanners/amass/templates/amass-scan-type.yaml b/scanners/amass/templates/amass-scan-type.yaml index fb05bb96a6..5d070c4c21 100644 --- a/scanners/amass/templates/amass-scan-type.yaml +++ b/scanners/amass/templates/amass-scan-type.yaml @@ -192,7 +192,7 @@ data: #[Spyse] #apikey = - # Provide your Twitter App Consumer API key and Consumer API secrety key + # Provide your Twitter App Consumer API key and Consumer API secretly key #[Twitter] #apikey = #secret = diff --git a/scanners/angularjs-csti-scanner/scanner/acstis-script.py b/scanners/angularjs-csti-scanner/scanner/acstis-script.py index 4d0d5261bb..eac0c9d15b 100644 --- a/scanners/angularjs-csti-scanner/scanner/acstis-script.py +++ b/scanners/angularjs-csti-scanner/scanner/acstis-script.py @@ -23,15 +23,15 @@ # SOFTWARE. import argparse -import colorlog import logging -from nyawc.Options import Options +import colorlog from acstis.Driver import Driver from acstis.helpers.PackageHelper import PackageHelper - -from requests.auth import HTTPBasicAuth from nyawc.http.Request import Request +from nyawc.Options import Options +from requests.auth import HTTPBasicAuth + def main(): """Start the scanner.""" @@ -52,12 +52,12 @@ def main(): options.misc.verify_ssl_certificates = not args.ignore_invalid_certificates options.misc.trusted_certificates = args.trusted_certificates - #INSERT CUSTOM OPTIONS HERE - + # INSERT CUSTOM OPTIONS HERE driver = Driver(args, options) driver.start() + def require_arguments(): """Get the arguments from CLI input. Returns: @@ -66,47 +66,123 @@ def require_arguments(): parser = argparse.ArgumentParser( prog=PackageHelper.get_alias(), - formatter_class=lambda prog: argparse.HelpFormatter(prog, max_help_position=180, width=180) + formatter_class=lambda prog: argparse.HelpFormatter( + prog, max_help_position=180, width=180 + ), ) optional = parser._action_groups.pop() required = parser.add_argument_group("required arguments") - required.add_argument("-d", "--domain", help="the domain to scan (e.g. finnwea.com)", required=True) - - optional.add_argument("-c", "--crawl", help="use the crawler to scan all the entire domain", action="store_true") - optional.add_argument("-vp", "--verify-payload", help="use a javascript engine to verify if the payload was executed (otherwise false positives may occur)", action="store_true") - optional.add_argument("-av", "--angular-version", help="manually pass the angular version (e.g. 1.4.2) if the automatic check doesn't work", type=str, default=None) - optional.add_argument("-vrl", "--vulnerable-requests-log", help="log all vulnerable requests to this file (e.g. /var/logs/acstis.log or urls.log)", type=str, default=None) - optional.add_argument("-siv", "--stop-if-vulnerable", help="(crawler option) stop scanning if a vulnerability was found", action="store_true") - optional.add_argument("-pmm", "--protocol-must-match", help="(crawler option) only scan pages with the same protocol as the startpoint (e.g. only https)", action="store_true") - optional.add_argument("-sos", "--scan-other-subdomains", help="(crawler option) also scan pages that have another subdomain than the startpoint", action="store_true") - optional.add_argument("-soh", "--scan-other-hostnames", help="(crawler option) also scan pages that have another hostname than the startpoint", action="store_true") - optional.add_argument("-sot", "--scan-other-tlds", help="(crawler option) also scan pages that have another tld than the startpoint", action="store_true") - optional.add_argument("-md", "--max-depth", help="(crawler option) the maximum search depth (default is unlimited)", type=int) - optional.add_argument("-mt", "--max-threads", help="(crawler option) the maximum amount of simultaneous threads to use (default is 20)", type=int, default=20) - optional.add_argument("-iic", "--ignore-invalid-certificates", help="(crawler option) ignore invalid ssl certificates", action="store_true") - optional.add_argument("-tc", "--trusted-certificates", help="(crawler option) trust this CA_BUNDLE file (.pem) or directory with certificates", type=str, default=None) + required.add_argument( + "-d", "--domain", help="the domain to scan (e.g. finnwea.com)", required=True + ) + + optional.add_argument( + "-c", + "--crawl", + help="use the crawler to scan all the entire domain", + action="store_true", + ) + optional.add_argument( + "-vp", + "--verify-payload", + help="use a javascript engine to verify if the payload was executed (otherwise false positives may occur)", + action="store_true", + ) + optional.add_argument( + "-av", + "--angular-version", + help="manually pass the angular version (e.g. 1.4.2) if the automatic check doesn't work", + type=str, + default=None, + ) + optional.add_argument( + "-vrl", + "--vulnerable-requests-log", + help="log all vulnerable requests to this file (e.g. /var/logs/acstis.log or urls.log)", + type=str, + default=None, + ) + optional.add_argument( + "-siv", + "--stop-if-vulnerable", + help="(crawler option) stop scanning if a vulnerability was found", + action="store_true", + ) + optional.add_argument( + "-pmm", + "--protocol-must-match", + help="(crawler option) only scan pages with the same protocol as the startpoint (e.g. only https)", + action="store_true", + ) + optional.add_argument( + "-sos", + "--scan-other-subdomains", + help="(crawler option) also scan pages that have another subdomain than the startpoint", + action="store_true", + ) + optional.add_argument( + "-soh", + "--scan-other-hostnames", + help="(crawler option) also scan pages that have another hostname than the startpoint", + action="store_true", + ) + optional.add_argument( + "-sot", + "--scan-other-tlds", + help="(crawler option) also scan pages that have another tld than the startpoint", + action="store_true", + ) + optional.add_argument( + "-md", + "--max-depth", + help="(crawler option) the maximum search depth (default is unlimited)", + type=int, + ) + optional.add_argument( + "-mt", + "--max-threads", + help="(crawler option) the maximum amount of simultaneous threads to use (default is 20)", + type=int, + default=20, + ) + optional.add_argument( + "-iic", + "--ignore-invalid-certificates", + help="(crawler option) ignore invalid ssl certificates", + action="store_true", + ) + optional.add_argument( + "-tc", + "--trusted-certificates", + help="(crawler option) trust this CA_BUNDLE file (.pem) or directory with certificates", + type=str, + default=None, + ) parser._action_groups.append(optional) return parser.parse_args() + def setup_logger(): """Setup ColorLog to enable colored logging output.""" # Colored logging handler = colorlog.StreamHandler() - handler.setFormatter(colorlog.ColoredFormatter( - "%(log_color)s[%(levelname)s] %(message)s", - log_colors={ - "DEBUG": "cyan", - "INFO": "white", - "SUCCESS": "green", - "WARNING": "yellow", - "ERROR": "red", - "CRITICAL": "red,bg_white" - } - )) + handler.setFormatter( + colorlog.ColoredFormatter( + "%(log_color)s[%(levelname)s] %(message)s", + log_colors={ + "DEBUG": "cyan", + "INFO": "white", + "SUCCESS": "green", + "WARNING": "yellow", + "ERROR": "red", + "CRITICAL": "red,bg_white", + }, + ) + ) logger = colorlog.getLogger() logger.addHandler(handler) @@ -116,10 +192,7 @@ def setup_logger(): # Add SUCCESS logging logging.SUCCESS = 25 - logging.addLevelName( - logging.SUCCESS, - "SUCCESS" - ) + logging.addLevelName(logging.SUCCESS, "SUCCESS") # Disable Selenium logging selenium_logger = logging.getLogger("selenium.webdriver.remote.remote_connection") @@ -128,13 +201,15 @@ def setup_logger(): setattr( logger, "success", - lambda message, *args: logger._log(logging.SUCCESS, message, args) + lambda message, *args: logger._log(logging.SUCCESS, message, args), ) + def print_banner(): """Print a useless ASCII art banner to make things look a bit nicer.""" - print(""" + print( + """ /$$$$$$ /$$$$$$ /$$$$$$ /$$$$$$$$ /$$$$$$ /$$$$$$ /$$__ $$ /$$__ $$ /$$__ $$|__ $$__/|_ $$_/ /$$__ $$ | $$ \ $$| $$ \__/| $$ \__/ | $$ | $$ | $$ \__/ @@ -143,8 +218,12 @@ def print_banner(): | $$ | $$| $$ $$ /$$ \ $$ | $$ | $$ /$$ \ $$ | $$ | $$| $$$$$$/| $$$$$$/ | $$ /$$$$$$| $$$$$$/ |__/ |__/ \______/ \______/ |__/ |______/ \______/ -Version """ + PackageHelper.get_version() + """ - Copyright 2017 Tijme Gommers - """) +Version """ + + PackageHelper.get_version() + + """ - Copyright 2017 Tijme Gommers + """ + ) + if __name__ == "__main__": main() diff --git a/scanners/angularjs-csti-scanner/scanner/wrapper.sh b/scanners/angularjs-csti-scanner/scanner/wrapper.sh index 051a912b55..dffba45113 100644 --- a/scanners/angularjs-csti-scanner/scanner/wrapper.sh +++ b/scanners/angularjs-csti-scanner/scanner/wrapper.sh @@ -5,14 +5,14 @@ # If acstis config exists paste it into the acstis script if [ -f /home/angularjscsti/acstis/config/acstis-config.py ]; then echo "Insert acstis-config file into acstis script" - awk '{$1=$1}1' /home/angularjscsti/acstis/config/acstis-config.py | # Trim start end end spaces of each line of the config - awk -v x=4 '{printf "%" x "s%s\n", "", $0}' | # Add indentation of 4 to every line - sed -i '/#INSERT CUSTOM OPTIONS HERE/ r /dev/stdin' /home/angularjscsti/acstis/acstis-script.py # Insert config into script + awk '{$1=$1}1' /home/angularjscsti/acstis/config/acstis-config.py | # Trim start end end spaces of each line of the config + awk -v x=4 '{printf "%" x "s%s\n", "", $0}' | # Add indentation of 4 to every line + sed -i '/#INSERT CUSTOM OPTIONS HERE/ r /dev/stdin' /home/angularjscsti/acstis/acstis-script.py # Insert config into script fi python /home/angularjscsti/acstis/acstis-script.py $@ # If no finding occurred generate a empty file for the lurker if [ ! -f /home/securecodebox/findings.log ]; then - touch /home/securecodebox/findings.log + touch /home/securecodebox/findings.log fi exit 0 diff --git a/scanners/cmseek/cascading-rules/scan-joomla.yaml b/scanners/cmseek/cascading-rules/scan-joomla.yaml index b32067ea04..09756f2745 100644 --- a/scanners/cmseek/cascading-rules/scan-joomla.yaml +++ b/scanners/cmseek/cascading-rules/scan-joomla.yaml @@ -14,7 +14,7 @@ spec: anyOf: - category: "WEB APPLICATION" attributes: - MetaGenerator: "Joomla! - Open Source Content Management" + MetaGenerator: "Joomla! - Open Source Content Management" scanSpec: scanType: "cmseek" parameters: diff --git a/scanners/cmseek/examples/demo-old-joomla/findings.yaml b/scanners/cmseek/examples/demo-old-joomla/findings.yaml index 979fe09dd6..012ac46eb9 100644 --- a/scanners/cmseek/examples/demo-old-joomla/findings.yaml +++ b/scanners/cmseek/examples/demo-old-joomla/findings.yaml @@ -10,17 +10,19 @@ "location": "http://old-joomla.demo-targets.svc.cluster.local", "osi_layer": "APPLICATION", "severity": "HIGH", - "attributes": { - "joomla_version": "3.6.5", - "references": [ - "CVE : CVE-2016-10033", - "https://www.rapid7.com/db/modules/exploit/multi/http/phpmailer_arg_injection", - "https://github.com/opsxcq/exploit-CVE-2016-10033", - "EDB : https://www.exploit-db.com/exploits/40969/" - ] - }, + "attributes": + { + "joomla_version": "3.6.5", + "references": + [ + "CVE : CVE-2016-10033", + "https://www.rapid7.com/db/modules/exploit/multi/http/phpmailer_arg_injection", + "https://github.com/opsxcq/exploit-CVE-2016-10033", + "EDB : https://www.exploit-db.com/exploits/40969/", + ], + }, "id": "f41eeb1c-142e-46f2-96ae-01c9f7ca1aa7", - "parsed_at": "2021-09-28T15:06:29.225Z" + "parsed_at": "2021-09-28T15:06:29.225Z", }, { "name": "PPHPMailer Incomplete Fix Remote Code Execution Vulnerability", @@ -29,16 +31,18 @@ "location": "http://old-joomla.demo-targets.svc.cluster.local", "osi_layer": "APPLICATION", "severity": "HIGH", - "attributes": { - "joomla_version": "3.6.5", - "references": [ - "CVE : CVE-2016-10045", - "https://www.rapid7.com/db/modules/exploit/multi/http/phpmailer_arg_injection", - "EDB : https://www.exploit-db.com/exploits/40969/" - ] - }, + "attributes": + { + "joomla_version": "3.6.5", + "references": + [ + "CVE : CVE-2016-10045", + "https://www.rapid7.com/db/modules/exploit/multi/http/phpmailer_arg_injection", + "EDB : https://www.exploit-db.com/exploits/40969/", + ], + }, "id": "ef8852d1-719b-4a4d-8cd6-d818fffb6fd2", - "parsed_at": "2021-09-28T15:06:29.225Z" + "parsed_at": "2021-09-28T15:06:29.225Z", }, { "name": "Backup files", @@ -47,10 +51,11 @@ "location": "http://old-joomla.demo-targets.svc.cluster.local", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "joomla_backup_files": "http://old-joomla.demo-targets.svc.cluster.local/administrator," - }, + "attributes": + { + "joomla_backup_files": "http://old-joomla.demo-targets.svc.cluster.local/administrator,", + }, "id": "021b92a7-0c24-4f3c-b4b9-217e3a2e1ce9", - "parsed_at": "2021-09-28T15:06:29.225Z" - } -] \ No newline at end of file + "parsed_at": "2021-09-28T15:06:29.225Z", + }, +] diff --git a/scanners/cmseek/examples/demo-old-joomla/scan.yaml b/scanners/cmseek/examples/demo-old-joomla/scan.yaml index 3e638db1cd..e797910e78 100644 --- a/scanners/cmseek/examples/demo-old-joomla/scan.yaml +++ b/scanners/cmseek/examples/demo-old-joomla/scan.yaml @@ -11,4 +11,4 @@ spec: parameters: - "-u" - "old-joomla.demo-targets.svc.cluster.local" # Change to the website you want to scan - - "--no-redirect" \ No newline at end of file + - "--no-redirect" diff --git a/scanners/cmseek/parser/__testFiles__/joomla_with_core_vulns.json b/scanners/cmseek/parser/__testFiles__/joomla_with_core_vulns.json index 9e619b14be..1414bc205a 100644 --- a/scanners/cmseek/parser/__testFiles__/joomla_with_core_vulns.json +++ b/scanners/cmseek/parser/__testFiles__/joomla_with_core_vulns.json @@ -1,43 +1,43 @@ { - "cms_id": "joom", - "cms_name": "joomla", - "cms_url": "https://joomla.org", - "detection_param": "header", - "joomla_backup_files": [ - "http://172.26.0.3/1.save", - "http://172.26.0.3/1.tar.gz", - "http://172.26.0.3/1.rar", - "http://172.26.0.3/1.tar", - "http://172.26.0.3/1.zip", - "http://172.26.0.3/1.txt", - "http://172.26.0.3/1.tgz", - "http://172.26.0.3/1.tar.bz2", - "http://172.26.0.3/1.gz", - "http://172.26.0.3/1.tmp" - ], - "joomla_debug_mode": "enabled", - "joomla_readme_file": "http://172.26.0.3/README.txt", - "joomla_version": "3.6.5", - "last_scanned": "2021-09-22 10:29:01.721009", - "url": "http://172.26.0.3/", - "vulnerabilities": [ - { - "name": "PHPMailer Remote Code Execution Vulnerability", - "references": [ - "CVE : CVE-2016-10033", - "https://www.rapid7.com/db/modules/exploit/multi/http/phpmailer_arg_injection", - "https://github.com/opsxcq/exploit-CVE-2016-10033", - "EDB : https://www.exploit-db.com/exploits/40969/" - ] - }, - { - "name": "PPHPMailer Incomplete Fix Remote Code Execution Vulnerability", - "references": [ - "CVE : CVE-2016-10045", - "https://www.rapid7.com/db/modules/exploit/multi/http/phpmailer_arg_injection", - "EDB : https://www.exploit-db.com/exploits/40969/" - ] - } - ], - "vulnerabilities_count": "2" -} \ No newline at end of file + "cms_id": "joom", + "cms_name": "joomla", + "cms_url": "https://joomla.org", + "detection_param": "header", + "joomla_backup_files": [ + "http://172.26.0.3/1.save", + "http://172.26.0.3/1.tar.gz", + "http://172.26.0.3/1.rar", + "http://172.26.0.3/1.tar", + "http://172.26.0.3/1.zip", + "http://172.26.0.3/1.txt", + "http://172.26.0.3/1.tgz", + "http://172.26.0.3/1.tar.bz2", + "http://172.26.0.3/1.gz", + "http://172.26.0.3/1.tmp" + ], + "joomla_debug_mode": "enabled", + "joomla_readme_file": "http://172.26.0.3/README.txt", + "joomla_version": "3.6.5", + "last_scanned": "2021-09-22 10:29:01.721009", + "url": "http://172.26.0.3/", + "vulnerabilities": [ + { + "name": "PHPMailer Remote Code Execution Vulnerability", + "references": [ + "CVE : CVE-2016-10033", + "https://www.rapid7.com/db/modules/exploit/multi/http/phpmailer_arg_injection", + "https://github.com/opsxcq/exploit-CVE-2016-10033", + "EDB : https://www.exploit-db.com/exploits/40969/" + ] + }, + { + "name": "PPHPMailer Incomplete Fix Remote Code Execution Vulnerability", + "references": [ + "CVE : CVE-2016-10045", + "https://www.rapid7.com/db/modules/exploit/multi/http/phpmailer_arg_injection", + "EDB : https://www.exploit-db.com/exploits/40969/" + ] + } + ], + "vulnerabilities_count": "2" +} diff --git a/scanners/cmseek/parser/__testFiles__/joomla_without_core_vulns.json b/scanners/cmseek/parser/__testFiles__/joomla_without_core_vulns.json index 045b098180..bbcc6679df 100644 --- a/scanners/cmseek/parser/__testFiles__/joomla_without_core_vulns.json +++ b/scanners/cmseek/parser/__testFiles__/joomla_without_core_vulns.json @@ -1,10 +1,10 @@ { - "cms_id": "joom", - "cms_name": "joomla", - "cms_url": "https://joomla.org", - "detection_param": "header", - "joomla_debug_mode": "disabled", - "last_scanned": "2021-09-21 15:12:44.412355", - "url": "http://172.26.0.3/", - "vulnerabilities_count": "0" -} \ No newline at end of file + "cms_id": "joom", + "cms_name": "joomla", + "cms_url": "https://joomla.org", + "detection_param": "header", + "joomla_debug_mode": "disabled", + "last_scanned": "2021-09-21 15:12:44.412355", + "url": "http://172.26.0.3/", + "vulnerabilities_count": "0" +} diff --git a/scanners/cmseek/parser/__testFiles__/not_joomla.json b/scanners/cmseek/parser/__testFiles__/not_joomla.json index 9ecbd39f2a..febc9eafc0 100644 --- a/scanners/cmseek/parser/__testFiles__/not_joomla.json +++ b/scanners/cmseek/parser/__testFiles__/not_joomla.json @@ -1,8 +1,8 @@ { - "cms_id": "dru", - "cms_name": "Drupal", - "cms_url": "https://drupal.org", - "detection_param": "header", - "last_scanned": "2021-09-21 15:12:20.871380", - "url": "http://172.26.0.3/" -} \ No newline at end of file + "cms_id": "dru", + "cms_name": "Drupal", + "cms_url": "https://drupal.org", + "detection_param": "header", + "last_scanned": "2021-09-21 15:12:20.871380", + "url": "http://172.26.0.3/" +} diff --git a/scanners/cmseek/scanner/wrapper.sh b/scanners/cmseek/scanner/wrapper.sh index 057cdeef10..9f6789b9a1 100644 --- a/scanners/cmseek/scanner/wrapper.sh +++ b/scanners/cmseek/scanner/wrapper.sh @@ -4,11 +4,10 @@ python3 /home/cmseek/cmseek.py "$@" - # Find how many files with the JSON extension in Result folder are. -lines=$(find /home/cmseek/Result/ -type f -name "*.json"| wc -l) +lines=$(find /home/cmseek/Result/ -type f -name "*.json" | wc -l) #The cmseek scanner names the folder where the result is, the target url. That is why it's replaced with a wildcard here. if [ $lines -eq 1 ]; then -mv /home/cmseek/Result/*/cms.json /home/securecodebox/cmseek.json -fi \ No newline at end of file + mv /home/cmseek/Result/*/cms.json /home/securecodebox/cmseek.json +fi diff --git a/scanners/git-repo-scanner/examples/github-secureCodeBox-scan/findings.yaml b/scanners/git-repo-scanner/examples/github-secureCodeBox-scan/findings.yaml index 96d20a2f49..b2f279621b 100644 --- a/scanners/git-repo-scanner/examples/github-secureCodeBox-scan/findings.yaml +++ b/scanners/git-repo-scanner/examples/github-secureCodeBox-scan/findings.yaml @@ -1,5 +1,5 @@ # SPDX-FileCopyrightText: the secureCodeBox authors -# +# # SPDX-License-Identifier: Apache-2.0 [ @@ -9,25 +9,27 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "144957631", - "web_url": "https://github.com/secureCodeBox/ansible-role-securecodebox-openshift", - "full_name": "secureCodeBox/ansible-role-securecodebox-openshift", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [ - "openshift", - "ansible-role", - "ansible", - "security-tools", - "security" - ], - "owner_name": "secureCodeBox", - "created_at": "2018-08-16T08:11:15Z", - "last_activity_at": "2021-02-26T14:43:24Z", - "visibility": "public", - "archived": true - } + "attributes": + { + "id": "144957631", + "web_url": "https://github.com/secureCodeBox/ansible-role-securecodebox-openshift", + "full_name": "secureCodeBox/ansible-role-securecodebox-openshift", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": + [ + "openshift", + "ansible-role", + "ansible", + "security-tools", + "security", + ], + "owner_name": "secureCodeBox", + "created_at": "2018-08-16T08:11:15Z", + "last_activity_at": "2021-02-26T14:43:24Z", + "visibility": "public", + "archived": true, + }, }, { "name": "GitHub Repo", @@ -35,26 +37,28 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "142870794", - "web_url": "https://github.com/secureCodeBox/integration-pipeline-jenkins-examples", - "full_name": "secureCodeBox/integration-pipeline-jenkins-examples", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [ - "security", - "security-automation", - "security-testing", - "jenkins-pipeline", - "jenkinsfile", - "demo" - ], - "owner_name": "secureCodeBox", - "created_at": "2018-07-30T12:13:41Z", - "last_activity_at": "2021-02-26T14:42:45Z", - "visibility": "public", - "archived": true - } + "attributes": + { + "id": "142870794", + "web_url": "https://github.com/secureCodeBox/integration-pipeline-jenkins-examples", + "full_name": "secureCodeBox/integration-pipeline-jenkins-examples", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": + [ + "security", + "security-automation", + "security-testing", + "jenkins-pipeline", + "jenkinsfile", + "demo", + ], + "owner_name": "secureCodeBox", + "created_at": "2018-07-30T12:13:41Z", + "last_activity_at": "2021-02-26T14:42:45Z", + "visibility": "public", + "archived": true, + }, }, { "name": "GitHub Repo", @@ -62,19 +66,20 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "214418800", - "web_url": "https://github.com/secureCodeBox/swagger-petstore-openshift", - "full_name": "secureCodeBox/swagger-petstore-openshift", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [], - "owner_name": "secureCodeBox", - "created_at": "2019-10-11T11:28:15Z", - "last_activity_at": "2019-10-11T11:37:41Z", - "visibility": "public", - "archived": false - } + "attributes": + { + "id": "214418800", + "web_url": "https://github.com/secureCodeBox/swagger-petstore-openshift", + "full_name": "secureCodeBox/swagger-petstore-openshift", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": [], + "owner_name": "secureCodeBox", + "created_at": "2019-10-11T11:28:15Z", + "last_activity_at": "2019-10-11T11:37:41Z", + "visibility": "public", + "archived": false, + }, }, { "name": "GitHub Repo", @@ -82,19 +87,20 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "180568880", - "web_url": "https://github.com/secureCodeBox/ruby-scanner-scaffolding", - "full_name": "secureCodeBox/ruby-scanner-scaffolding", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [], - "owner_name": "secureCodeBox", - "created_at": "2019-04-10T11:39:04Z", - "last_activity_at": "2021-02-26T14:42:14Z", - "visibility": "public", - "archived": true - } + "attributes": + { + "id": "180568880", + "web_url": "https://github.com/secureCodeBox/ruby-scanner-scaffolding", + "full_name": "secureCodeBox/ruby-scanner-scaffolding", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": [], + "owner_name": "secureCodeBox", + "created_at": "2019-04-10T11:39:04Z", + "last_activity_at": "2021-02-26T14:42:14Z", + "visibility": "public", + "archived": true, + }, }, { "name": "GitHub Repo", @@ -102,19 +108,20 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "141462466", - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-amass", - "full_name": "secureCodeBox/scanner-infrastructure-amass", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [], - "owner_name": "secureCodeBox", - "created_at": "2018-07-18T16:38:18Z", - "last_activity_at": "2021-02-26T14:41:40Z", - "visibility": "public", - "archived": true - } + "attributes": + { + "id": "141462466", + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-amass", + "full_name": "secureCodeBox/scanner-infrastructure-amass", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": [], + "owner_name": "secureCodeBox", + "created_at": "2018-07-18T16:38:18Z", + "last_activity_at": "2021-02-26T14:41:40Z", + "visibility": "public", + "archived": true, + }, }, { "name": "GitHub Repo", @@ -122,19 +129,20 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "251007807", - "web_url": "https://github.com/secureCodeBox/zap-extensions", - "full_name": "secureCodeBox/zap-extensions", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [], - "owner_name": "secureCodeBox", - "created_at": "2020-03-29T10:40:12Z", - "last_activity_at": "2020-03-29T10:40:13Z", - "visibility": "public", - "archived": false - } + "attributes": + { + "id": "251007807", + "web_url": "https://github.com/secureCodeBox/zap-extensions", + "full_name": "secureCodeBox/zap-extensions", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": [], + "owner_name": "secureCodeBox", + "created_at": "2020-03-29T10:40:12Z", + "last_activity_at": "2020-03-29T10:40:13Z", + "visibility": "public", + "archived": false, + }, }, { "name": "GitHub Repo", @@ -142,19 +150,20 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "171298120", - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-ssh", - "full_name": "secureCodeBox/scanner-infrastructure-ssh", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [], - "owner_name": "secureCodeBox", - "created_at": "2019-02-18T14:23:57Z", - "last_activity_at": "2021-02-26T14:40:57Z", - "visibility": "public", - "archived": true - } + "attributes": + { + "id": "171298120", + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-ssh", + "full_name": "secureCodeBox/scanner-infrastructure-ssh", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": [], + "owner_name": "secureCodeBox", + "created_at": "2019-02-18T14:23:57Z", + "last_activity_at": "2021-02-26T14:40:57Z", + "visibility": "public", + "archived": true, + }, }, { "name": "GitHub Repo", @@ -162,26 +171,28 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "128396681", - "web_url": "https://github.com/secureCodeBox/scanner-webserver-nikto", - "full_name": "secureCodeBox/scanner-webserver-nikto", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [ - "nikto", - "security", - "security-scanner", - "security-automation", - "security-tools", - "microservice" - ], - "owner_name": "secureCodeBox", - "created_at": "2018-04-06T13:13:14Z", - "last_activity_at": "2021-02-26T14:40:31Z", - "visibility": "public", - "archived": true - } + "attributes": + { + "id": "128396681", + "web_url": "https://github.com/secureCodeBox/scanner-webserver-nikto", + "full_name": "secureCodeBox/scanner-webserver-nikto", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": + [ + "nikto", + "security", + "security-scanner", + "security-automation", + "security-tools", + "microservice", + ], + "owner_name": "secureCodeBox", + "created_at": "2018-04-06T13:13:14Z", + "last_activity_at": "2021-02-26T14:40:31Z", + "visibility": "public", + "archived": true, + }, }, { "name": "GitHub Repo", @@ -189,26 +200,28 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "134673181", - "web_url": "https://github.com/secureCodeBox/scanner-webapplication-arachni", - "full_name": "secureCodeBox/scanner-webapplication-arachni", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [ - "arachni", - "security", - "security-scanner", - "security-automation", - "security-tools", - "microservice" - ], - "owner_name": "secureCodeBox", - "created_at": "2018-05-24T06:47:00Z", - "last_activity_at": "2021-02-26T14:40:03Z", - "visibility": "public", - "archived": true - } + "attributes": + { + "id": "134673181", + "web_url": "https://github.com/secureCodeBox/scanner-webapplication-arachni", + "full_name": "secureCodeBox/scanner-webapplication-arachni", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": + [ + "arachni", + "security", + "security-scanner", + "security-automation", + "security-tools", + "microservice", + ], + "owner_name": "secureCodeBox", + "created_at": "2018-05-24T06:47:00Z", + "last_activity_at": "2021-02-26T14:40:03Z", + "visibility": "public", + "archived": true, + }, }, { "name": "GitHub Repo", @@ -216,19 +229,20 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "180543766", - "web_url": "https://github.com/secureCodeBox/scanner-cms-wpscan", - "full_name": "secureCodeBox/scanner-cms-wpscan", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [], - "owner_name": "secureCodeBox", - "created_at": "2019-04-10T09:03:38Z", - "last_activity_at": "2021-02-26T14:39:25Z", - "visibility": "public", - "archived": true - } + "attributes": + { + "id": "180543766", + "web_url": "https://github.com/secureCodeBox/scanner-cms-wpscan", + "full_name": "secureCodeBox/scanner-cms-wpscan", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": [], + "owner_name": "secureCodeBox", + "created_at": "2019-04-10T09:03:38Z", + "last_activity_at": "2021-02-26T14:39:25Z", + "visibility": "public", + "archived": true, + }, }, { "name": "GitHub Repo", @@ -236,26 +250,28 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "124402117", - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-nmap", - "full_name": "secureCodeBox/scanner-infrastructure-nmap", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [ - "nmap", - "security", - "security-scanner", - "security-automation", - "security-tools", - "microservice" - ], - "owner_name": "secureCodeBox", - "created_at": "2018-03-08T14:20:36Z", - "last_activity_at": "2021-06-11T21:49:14Z", - "visibility": "public", - "archived": true - } + "attributes": + { + "id": "124402117", + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-nmap", + "full_name": "secureCodeBox/scanner-infrastructure-nmap", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": + [ + "nmap", + "security", + "security-scanner", + "security-automation", + "security-tools", + "microservice", + ], + "owner_name": "secureCodeBox", + "created_at": "2018-03-08T14:20:36Z", + "last_activity_at": "2021-06-11T21:49:14Z", + "visibility": "public", + "archived": true, + }, }, { "name": "GitHub Repo", @@ -263,26 +279,28 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "133507929", - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-sslyze", - "full_name": "secureCodeBox/scanner-infrastructure-sslyze", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [ - "sslyze", - "security", - "security-scanner", - "security-automation", - "security-tools", - "microservice" - ], - "owner_name": "secureCodeBox", - "created_at": "2018-05-15T11:43:11Z", - "last_activity_at": "2021-02-26T14:38:12Z", - "visibility": "public", - "archived": true - } + "attributes": + { + "id": "133507929", + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-sslyze", + "full_name": "secureCodeBox/scanner-infrastructure-sslyze", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": + [ + "sslyze", + "security", + "security-scanner", + "security-automation", + "security-tools", + "microservice", + ], + "owner_name": "secureCodeBox", + "created_at": "2018-05-15T11:43:11Z", + "last_activity_at": "2021-02-26T14:38:12Z", + "visibility": "public", + "archived": true, + }, }, { "name": "GitHub Repo", @@ -290,19 +308,20 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "223956455", - "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-ncrack", - "full_name": "secureCodeBox/scanner-infrastructure-ncrack", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [], - "owner_name": "secureCodeBox", - "created_at": "2019-11-25T13:34:16Z", - "last_activity_at": "2021-02-26T14:37:34Z", - "visibility": "public", - "archived": true - } + "attributes": + { + "id": "223956455", + "web_url": "https://github.com/secureCodeBox/scanner-infrastructure-ncrack", + "full_name": "secureCodeBox/scanner-infrastructure-ncrack", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": [], + "owner_name": "secureCodeBox", + "created_at": "2019-11-25T13:34:16Z", + "last_activity_at": "2021-02-26T14:37:34Z", + "visibility": "public", + "archived": true, + }, }, { "name": "GitHub Repo", @@ -310,19 +329,20 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "277835641", - "web_url": "https://github.com/secureCodeBox/zaproxy", - "full_name": "secureCodeBox/zaproxy", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [], - "owner_name": "secureCodeBox", - "created_at": "2020-07-07T14:14:16Z", - "last_activity_at": "2020-07-07T14:14:18Z", - "visibility": "public", - "archived": false - } + "attributes": + { + "id": "277835641", + "web_url": "https://github.com/secureCodeBox/zaproxy", + "full_name": "secureCodeBox/zaproxy", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": [], + "owner_name": "secureCodeBox", + "created_at": "2020-07-07T14:14:16Z", + "last_activity_at": "2020-07-07T14:14:18Z", + "visibility": "public", + "archived": false, + }, }, { "name": "GitHub Repo", @@ -330,27 +350,29 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "249731346", - "web_url": "https://github.com/secureCodeBox/secureCodeBox-v2", - "full_name": "secureCodeBox/secureCodeBox-v2", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [ - "securecodebox", - "security-tools", - "penetration-testers", - "devsecops", - "kubernetes-operator", - "scanning", - "hacktoberfest" - ], - "owner_name": "secureCodeBox", - "created_at": "2020-03-24T14:33:08Z", - "last_activity_at": "2020-11-05T15:40:55Z", - "visibility": "public", - "archived": true - } + "attributes": + { + "id": "249731346", + "web_url": "https://github.com/secureCodeBox/secureCodeBox-v2", + "full_name": "secureCodeBox/secureCodeBox-v2", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": + [ + "securecodebox", + "security-tools", + "penetration-testers", + "devsecops", + "kubernetes-operator", + "scanning", + "hacktoberfest", + ], + "owner_name": "secureCodeBox", + "created_at": "2020-03-24T14:33:08Z", + "last_activity_at": "2020-11-05T15:40:55Z", + "visibility": "public", + "archived": true, + }, }, { "name": "GitHub Repo", @@ -358,19 +380,20 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "203588805", - "web_url": "https://github.com/secureCodeBox/securecodebox.github.io", - "full_name": "secureCodeBox/securecodebox.github.io", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [], - "owner_name": "secureCodeBox", - "created_at": "2019-08-21T13:21:09Z", - "last_activity_at": "2020-10-16T11:40:25Z", - "visibility": "public", - "archived": false - } + "attributes": + { + "id": "203588805", + "web_url": "https://github.com/secureCodeBox/securecodebox.github.io", + "full_name": "secureCodeBox/securecodebox.github.io", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": [], + "owner_name": "secureCodeBox", + "created_at": "2019-08-21T13:21:09Z", + "last_activity_at": "2020-10-16T11:40:25Z", + "visibility": "public", + "archived": false, + }, }, { "name": "GitHub Repo", @@ -378,19 +401,20 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "126042943", - "web_url": "https://github.com/secureCodeBox/nodejs-scanner-scaffolding", - "full_name": "secureCodeBox/nodejs-scanner-scaffolding", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [], - "owner_name": "secureCodeBox", - "created_at": "2018-03-20T15:48:39Z", - "last_activity_at": "2021-02-26T14:36:53Z", - "visibility": "public", - "archived": true - } + "attributes": + { + "id": "126042943", + "web_url": "https://github.com/secureCodeBox/nodejs-scanner-scaffolding", + "full_name": "secureCodeBox/nodejs-scanner-scaffolding", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": [], + "owner_name": "secureCodeBox", + "created_at": "2018-03-20T15:48:39Z", + "last_activity_at": "2021-02-26T14:36:53Z", + "visibility": "public", + "archived": true, + }, }, { "name": "GitHub Repo", @@ -398,26 +422,28 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "128920739", - "web_url": "https://github.com/secureCodeBox/scanner-webapplication-zap", - "full_name": "secureCodeBox/scanner-webapplication-zap", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [ - "zap", - "security", - "security-scanner", - "security-automation", - "security-tools", - "microservice" - ], - "owner_name": "secureCodeBox", - "created_at": "2018-04-10T11:17:29Z", - "last_activity_at": "2021-02-26T14:36:02Z", - "visibility": "public", - "archived": true - } + "attributes": + { + "id": "128920739", + "web_url": "https://github.com/secureCodeBox/scanner-webapplication-zap", + "full_name": "secureCodeBox/scanner-webapplication-zap", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": + [ + "zap", + "security", + "security-scanner", + "security-automation", + "security-tools", + "microservice", + ], + "owner_name": "secureCodeBox", + "created_at": "2018-04-10T11:17:29Z", + "last_activity_at": "2021-02-26T14:36:02Z", + "visibility": "public", + "archived": true, + }, }, { "name": "GitHub Repo", @@ -425,19 +451,20 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "123422137", - "web_url": "https://github.com/secureCodeBox/engine", - "full_name": "secureCodeBox/engine", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [], - "owner_name": "secureCodeBox", - "created_at": "2018-03-01T10:50:05Z", - "last_activity_at": "2021-02-26T14:35:25Z", - "visibility": "public", - "archived": true - } + "attributes": + { + "id": "123422137", + "web_url": "https://github.com/secureCodeBox/engine", + "full_name": "secureCodeBox/engine", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": [], + "owner_name": "secureCodeBox", + "created_at": "2018-03-01T10:50:05Z", + "last_activity_at": "2021-02-26T14:35:25Z", + "visibility": "public", + "archived": true, + }, }, { "name": "GitHub Repo", @@ -445,19 +472,20 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "327336031", - "web_url": "https://github.com/secureCodeBox/gitleaks", - "full_name": "secureCodeBox/gitleaks", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [], - "owner_name": "secureCodeBox", - "created_at": "2021-01-06T14:27:46Z", - "last_activity_at": "2021-03-06T20:23:36Z", - "visibility": "public", - "archived": false - } + "attributes": + { + "id": "327336031", + "web_url": "https://github.com/secureCodeBox/gitleaks", + "full_name": "secureCodeBox/gitleaks", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": [], + "owner_name": "secureCodeBox", + "created_at": "2021-01-06T14:27:46Z", + "last_activity_at": "2021-03-06T20:23:36Z", + "visibility": "public", + "archived": false, + }, }, { "name": "GitHub Repo", @@ -465,19 +493,20 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "303349727", - "web_url": "https://github.com/secureCodeBox/kubeaudit", - "full_name": "secureCodeBox/kubeaudit", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [], - "owner_name": "secureCodeBox", - "created_at": "2020-10-12T09:58:26Z", - "last_activity_at": "2020-10-12T09:58:28Z", - "visibility": "public", - "archived": false - } + "attributes": + { + "id": "303349727", + "web_url": "https://github.com/secureCodeBox/kubeaudit", + "full_name": "secureCodeBox/kubeaudit", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": [], + "owner_name": "secureCodeBox", + "created_at": "2020-10-12T09:58:26Z", + "last_activity_at": "2020-10-12T09:58:28Z", + "visibility": "public", + "archived": false, + }, }, { "name": "GitHub Repo", @@ -485,19 +514,20 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "357207085", - "web_url": "https://github.com/secureCodeBox/django-DefectDojo", - "full_name": "secureCodeBox/django-DefectDojo", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [], - "owner_name": "secureCodeBox", - "created_at": "2021-04-12T13:36:31Z", - "last_activity_at": "2021-12-14T14:46:54Z", - "visibility": "public", - "archived": false - } + "attributes": + { + "id": "357207085", + "web_url": "https://github.com/secureCodeBox/django-DefectDojo", + "full_name": "secureCodeBox/django-DefectDojo", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": [], + "owner_name": "secureCodeBox", + "created_at": "2021-04-12T13:36:31Z", + "last_activity_at": "2021-12-14T14:46:54Z", + "visibility": "public", + "archived": false, + }, }, { "name": "GitHub Repo", @@ -505,19 +535,20 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "204701677", - "web_url": "https://github.com/secureCodeBox/ssh_scan", - "full_name": "secureCodeBox/ssh_scan", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [], - "owner_name": "secureCodeBox", - "created_at": "2019-08-27T12:46:48Z", - "last_activity_at": "2021-06-22T12:11:47Z", - "visibility": "public", - "archived": false - } + "attributes": + { + "id": "204701677", + "web_url": "https://github.com/secureCodeBox/ssh_scan", + "full_name": "secureCodeBox/ssh_scan", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": [], + "owner_name": "secureCodeBox", + "created_at": "2019-08-27T12:46:48Z", + "last_activity_at": "2021-06-22T12:11:47Z", + "visibility": "public", + "archived": false, + }, }, { "name": "GitHub Repo", @@ -525,19 +556,20 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "222679857", - "web_url": "https://github.com/secureCodeBox/nikto", - "full_name": "secureCodeBox/nikto", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [], - "owner_name": "secureCodeBox", - "created_at": "2019-11-19T11:25:21Z", - "last_activity_at": "2021-08-25T14:24:37Z", - "visibility": "public", - "archived": false - } + "attributes": + { + "id": "222679857", + "web_url": "https://github.com/secureCodeBox/nikto", + "full_name": "secureCodeBox/nikto", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": [], + "owner_name": "secureCodeBox", + "created_at": "2019-11-19T11:25:21Z", + "last_activity_at": "2021-08-25T14:24:37Z", + "visibility": "public", + "archived": false, + }, }, { "name": "GitHub Repo", @@ -545,19 +577,20 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "409468006", - "web_url": "https://github.com/secureCodeBox/sslyze", - "full_name": "secureCodeBox/sslyze", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [], - "owner_name": "secureCodeBox", - "created_at": "2021-09-23T06:03:50Z", - "last_activity_at": "2021-09-23T06:03:51Z", - "visibility": "public", - "archived": false - } + "attributes": + { + "id": "409468006", + "web_url": "https://github.com/secureCodeBox/sslyze", + "full_name": "secureCodeBox/sslyze", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": [], + "owner_name": "secureCodeBox", + "created_at": "2021-09-23T06:03:50Z", + "last_activity_at": "2021-09-23T06:03:51Z", + "visibility": "public", + "archived": false, + }, }, { "name": "GitHub Repo", @@ -565,26 +598,28 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "327269915", - "web_url": "https://github.com/secureCodeBox/defectdojo-client-java", - "full_name": "secureCodeBox/defectdojo-client-java", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [ - "defectdojo", - "owasp", - "client-library", - "java", - "gradle", - "hacktoberfest" - ], - "owner_name": "secureCodeBox", - "created_at": "2021-01-06T09:59:17Z", - "last_activity_at": "2021-10-20T08:45:43Z", - "visibility": "public", - "archived": false - } + "attributes": + { + "id": "327269915", + "web_url": "https://github.com/secureCodeBox/defectdojo-client-java", + "full_name": "secureCodeBox/defectdojo-client-java", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": + [ + "defectdojo", + "owasp", + "client-library", + "java", + "gradle", + "hacktoberfest", + ], + "owner_name": "secureCodeBox", + "created_at": "2021-01-06T09:59:17Z", + "last_activity_at": "2021-10-20T08:45:43Z", + "visibility": "public", + "archived": false, + }, }, { "name": "GitHub Repo", @@ -592,19 +627,20 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "288212154", - "web_url": "https://github.com/secureCodeBox/telemetry", - "full_name": "secureCodeBox/telemetry", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [], - "owner_name": "secureCodeBox", - "created_at": "2020-08-17T15:09:19Z", - "last_activity_at": "2021-12-06T14:24:34Z", - "visibility": "public", - "archived": false - } + "attributes": + { + "id": "288212154", + "web_url": "https://github.com/secureCodeBox/telemetry", + "full_name": "secureCodeBox/telemetry", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": [], + "owner_name": "secureCodeBox", + "created_at": "2020-08-17T15:09:19Z", + "last_activity_at": "2021-12-06T14:24:34Z", + "visibility": "public", + "archived": false, + }, }, { "name": "GitHub Repo", @@ -612,24 +648,21 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "292293538", - "web_url": "https://github.com/secureCodeBox/documentation", - "full_name": "secureCodeBox/documentation", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [ - "securecodebox", - "docusaurus", - "documentation", - "hacktoberfest" - ], - "owner_name": "secureCodeBox", - "created_at": "2020-09-02T13:39:10Z", - "last_activity_at": "2021-12-15T13:55:43Z", - "visibility": "public", - "archived": false - } + "attributes": + { + "id": "292293538", + "web_url": "https://github.com/secureCodeBox/documentation", + "full_name": "secureCodeBox/documentation", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": + ["securecodebox", "docusaurus", "documentation", "hacktoberfest"], + "owner_name": "secureCodeBox", + "created_at": "2020-09-02T13:39:10Z", + "last_activity_at": "2021-12-15T13:55:43Z", + "visibility": "public", + "archived": false, + }, }, { "name": "GitHub Repo", @@ -637,30 +670,32 @@ "category": "Git Repository", "osi_layer": "APPLICATION", "severity": "INFORMATIONAL", - "attributes": { - "id": "80711933", - "web_url": "https://github.com/secureCodeBox/secureCodeBox", - "full_name": "secureCodeBox/secureCodeBox", - "owner_type": "Organization", - "owner_id": "34573705", - "topics": [ - "security", - "security-automation", - "security-tools", - "security-testing", - "securecodebox", - "devsecops", - "kubernetes", - "kubernetes-operator", - "owasp", - "owasp-zap", - "hacktoberfest" - ], - "owner_name": "secureCodeBox", - "created_at": "2017-02-02T09:48:05Z", - "last_activity_at": "2021-12-21T09:48:07Z", - "visibility": "public", - "archived": false - } - } -] \ No newline at end of file + "attributes": + { + "id": "80711933", + "web_url": "https://github.com/secureCodeBox/secureCodeBox", + "full_name": "secureCodeBox/secureCodeBox", + "owner_type": "Organization", + "owner_id": "34573705", + "topics": + [ + "security", + "security-automation", + "security-tools", + "security-testing", + "securecodebox", + "devsecops", + "kubernetes", + "kubernetes-operator", + "owasp", + "owasp-zap", + "hacktoberfest", + ], + "owner_name": "secureCodeBox", + "created_at": "2017-02-02T09:48:05Z", + "last_activity_at": "2021-12-21T09:48:07Z", + "visibility": "public", + "archived": false, + }, + }, +] diff --git a/scanners/git-repo-scanner/parser/__testFiles__/empty-findings.json b/scanners/git-repo-scanner/parser/__testFiles__/empty-findings.json index 0d4f101c7a..fe51488c70 100644 --- a/scanners/git-repo-scanner/parser/__testFiles__/empty-findings.json +++ b/scanners/git-repo-scanner/parser/__testFiles__/empty-findings.json @@ -1,2 +1 @@ -[ -] +[] diff --git a/scanners/git-repo-scanner/scanner/git_repo_scanner/__main__.py b/scanners/git-repo-scanner/scanner/git_repo_scanner/__main__.py index d7249fd348..d14bad1a35 100644 --- a/scanners/git-repo-scanner/scanner/git_repo_scanner/__main__.py +++ b/scanners/git-repo-scanner/scanner/git_repo_scanner/__main__.py @@ -6,24 +6,24 @@ import json import logging import sys -from datetime import datetime + # https://docs.python.org/3/library/datetime.html -from datetime import timedelta +from datetime import datetime, timedelta from pathlib import Path import github import gitlab import pytz -# https://pypi.org/project/pytimeparse/ -from pytimeparse.timeparse import timeparse - from git_repo_scanner.abstract_scanner import AbstractScanner from git_repo_scanner.github_scanner import GitHubScanner from git_repo_scanner.gitlab_scanner import GitLabScanner -log_format = '%(asctime)s - %(levelname)-7s - %(name)s - %(message)s' +# https://pypi.org/project/pytimeparse/ +from pytimeparse.timeparse import timeparse + +log_format = "%(asctime)s - %(levelname)-7s - %(name)s - %(message)s" logging.basicConfig(level=logging.INFO, format=log_format) -logger = logging.getLogger('git_repo_scanner') +logger = logging.getLogger("git_repo_scanner") now_utc = pytz.utc.localize(datetime.utcnow()) @@ -32,20 +32,20 @@ def main(): args = get_parser_args() if not args.git_type: - logger.info('Argument error: No git type specified') + logger.info("Argument error: No git type specified") sys.exit(1) findings = process(args) - logger.info('Write findings to file...') + logger.info("Write findings to file...") write_findings_to_file(args, findings) - logger.info('Finished!') + logger.info("Finished!") def process(args): scanner: AbstractScanner - if args.git_type == 'gitlab': + if args.git_type == "gitlab": scanner = GitLabScanner( url=args.url, access_token=args.access_token, @@ -53,46 +53,45 @@ def process(args): ignored_groups=args.ignore_groups, ignore_repos=args.ignore_repos, obey_rate_limit=args.obey_rate_limit, - annotate_latest_commit_id=args.annotate_latest_commit_id + annotate_latest_commit_id=args.annotate_latest_commit_id, ) - elif args.git_type == 'github': + elif args.git_type == "github": scanner = GitHubScanner( url=args.url, access_token=args.access_token, organization=args.organization, ignore_repos=args.ignore_repos, obey_rate_limit=args.obey_rate_limit, - annotate_latest_commit_id=args.annotate_latest_commit_id + annotate_latest_commit_id=args.annotate_latest_commit_id, ) else: - logger.info('Argument error: Unknown git type') + logger.info("Argument error: Unknown git type") sys.exit(1) try: return scanner.process( - args.activity_since_duration, - args.activity_until_duration + args.activity_since_duration, args.activity_until_duration ) except argparse.ArgumentError as e: - logger.error(f'Argument error: {e}') + logger.error(f"Argument error: {e}") sys.exit(1) except gitlab.exceptions.GitlabAuthenticationError: - logger.info('No permission. Check your access token.') + logger.info("No permission. Check your access token.") sys.exit(1) except github.GithubException as e: logger.error(f'Github API Exception: {e.status} -> {e.data["message"]}') sys.exit(2) except gitlab.GitlabError as e: - logger.error(f'Gitlab API Exception: {e}') + logger.error(f"Gitlab API Exception: {e}") sys.exit(2) except Exception as e: - logger.error(f'Unexpected error: {e}') + logger.error(f"Unexpected error: {e}") sys.exit(3) def write_findings_to_file(args, findings): Path(args.file_output).mkdir(parents=True, exist_ok=True) - with open(f'{args.file_output}/git-repo-scanner-findings.json', 'w') as out: + with open(f"{args.file_output}/git-repo-scanner-findings.json", "w") as out: json.dump(findings, out) @@ -100,73 +99,91 @@ def parse_duration_as_datetime(val: str): try: parsed = timeparse(val) if parsed is None: - raise argparse.ArgumentTypeError(f'Not a valid duration: {val}.') + raise argparse.ArgumentTypeError(f"Not a valid duration: {val}.") delta = timedelta(seconds=parsed) return now_utc - delta except Exception: - raise argparse.ArgumentTypeError(f'Not a valid duration: {val}.') + raise argparse.ArgumentTypeError(f"Not a valid duration: {val}.") def get_parser_args(args=None): - parser = argparse.ArgumentParser(prog='git_repo_scanner', - description='Scan public or private git repositories of organizations or groups') - parser.add_argument('--git-type', - help='Repository type can be github or GitLab', - choices=['github', 'gitlab'], - required=True) - parser.add_argument('--file-output', - help='The path of the output file', - required=True), - parser.add_argument('--url', help='The GitLab url or a GitHub enterprise api url.', - required=False) - parser.add_argument('--access-token', - help='An access token for authentication', - required=False) - parser.add_argument('--organization', - help='The name of the GitHub organization to scan', - required=False) - parser.add_argument('--group', - help='The id of the GitLab group to scan', - type=int, - required=False) - parser.add_argument('--ignore-repos', - help='A list of repo ids to ignore', - action='extend', - nargs='+', - type=int, - default=[], - required=False) - parser.add_argument('--ignore-groups', - help='A list of GitLab group ids to ignore', - action='extend', - nargs='+', - type=int, - default=[], - required=False) - parser.add_argument('--obey-rate-limit', - help='True to obey the rate limit of the GitLab or GitHub server (default), otherwise False', - type=bool, - default=True, - required=False) - parser.add_argument('--annotate-latest-commit-id', - help="Annotate the results with the latest commit hash of the main branch of the repository. " - "Will result in up to two extra API hits per repository", - type=bool, - default=False, - required=False) - parser.add_argument('--activity-since-duration', - help='Return git repo findings with repo activity (e.g. commits) more recent than a specific ' - 'date expressed by a duration (now - duration)', - type=parse_duration_as_datetime, - required=False) - parser.add_argument('--activity-until-duration', - help='Return git repo findings with repo activity (e.g. commits) older than a specific date ' - 'expressed by a duration (now - duration)', - type=parse_duration_as_datetime, - required=False) + parser = argparse.ArgumentParser( + prog="git_repo_scanner", + description="Scan public or private git repositories of organizations or groups", + ) + parser.add_argument( + "--git-type", + help="Repository type can be github or GitLab", + choices=["github", "gitlab"], + required=True, + ) + parser.add_argument( + "--file-output", help="The path of the output file", required=True + ), + parser.add_argument( + "--url", help="The GitLab url or a GitHub enterprise api url.", required=False + ) + parser.add_argument( + "--access-token", help="An access token for authentication", required=False + ) + parser.add_argument( + "--organization", + help="The name of the GitHub organization to scan", + required=False, + ) + parser.add_argument( + "--group", help="The id of the GitLab group to scan", type=int, required=False + ) + parser.add_argument( + "--ignore-repos", + help="A list of repo ids to ignore", + action="extend", + nargs="+", + type=int, + default=[], + required=False, + ) + parser.add_argument( + "--ignore-groups", + help="A list of GitLab group ids to ignore", + action="extend", + nargs="+", + type=int, + default=[], + required=False, + ) + parser.add_argument( + "--obey-rate-limit", + help="True to obey the rate limit of the GitLab or GitHub server (default), otherwise False", + type=bool, + default=True, + required=False, + ) + parser.add_argument( + "--annotate-latest-commit-id", + help="Annotate the results with the latest commit hash of the main branch of the repository. " + "Will result in up to two extra API hits per repository", + type=bool, + default=False, + required=False, + ) + parser.add_argument( + "--activity-since-duration", + help="Return git repo findings with repo activity (e.g. commits) more recent than a specific " + "date expressed by a duration (now - duration)", + type=parse_duration_as_datetime, + required=False, + ) + parser.add_argument( + "--activity-until-duration", + help="Return git repo findings with repo activity (e.g. commits) older than a specific date " + "expressed by a duration (now - duration)", + type=parse_duration_as_datetime, + required=False, + ) return parser.parse_args(args) -if __name__ == '__main__': +if __name__ == "__main__": main() diff --git a/scanners/git-repo-scanner/scanner/git_repo_scanner/abstract_scanner.py b/scanners/git-repo-scanner/scanner/git_repo_scanner/abstract_scanner.py index 92748e3ec1..175b247379 100644 --- a/scanners/git-repo-scanner/scanner/git_repo_scanner/abstract_scanner.py +++ b/scanners/git-repo-scanner/scanner/git_repo_scanner/abstract_scanner.py @@ -10,38 +10,51 @@ class AbstractScanner(abc.ABC): - @property @abc.abstractmethod def git_type(self) -> str: raise NotImplementedError() @abc.abstractmethod - def process(self, start_time: Optional[datetime] = None, end_time: Optional[datetime] = None) -> List[FINDING]: + def process( + self, start_time: Optional[datetime] = None, end_time: Optional[datetime] = None + ) -> List[FINDING]: raise NotImplementedError() - def _create_finding(self, repo_id: str, web_url: str, full_name: str, owner_type: str, owner_id: str, - owner_name: str, created_at: str, last_activity_at: str, visibility: str, - archived: bool, topics: list, last_commit_id: str = None) -> FINDING: + def _create_finding( + self, + repo_id: str, + web_url: str, + full_name: str, + owner_type: str, + owner_id: str, + owner_name: str, + created_at: str, + last_activity_at: str, + visibility: str, + archived: bool, + topics: list, + last_commit_id: str = None, + ) -> FINDING: finding = { - 'name': f'{self.git_type} Repo', - 'description': f'A {self.git_type} repository', - 'category': 'Git Repository', - 'osi_layer': 'APPLICATION', - 'severity': 'INFORMATIONAL', - 'attributes': { - 'id': repo_id, - 'web_url': web_url, - 'full_name': full_name, - 'owner_type': owner_type, - 'owner_id': owner_id, - 'topics': topics, - 'owner_name': owner_name, - 'created_at': created_at, - 'last_activity_at': last_activity_at, - 'visibility': visibility, - 'archived': archived, - } + "name": f"{self.git_type} Repo", + "description": f"A {self.git_type} repository", + "category": "Git Repository", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": { + "id": repo_id, + "web_url": web_url, + "full_name": full_name, + "owner_type": owner_type, + "owner_id": owner_id, + "topics": topics, + "owner_name": owner_name, + "created_at": created_at, + "last_activity_at": last_activity_at, + "visibility": visibility, + "archived": archived, + }, } if last_commit_id is not None: finding["attributes"]["last_commit_id"] = last_commit_id diff --git a/scanners/git-repo-scanner/scanner/git_repo_scanner/github_scanner.py b/scanners/git-repo-scanner/scanner/git_repo_scanner/github_scanner.py index e21770359a..088b8b4b9f 100644 --- a/scanners/git-repo-scanner/scanner/git_repo_scanner/github_scanner.py +++ b/scanners/git-repo-scanner/scanner/git_repo_scanner/github_scanner.py @@ -7,26 +7,36 @@ import time from calendar import timegm from datetime import datetime, timezone -from typing import Optional, List +from typing import List, Optional import github +from git_repo_scanner.abstract_scanner import FINDING, AbstractScanner from github.Organization import Organization from github.PaginatedList import PaginatedList from github.Repository import Repository -from git_repo_scanner.abstract_scanner import AbstractScanner, FINDING - class GitHubScanner(AbstractScanner): - LOGGER = logging.getLogger('git_repo_scanner') - - def __init__(self, url: Optional[str], access_token: Optional[str], organization: str, ignore_repos: List[int], - obey_rate_limit: bool = True, annotate_latest_commit_id: bool = False) -> None: + LOGGER = logging.getLogger("git_repo_scanner") + + def __init__( + self, + url: Optional[str], + access_token: Optional[str], + organization: str, + ignore_repos: List[int], + obey_rate_limit: bool = True, + annotate_latest_commit_id: bool = False, + ) -> None: super().__init__() if not organization: - raise argparse.ArgumentError(None, 'Organization required for GitHub connection.') + raise argparse.ArgumentError( + None, "Organization required for GitHub connection." + ) if url and not access_token: - raise argparse.ArgumentError(None, 'Access token required for GitHub connection.') + raise argparse.ArgumentError( + None, "Access token required for GitHub connection." + ) self._url = url self._access_token = access_token @@ -38,60 +48,76 @@ def __init__(self, url: Optional[str], access_token: Optional[str], organization @property def git_type(self) -> str: - return 'GitHub' + return "GitHub" - def process(self, start_time: Optional[datetime] = None, end_time: Optional[datetime] = None) -> List[FINDING]: + def process( + self, start_time: Optional[datetime] = None, end_time: Optional[datetime] = None + ) -> List[FINDING]: self._setup() return self._process_repos(start_time, end_time) - def _process_repos(self, start_time: Optional[datetime], end_time: Optional[datetime]): + def _process_repos( + self, start_time: Optional[datetime], end_time: Optional[datetime] + ): findings = [] org: Organization = self._gh.get_organization(self._organization) - repos: PaginatedList[Repository] = org.get_repos(type='all', sort='pushed', direction='asc') + repos: PaginatedList[Repository] = org.get_repos( + type="all", sort="pushed", direction="asc" + ) if start_time: - repos = org.get_repos(type='all', sort='pushed', direction='desc') + repos = org.get_repos(type="all", sort="pushed", direction="desc") for i in range(repos.totalCount): self._process_repos_page(findings, repos.get_page(i), start_time, end_time) return findings - def _process_repos_page(self, - findings: List[FINDING], - repos: List[Repository], - start_time: Optional[datetime] = None, - end_time: Optional[datetime] = None): + def _process_repos_page( + self, + findings: List[FINDING], + repos: List[Repository], + start_time: Optional[datetime] = None, + end_time: Optional[datetime] = None, + ): repo: Repository for repo in repos: if repo.id not in self._ignore_repos: self.LOGGER.info( - f'{len(findings) + 1} - Name: {repo.name} - LastUpdate: {repo.updated_at} - LastPush: {repo.pushed_at}') + f"{len(findings) + 1} - Name: {repo.name} - LastUpdate: {repo.updated_at} - LastPush: {repo.pushed_at}" + ) - if (start_time or end_time) \ - and not self._check_repo_is_in_time_frame(repo.pushed_at, start_time, end_time): + if (start_time or end_time) and not self._check_repo_is_in_time_frame( + repo.pushed_at, start_time, end_time + ): break findings.append(self._create_finding_from_repo(repo)) self._respect_github_ratelimit() - def _check_repo_is_in_time_frame(self, - pushed_at: datetime, - start_time: Optional[datetime] = None, - end_time: Optional[datetime] = None): + def _check_repo_is_in_time_frame( + self, + pushed_at: datetime, + start_time: Optional[datetime] = None, + end_time: Optional[datetime] = None, + ): # Explicitly set timezone of pushed_at, as it is not set by the library (but is in UTC) pushed_at = pushed_at.replace(tzinfo=timezone.utc) if start_time: if pushed_at > start_time: return True else: - self.LOGGER.info(f'Reached activity limit! Ignoring all repos with activity since `{start_time}`.') + self.LOGGER.info( + f"Reached activity limit! Ignoring all repos with activity since `{start_time}`." + ) return False elif end_time: if pushed_at < end_time: return True else: - self.LOGGER.info(f'Reached activity limit! Ignoring all repos with activity until `{end_time}`.') + self.LOGGER.info( + f"Reached activity limit! Ignoring all repos with activity until `{end_time}`." + ) return False def _respect_github_ratelimit(self): @@ -102,9 +128,17 @@ def _respect_github_ratelimit(self): seconds_until_reset = reset_timestamp - timegm(time.gmtime()) + 5 sleep_time = seconds_until_reset / api_limit.remaining - self.LOGGER.info('Checking Rate-Limit (' + str(self._obey_rate_limit) + ') [remainingApiCalls: ' + str( - api_limit.remaining) + ', seconds_until_reset: ' + str(seconds_until_reset) + ', sleepTime: ' + str( - sleep_time) + ']') + self.LOGGER.info( + "Checking Rate-Limit (" + + str(self._obey_rate_limit) + + ") [remainingApiCalls: " + + str(api_limit.remaining) + + ", seconds_until_reset: " + + str(seconds_until_reset) + + ", sleepTime: " + + str(sleep_time) + + "]" + ) time.sleep(sleep_time) def _setup(self): @@ -121,9 +155,13 @@ def _setup_without_url(self): def _setup_with_url(self): if self._access_token: - self._gh = github.Github(base_url=self._url, login_or_token=self._access_token) + self._gh = github.Github( + base_url=self._url, login_or_token=self._access_token + ) else: - raise argparse.ArgumentError(None, 'Access token required for github enterprise authentication.') + raise argparse.ArgumentError( + None, "Access token required for github enterprise authentication." + ) def _create_finding_from_repo(self, repo: Repository) -> FINDING: latest_commit: str = None @@ -131,7 +169,9 @@ def _create_finding_from_repo(self, repo: Repository) -> FINDING: try: latest_commit = repo.get_commits()[0].sha except Exception: - self.LOGGER.warn("Could not identify the latest commit ID - repository without commits?") + self.LOGGER.warn( + "Could not identify the latest commit ID - repository without commits?" + ) latest_commit = "" return super()._create_finding( str(repo.id), @@ -142,8 +182,8 @@ def _create_finding_from_repo(self, repo: Repository) -> FINDING: repo.owner.name, repo.created_at.strftime("%Y-%m-%dT%H:%M:%SZ"), repo.updated_at.strftime("%Y-%m-%dT%H:%M:%SZ"), - 'private' if repo.private else 'public', + "private" if repo.private else "public", repo.archived, repo.get_topics(), - latest_commit + latest_commit, ) diff --git a/scanners/git-repo-scanner/scanner/git_repo_scanner/gitlab_scanner.py b/scanners/git-repo-scanner/scanner/git_repo_scanner/gitlab_scanner.py index 707f8c690b..8792b6a415 100644 --- a/scanners/git-repo-scanner/scanner/git_repo_scanner/gitlab_scanner.py +++ b/scanners/git-repo-scanner/scanner/git_repo_scanner/gitlab_scanner.py @@ -8,28 +8,32 @@ from typing import List, Optional import gitlab +from git_repo_scanner.abstract_scanner import FINDING, AbstractScanner from gitlab.v4.objects import Project, ProjectManager -from git_repo_scanner.abstract_scanner import AbstractScanner, FINDING - -logger = logging.getLogger('git_repo_scanner') +logger = logging.getLogger("git_repo_scanner") class GitLabScanner(AbstractScanner): - LOGGER = logging.getLogger('git_repo_scanner') - - def __init__(self, url: str, - access_token: str, - group: Optional[int], - ignored_groups: List[int], - ignore_repos: List[int], - obey_rate_limit: bool = True, - annotate_latest_commit_id: bool = False) -> None: + LOGGER = logging.getLogger("git_repo_scanner") + + def __init__( + self, + url: str, + access_token: str, + group: Optional[int], + ignored_groups: List[int], + ignore_repos: List[int], + obey_rate_limit: bool = True, + annotate_latest_commit_id: bool = False, + ) -> None: super().__init__() if not url: - raise argparse.ArgumentError(None, 'URL required for GitLab connection.') + raise argparse.ArgumentError(None, "URL required for GitLab connection.") if not access_token: - raise argparse.ArgumentError(None, 'Access token required for GitLab authentication.') + raise argparse.ArgumentError( + None, "Access token required for GitLab authentication." + ) self._url = url self._access_token = access_token @@ -42,38 +46,44 @@ def __init__(self, url: str, @property def git_type(self) -> str: - return 'GitLab' + return "GitLab" - def process(self, start_time: Optional[datetime] = None, end_time: Optional[datetime] = None) -> List[FINDING]: + def process( + self, start_time: Optional[datetime] = None, end_time: Optional[datetime] = None + ) -> List[FINDING]: self._authenticate() projects: List[Project] = self._get_projects(start_time, end_time) return self._process_projects(projects) - + def _group_project_to_project(self, group_project): # The GitLab API library gives us a GroupProject object, which has limited functionality. # This function turns the GroupProject into a "real" project, which allows us to get the # list of commits and include the SHA1 of the latest commit in the output later return self._gl.projects.get(group_project.id, lazy=True) - def _get_projects(self, start_time: Optional[datetime], end_time: Optional[datetime]): - logger.info(f'Get GitLab repositories with last activity between {start_time} and {end_time}.') + def _get_projects( + self, start_time: Optional[datetime], end_time: Optional[datetime] + ): + logger.info( + f"Get GitLab repositories with last activity between {start_time} and {end_time}." + ) project_manager: ProjectManager = self._gl.projects options = dict( all=True, - order_by='last_activity_at', - sort='desc', + order_by="last_activity_at", + sort="desc", obey_rate_limit=self._obey_rate_limit, - max_retries=12 + max_retries=12, ) if start_time is not None: - options['last_activity_after'] = start_time + options["last_activity_after"] = start_time if end_time is not None: - options['last_activity_before'] = end_time + options["last_activity_before"] = end_time if self._group: - options['include_subgroups'] = True + options["include_subgroups"] = True project_manager = self._gl.groups.get(self._group).projects return project_manager.list(**options) @@ -87,7 +97,7 @@ def _process_projects(self, projects: List[Project]) -> List[FINDING]: ] def _authenticate(self): - logger.info('Start GitLab authentication') + logger.info("Start GitLab authentication") try: self._gl = gitlab.Gitlab(self._url, private_token=self._access_token) self._gl.auth() @@ -95,42 +105,49 @@ def _authenticate(self): self._gl = gitlab.Gitlab(self._url, oauth_token=self._access_token) self._gl.auth() - logger.info('GitLab authentication succeeded') + logger.info("GitLab authentication succeeded") def _is_not_ignored(self, project: Project) -> bool: id_project = project.id - kind = project.namespace['kind'] - id_namespace = project.namespace['id'] + kind = project.namespace["kind"] + id_namespace = project.namespace["id"] if id_project in self._ignore_repos: return False - if kind == 'group' and id_namespace in self._ignored_groups: + if kind == "group" and id_namespace in self._ignored_groups: return False return True - def _create_finding_from_project(self, project: Project, index: int, total: int) -> FINDING: + def _create_finding_from_project( + self, project: Project, index: int, total: int + ) -> FINDING: logger.info( - f'({index + 1}/{total}) Add finding for repo {project.name} with last activity at ' - f'{datetime.fromisoformat(project.last_activity_at)}') + f"({index + 1}/{total}) Add finding for repo {project.name} with last activity at " + f"{datetime.fromisoformat(project.last_activity_at)}" + ) # Retrieve the latest commit ID latest_commit_id: str = None if self._annotate_latest_commit_id: try: - latest_commit_id = self._group_project_to_project(project).commits.list()[0].id + latest_commit_id = ( + self._group_project_to_project(project).commits.list()[0].id + ) except Exception as e: - logger.warn("Could not identify the latest commit ID - repository without commits?") + logger.warn( + "Could not identify the latest commit ID - repository without commits?" + ) latest_commit_id = "" return super()._create_finding( project.id, project.web_url, project.path_with_namespace, - project.namespace['kind'], - project.namespace['id'], - project.namespace['name'], + project.namespace["kind"], + project.namespace["id"], + project.namespace["name"], project.created_at, project.last_activity_at, project.visibility, project.archived, project.topics, - latest_commit_id + latest_commit_id, ) diff --git a/scanners/git-repo-scanner/scanner/tests/git_repo_scanner_test.py b/scanners/git-repo-scanner/scanner/tests/git_repo_scanner_test.py index 8e0deb43c8..0254f15d6e 100644 --- a/scanners/git-repo-scanner/scanner/tests/git_repo_scanner_test.py +++ b/scanners/git-repo-scanner/scanner/tests/git_repo_scanner_test.py @@ -6,22 +6,19 @@ import datetime import unittest from datetime import timezone -from unittest.mock import MagicMock, Mock -from unittest.mock import patch +from unittest.mock import MagicMock, Mock, patch import gitlab -from gitlab.v4.objects import Project, ProjectManager - from git_repo_scanner.__main__ import get_parser_args from git_repo_scanner.github_scanner import GitHubScanner from git_repo_scanner.gitlab_scanner import GitLabScanner +from gitlab.v4.objects import Project, ProjectManager class GitRepoScannerTests(unittest.TestCase): - @property def wrong_output_msg(self) -> str: - return 'Test finding output' + return "Test finding output" def prepare_gitlab_commitlist_mock(self, mock_gptp, mock_commitmanager): mock_gptp.side_effect = self._mock_group_project_to_project @@ -30,114 +27,162 @@ def prepare_gitlab_commitlist_mock(self, mock_gptp, mock_commitmanager): def _mock_group_project_to_project(self, project): return project - @patch('gitlab.v4.objects.ProjectCommitManager.list') - @patch('git_repo_scanner.gitlab_scanner.GitLabScanner._group_project_to_project') - def test_process_gitlab_projects_with_no_ignore_list(self, mock_gptp, mock_commitmanager): + @patch("gitlab.v4.objects.ProjectCommitManager.list") + @patch("git_repo_scanner.gitlab_scanner.GitLabScanner._group_project_to_project") + def test_process_gitlab_projects_with_no_ignore_list( + self, mock_gptp, mock_commitmanager + ): # given - scanner = GitLabScanner('url', 'token', None, [], [], annotate_latest_commit_id=True) + scanner = GitLabScanner( + "url", "token", None, [], [], annotate_latest_commit_id=True + ) projects = assemble_projects() self.prepare_gitlab_commitlist_mock(mock_gptp, mock_commitmanager) # when findings = scanner._process_projects(projects) # then - self.assertEqual(3, len(findings), msg='There should be exactly 3 findings') - self.assertEqual(findings[0]['name'], 'GitLab Repo', msg=self.wrong_output_msg) - self.assertEqual(findings[0]['attributes']['web_url'], 'url1', msg=self.wrong_output_msg) - self.assertEqual(findings[1]['attributes']['web_url'], 'url2', msg=self.wrong_output_msg) - self.assertEqual(findings[2]['attributes']['web_url'], 'url3', msg=self.wrong_output_msg) - self.assertEqual(findings[0]['attributes']["last_commit_id"], "deadbeef") - self.assertEqual(findings[1]['attributes']["archived"], False) - self.assertEqual(findings[2]['attributes']["archived"], True) - self.assertEqual(findings[0]['attributes']["topics"], []) - self.assertEqual(findings[2]['attributes']["topics"], ["outdated"]) + self.assertEqual(3, len(findings), msg="There should be exactly 3 findings") + self.assertEqual(findings[0]["name"], "GitLab Repo", msg=self.wrong_output_msg) + self.assertEqual( + findings[0]["attributes"]["web_url"], "url1", msg=self.wrong_output_msg + ) + self.assertEqual( + findings[1]["attributes"]["web_url"], "url2", msg=self.wrong_output_msg + ) + self.assertEqual( + findings[2]["attributes"]["web_url"], "url3", msg=self.wrong_output_msg + ) + self.assertEqual(findings[0]["attributes"]["last_commit_id"], "deadbeef") + self.assertEqual(findings[1]["attributes"]["archived"], False) + self.assertEqual(findings[2]["attributes"]["archived"], True) + self.assertEqual(findings[0]["attributes"]["topics"], []) + self.assertEqual(findings[2]["attributes"]["topics"], ["outdated"]) mock_gptp.assert_called() mock_commitmanager.assert_called() - @patch('gitlab.v4.objects.ProjectCommitManager.list') - @patch('git_repo_scanner.gitlab_scanner.GitLabScanner._group_project_to_project') - def test_process_gitlab_projects_without_annotating_commit_id(self, mock_gptp, mock_commitmanager): + @patch("gitlab.v4.objects.ProjectCommitManager.list") + @patch("git_repo_scanner.gitlab_scanner.GitLabScanner._group_project_to_project") + def test_process_gitlab_projects_without_annotating_commit_id( + self, mock_gptp, mock_commitmanager + ): # given - scanner = GitLabScanner('url', 'token', None, [], [], annotate_latest_commit_id=False) + scanner = GitLabScanner( + "url", "token", None, [], [], annotate_latest_commit_id=False + ) projects = assemble_projects() self.prepare_gitlab_commitlist_mock(mock_gptp, mock_commitmanager) # when findings = scanner._process_projects(projects) # then - self.assertEqual(3, len(findings), msg='There should be exactly 3 findings') - self.assertEqual(findings[0]['name'], 'GitLab Repo', msg=self.wrong_output_msg) - self.assertEqual(findings[0]['attributes']['web_url'], 'url1', msg=self.wrong_output_msg) - self.assertEqual(findings[1]['attributes']['web_url'], 'url2', msg=self.wrong_output_msg) - self.assertEqual(findings[2]['attributes']['web_url'], 'url3', msg=self.wrong_output_msg) - self.assertFalse("last_commit_id" in findings[0]['attributes']) + self.assertEqual(3, len(findings), msg="There should be exactly 3 findings") + self.assertEqual(findings[0]["name"], "GitLab Repo", msg=self.wrong_output_msg) + self.assertEqual( + findings[0]["attributes"]["web_url"], "url1", msg=self.wrong_output_msg + ) + self.assertEqual( + findings[1]["attributes"]["web_url"], "url2", msg=self.wrong_output_msg + ) + self.assertEqual( + findings[2]["attributes"]["web_url"], "url3", msg=self.wrong_output_msg + ) + self.assertFalse("last_commit_id" in findings[0]["attributes"]) mock_gptp.assert_not_called() mock_commitmanager.assert_not_called() - @patch('gitlab.v4.objects.ProjectCommitManager.list') - @patch('git_repo_scanner.gitlab_scanner.GitLabScanner._group_project_to_project') - def test_process_gitlab_projects_with_ignore_group(self, mock_gptp, mock_commitmanager): + @patch("gitlab.v4.objects.ProjectCommitManager.list") + @patch("git_repo_scanner.gitlab_scanner.GitLabScanner._group_project_to_project") + def test_process_gitlab_projects_with_ignore_group( + self, mock_gptp, mock_commitmanager + ): # given - scanner = GitLabScanner('url', 'token', None, [33], [], annotate_latest_commit_id=True) + scanner = GitLabScanner( + "url", "token", None, [33], [], annotate_latest_commit_id=True + ) projects = assemble_projects() self.prepare_gitlab_commitlist_mock(mock_gptp, mock_commitmanager) # when findings = scanner._process_projects(projects) # then - self.assertEqual(2, len(findings), msg='There should be exactly 2 findings') - self.assertEqual(findings[0]['attributes']['web_url'], 'url1', msg=self.wrong_output_msg) - self.assertEqual(findings[1]['attributes']['web_url'], 'url2', msg=self.wrong_output_msg) - self.assertEqual(findings[0]['attributes']["last_commit_id"], "deadbeef") + self.assertEqual(2, len(findings), msg="There should be exactly 2 findings") + self.assertEqual( + findings[0]["attributes"]["web_url"], "url1", msg=self.wrong_output_msg + ) + self.assertEqual( + findings[1]["attributes"]["web_url"], "url2", msg=self.wrong_output_msg + ) + self.assertEqual(findings[0]["attributes"]["last_commit_id"], "deadbeef") mock_gptp.assert_called() mock_commitmanager.assert_called() - @patch('gitlab.v4.objects.ProjectCommitManager.list') - @patch('git_repo_scanner.gitlab_scanner.GitLabScanner._group_project_to_project') - def test_process_gitlab_projects_with_ignore_project(self, mock_gptp, mock_commitmanager): + @patch("gitlab.v4.objects.ProjectCommitManager.list") + @patch("git_repo_scanner.gitlab_scanner.GitLabScanner._group_project_to_project") + def test_process_gitlab_projects_with_ignore_project( + self, mock_gptp, mock_commitmanager + ): # given - scanner = GitLabScanner('url', 'token', None, [], [1], annotate_latest_commit_id=True) + scanner = GitLabScanner( + "url", "token", None, [], [1], annotate_latest_commit_id=True + ) projects = assemble_projects() self.prepare_gitlab_commitlist_mock(mock_gptp, mock_commitmanager) # when findings = scanner._process_projects(projects) # then - self.assertEqual(2, len(findings), msg='There should be exactly 2 findings') - self.assertEqual(findings[0]['attributes']['web_url'], 'url2', msg=self.wrong_output_msg) - self.assertEqual(findings[1]['attributes']['web_url'], 'url3', msg=self.wrong_output_msg) - self.assertEqual(findings[0]['attributes']["last_commit_id"], "deadbeef") + self.assertEqual(2, len(findings), msg="There should be exactly 2 findings") + self.assertEqual( + findings[0]["attributes"]["web_url"], "url2", msg=self.wrong_output_msg + ) + self.assertEqual( + findings[1]["attributes"]["web_url"], "url3", msg=self.wrong_output_msg + ) + self.assertEqual(findings[0]["attributes"]["last_commit_id"], "deadbeef") mock_gptp.assert_called() mock_commitmanager.assert_called() - @patch('github.Github') - @patch('github.Organization') - @patch('github.PaginatedList') - def test_process_github_repos_with_no_ignore_list(self, github_mock, org_mock, pag_mock): + @patch("github.Github") + @patch("github.Organization") + @patch("github.PaginatedList") + def test_process_github_repos_with_no_ignore_list( + self, github_mock, org_mock, pag_mock + ): # given - scanner = GitHubScanner('url', 'token', 'org', [], False, annotate_latest_commit_id=True) + scanner = GitHubScanner( + "url", "token", "org", [], False, annotate_latest_commit_id=True + ) repos = assemble_repos() create_mocks(github_mock, org_mock, pag_mock, repos) scanner._gh = github_mock # when findings = scanner._process_repos(None, None) # then - org_mock.get_repos.assert_called_with(type='all', sort='pushed', direction='asc') - self.assertEqual(6, len(findings), msg='There should be exactly 6 findings') + org_mock.get_repos.assert_called_with( + type="all", sort="pushed", direction="asc" + ) + self.assertEqual(6, len(findings), msg="There should be exactly 6 findings") for finding in findings: - self.assertEqual(finding['name'], 'GitHub Repo', msg=self.wrong_output_msg) - self.assertEqual(finding['attributes']["last_commit_id"], "deadbeef") - - @patch('github.Github') - @patch('github.Organization') - @patch('github.PaginatedList') - def test_process_github_repos_without_annotating_commit_ids(self, github_mock, org_mock, pag_mock): + self.assertEqual(finding["name"], "GitHub Repo", msg=self.wrong_output_msg) + self.assertEqual(finding["attributes"]["last_commit_id"], "deadbeef") + + @patch("github.Github") + @patch("github.Organization") + @patch("github.PaginatedList") + def test_process_github_repos_without_annotating_commit_ids( + self, github_mock, org_mock, pag_mock + ): # given - scanner = GitHubScanner('url', 'token', 'org', [], False, annotate_latest_commit_id=False) + scanner = GitHubScanner( + "url", "token", "org", [], False, annotate_latest_commit_id=False + ) repos = assemble_repos() create_mocks(github_mock, org_mock, pag_mock, repos) scanner._gh = github_mock # when findings = scanner._process_repos(None, None) # then - org_mock.get_repos.assert_called_with(type='all', sort='pushed', direction='asc') - self.assertEqual(6, len(findings), msg='There should be exactly 6 findings') + org_mock.get_repos.assert_called_with( + type="all", sort="pushed", direction="asc" + ) + self.assertEqual(6, len(findings), msg="There should be exactly 6 findings") self.assertFalse(findings[0]["attributes"]["archived"]) self.assertFalse(findings[1]["attributes"]["archived"]) self.assertTrue(findings[2]["attributes"]["archived"]) @@ -147,48 +192,62 @@ def test_process_github_repos_without_annotating_commit_ids(self, github_mock, o self.assertEqual(findings[0]["attributes"]["topics"], []) self.assertEqual(findings[2]["attributes"]["topics"], ["outdated"]) for finding in findings: - self.assertEqual(finding['name'], 'GitHub Repo', msg=self.wrong_output_msg) - self.assertFalse("last_commit_id" in finding['attributes']) + self.assertEqual(finding["name"], "GitHub Repo", msg=self.wrong_output_msg) + self.assertFalse("last_commit_id" in finding["attributes"]) - @patch('github.Github') - @patch('github.Organization') - @patch('github.PaginatedList') - def test_process_github_repos_with_ignore_repos(self, github_mock, org_mock, pag_mock): + @patch("github.Github") + @patch("github.Organization") + @patch("github.PaginatedList") + def test_process_github_repos_with_ignore_repos( + self, github_mock, org_mock, pag_mock + ): # given - scanner = GitHubScanner('url', 'token', 'org', [1], False, annotate_latest_commit_id=True) + scanner = GitHubScanner( + "url", "token", "org", [1], False, annotate_latest_commit_id=True + ) repos = assemble_repos() create_mocks(github_mock, org_mock, pag_mock, repos) scanner._gh = github_mock # when findings = scanner._process_repos(None, None) # then - github_mock.get_organization.assert_called_with('org') - self.assertEqual(4, len(findings), msg='There should be exactly 4 findings') - self.assertEqual(findings[0]['attributes']["last_commit_id"], "deadbeef") + github_mock.get_organization.assert_called_with("org") + self.assertEqual(4, len(findings), msg="There should be exactly 4 findings") + self.assertEqual(findings[0]["attributes"]["last_commit_id"], "deadbeef") def test_setup_github_with_url_and_no_token_should_exit(self): # when with self.assertRaises(argparse.ArgumentError) as cm: - GitHubScanner('url', None, 'org', []) + GitHubScanner("url", None, "org", []) # then - self.assertEqual(cm.exception.args[1], 'Access token required for GitHub connection.', - msg='Process should exit') + self.assertEqual( + cm.exception.args[1], + "Access token required for GitHub connection.", + msg="Process should exit", + ) def get_args(ignore_groups=0, ignore_projects=0, url=None, access_token=None, org=None): - args = ['--git-type', 'someType', - '--file-output', 'out', - '--obey-rate-limit', False, - '--ignore-repos', str(ignore_projects), - '--ignore-groups', str(ignore_groups)] + args = [ + "--git-type", + "someType", + "--file-output", + "out", + "--obey-rate-limit", + False, + "--ignore-repos", + str(ignore_projects), + "--ignore-groups", + str(ignore_groups), + ] if url: - args.append('--url') + args.append("--url") args.append(url) if access_token: - args.append('--access-token') + args.append("--access-token") args.append(access_token) if org: - args.append('--organization') + args.append("--organization") args.append(org) return get_parser_args(args) @@ -204,19 +263,61 @@ def create_mocks(github_mock, org_mock, pag_mock, repos): def assemble_projects(): created = datetime.datetime(2020, 10, 10, tzinfo=timezone.utc).isoformat() updated = datetime.datetime(2020, 11, 10, tzinfo=timezone.utc).isoformat() - project1 = assemble_project(p_id=1, name='name1', url='url1', path='path1', date_created=created, - date_updated=updated, visibility='private', o_id=11, o_kind='group', - o_name='name11') - project2 = assemble_project(p_id=2, name='name2', url='url2', path='path2', date_created=created, - date_updated=updated, visibility='private', o_id=22, o_kind='user', - o_name='name22') - project3 = assemble_project(p_id=3, name='name3', url='url3', path='path3', date_created=created, - date_updated=updated, visibility='private', o_id=33, o_kind='group', - o_name='name33', archived=True, topics=["outdated"]) + project1 = assemble_project( + p_id=1, + name="name1", + url="url1", + path="path1", + date_created=created, + date_updated=updated, + visibility="private", + o_id=11, + o_kind="group", + o_name="name11", + ) + project2 = assemble_project( + p_id=2, + name="name2", + url="url2", + path="path2", + date_created=created, + date_updated=updated, + visibility="private", + o_id=22, + o_kind="user", + o_name="name22", + ) + project3 = assemble_project( + p_id=3, + name="name3", + url="url3", + path="path3", + date_created=created, + date_updated=updated, + visibility="private", + o_id=33, + o_kind="group", + o_name="name33", + archived=True, + topics=["outdated"], + ) return [project1, project2, project3] -def assemble_project(p_id, name, url, path, date_created, date_updated, visibility, o_id, o_kind, o_name, archived=False, topics=[]): +def assemble_project( + p_id, + name, + url, + path, + date_created, + date_updated, + visibility, + o_id, + o_kind, + o_name, + archived=False, + topics=[], +): project = Project(ProjectManager(gitlab), {}) project.id = p_id project.name = name @@ -225,11 +326,7 @@ def assemble_project(p_id, name, url, path, date_created, date_updated, visibili project.created_at = date_created project.last_activity_at = date_updated project.visibility = visibility - project.namespace = { - 'kind': o_kind, - 'id': o_id, - 'name': o_name - } + project.namespace = {"kind": o_kind, "id": o_id, "name": o_name} project.archived = archived project.topics = topics return project @@ -237,21 +334,65 @@ def assemble_project(p_id, name, url, path, date_created, date_updated, visibili def assemble_repos(): date = datetime.datetime(2020, 5, 17, tzinfo=timezone.utc) - project1 = assemble_repository(p_id=1, name='name1', url='url1', path='path1', date_created=date, - date_updated=date, date_pushed=date, visibility=True, o_id=11, o_kind='organization', - o_name='name11') - project2 = assemble_repository(p_id=2, name='name2', url='url2', path='path2', date_created=date, - date_updated=date, date_pushed=date, visibility=False, o_id=22, - o_kind='organization', - o_name='name22') - project3 = assemble_repository(p_id=3, name='name3', url='url3', path='path3', date_created=date, - date_updated=date, date_pushed=date, visibility=False, o_id=33, - o_kind='organization', o_name='name33', archived=True, topics=["outdated"]) + project1 = assemble_repository( + p_id=1, + name="name1", + url="url1", + path="path1", + date_created=date, + date_updated=date, + date_pushed=date, + visibility=True, + o_id=11, + o_kind="organization", + o_name="name11", + ) + project2 = assemble_repository( + p_id=2, + name="name2", + url="url2", + path="path2", + date_created=date, + date_updated=date, + date_pushed=date, + visibility=False, + o_id=22, + o_kind="organization", + o_name="name22", + ) + project3 = assemble_repository( + p_id=3, + name="name3", + url="url3", + path="path3", + date_created=date, + date_updated=date, + date_pushed=date, + visibility=False, + o_id=33, + o_kind="organization", + o_name="name33", + archived=True, + topics=["outdated"], + ) return [project1, project2, project3] -def assemble_repository(p_id, name, url, path, date_created: datetime, date_updated: datetime, date_pushed: datetime, - visibility: bool, o_id, o_kind, o_name, archived = False, topics=[]): +def assemble_repository( + p_id, + name, + url, + path, + date_created: datetime, + date_updated: datetime, + date_pushed: datetime, + visibility: bool, + o_id, + o_kind, + o_name, + archived=False, + topics=[], +): repo = Mock() owner = Mock() @@ -273,5 +414,5 @@ def assemble_repository(p_id, name, url, path, date_created: datetime, date_upda return repo -if __name__ == '__main__': +if __name__ == "__main__": unittest.main() diff --git a/scanners/gitleaks/examples/private-repository/scan.yaml b/scanners/gitleaks/examples/private-repository/scan.yaml index a9297dd40f..f3970cc713 100644 --- a/scanners/gitleaks/examples/private-repository/scan.yaml +++ b/scanners/gitleaks/examples/private-repository/scan.yaml @@ -21,7 +21,7 @@ spec: initContainers: - name: "git-clone" image: bitnami/git - # Specify that the "repo" volume should also be mounted on the + # Specify that the "repo" volume should also be mounted on the # initContainer volumeMounts: - name: repo @@ -48,4 +48,4 @@ spec: - "detect" # Point it at the location of the repository - "--source" - - "/repo/" \ No newline at end of file + - "/repo/" diff --git a/scanners/gitleaks/examples/secureCodeBox/findings.json b/scanners/gitleaks/examples/secureCodeBox/findings.json index a4fbdcbc57..842cf6b84c 100644 --- a/scanners/gitleaks/examples/secureCodeBox/findings.json +++ b/scanners/gitleaks/examples/secureCodeBox/findings.json @@ -44,4 +44,4 @@ { "note": "Results truncated for space reasons" } -] \ No newline at end of file +] diff --git a/scanners/gitleaks/examples/secureCodeBox/scan.yaml b/scanners/gitleaks/examples/secureCodeBox/scan.yaml index 9b5ea5be9c..f95ab68171 100644 --- a/scanners/gitleaks/examples/secureCodeBox/scan.yaml +++ b/scanners/gitleaks/examples/secureCodeBox/scan.yaml @@ -21,7 +21,7 @@ spec: initContainers: - name: "git-clone" image: bitnami/git - # Specify that the "repo" volume should also be mounted on the + # Specify that the "repo" volume should also be mounted on the # initContainer volumeMounts: - name: repo @@ -40,4 +40,4 @@ spec: - "detect" # Point it at the location of the repository - "--source" - - "/repo/" \ No newline at end of file + - "/repo/" diff --git a/scanners/gitleaks/parser/__testFiles__/test-report.json b/scanners/gitleaks/parser/__testFiles__/test-report.json index dfcfdc6f4f..418574fb08 100644 --- a/scanners/gitleaks/parser/__testFiles__/test-report.json +++ b/scanners/gitleaks/parser/__testFiles__/test-report.json @@ -71,4 +71,4 @@ "Tags": [], "RuleID": "generic-api-key" } -] \ No newline at end of file +] diff --git a/scanners/kube-hunter/examples/in-cluster/findings.yaml b/scanners/kube-hunter/examples/in-cluster/findings.yaml index 503d6dcd12..24dfdd81fb 100644 --- a/scanners/kube-hunter/examples/in-cluster/findings.yaml +++ b/scanners/kube-hunter/examples/in-cluster/findings.yaml @@ -3,84 +3,81 @@ # SPDX-License-Identifier: Apache-2.0 { - "nodes": [ - { - "type": "Node/Master", - "location": "10.0.0.1" - }, - { - "type": "Node/Master", - "location": "10.96.0.1" - } + "nodes": + [ + { "type": "Node/Master", "location": "10.0.0.1" }, + { "type": "Node/Master", "location": "10.96.0.1" }, ], - "services": [ - { - "service": "Kubelet API", - "location": "10.0.0.1:10250", - "description": "The Kubelet is the main component in every Node, all pod operations goes through the kubelet" - }, - { - "service": "Metrics Server", - "location": "10.0.0.1:6443", - "description": "The Metrics server is in charge of providing resource usage metrics for pods and nodes to the API server." - }, - { - "service": "API Server", - "location": "10.96.0.1:443", - "description": "The API server is in charge of all operations on the cluster." - } + "services": + [ + { + "service": "Kubelet API", + "location": "10.0.0.1:10250", + "description": "The Kubelet is the main component in every Node, all pod operations goes through the kubelet", + }, + { + "service": "Metrics Server", + "location": "10.0.0.1:6443", + "description": "The Metrics server is in charge of providing resource usage metrics for pods and nodes to the API server.", + }, + { + "service": "API Server", + "location": "10.96.0.1:443", + "description": "The API server is in charge of all operations on the cluster.", + }, ], - "vulnerabilities": [ - { - "location": "Local to Pod(scan-kube-hunter-in-cluster-4rfff)", - "vid": "KHV050", - "category": "Access Risk", - "severity": "low", - "vulnerability": "Read access to pod's service account token", - "description": " Accessing the pod service account token gives an attacker the option to use the server API ", - "evidence": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkNabmY2NVgxUmR1ZnQzbHJVQVAzZFFUNjBiR0hUVE9SRDNPcURyenlkODgifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6Imx1cmNoZXItdG9rZW4tcGpmNGIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoibHVyY2hlciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjUzOGVhYjdmLTY1YjAtNDE4Yy04MGI2LTI1NGQxNDQ4ODU3NiIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpkZWZhdWx0Omx1cmNoZXIifQ.cGtQHagQ2xxlAFnWwFRNgGJIkaeZIKnqoYYb8GmxN94ry0wwxCbgBm4Kg33A903wDBxd8iuITTk-r8UPZyYJHoxlVu0pHt-3SAc4NT0ob50R2acVXQ2qj_yJOOQHurCWeOJMkGqtCyUoZ8Xcnc6z32Ao-NWzKD-0wV7ndpKm-ytHP0YpHb9bLUPcQGvFoh_UF132yjeJqzwLPRX6hStMYOa8LNhJGyhdejW3BIOylzVPNkKE5lEjWv9f853qnTKG-TzXHBbth7qV8UHwSoY8YFoMezK3zazQt4dN1VG_wYmZ0ujikTC7TRTGr500kFxfpACKwdQ1M1fXgKJhNv9UgA", - "hunter": "Access Secrets" - }, - { - "location": "Local to Pod(scan-kube-hunter-in-cluster-4rfff)", - "vid": "None", - "category": "Access Risk", - "severity": "low", - "vulnerability": "CAP_NET_RAW Enabled", - "description": "CAP_NET_RAW is enabled by default for pods. If an attacker manages to compromise a pod, they could potentially take advantage of this capability to perform network attacks on other pods running on the same node", - "evidence": "", - "hunter": "Pod Capabilities Hunter" - }, - { - "location": "Local to Pod(scan-kube-hunter-in-cluster-4rfff)", - "vid": "None", - "category": "Access Risk", - "severity": "low", - "vulnerability": "Access to pod's secrets", - "description": " Accessing the pod's secrets within a compromised pod might disclose valuable data to a potential attacker", - "evidence": "['/var/run/secrets/kubernetes.io/serviceaccount/namespace', '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt', '/var/run/secrets/kubernetes.io/serviceaccount/token', '/var/run/secrets/kubernetes.io/serviceaccount/..2020_04_03_14_52_24.460746409/ca.crt', '/var/run/secrets/kubernetes.io/serviceaccount/..2020_04_03_14_52_24.460746409/token', '/var/run/secrets/kubernetes.io/serviceaccount/..2020_04_03_14_52_24.460746409/namespace']", - "hunter": "Access Secrets" - }, - { - "location": "10.96.0.1:443", - "vid": "KHV002", - "category": "Information Disclosure", - "severity": "medium", - "vulnerability": "K8s Version Disclosure", - "description": "The kubernetes version could be obtained from the /version endpoint ", - "evidence": "v1.18.0", - "hunter": "Api Version Hunter" - }, - { - "location": "10.96.0.1:443", - "vid": "KHV005", - "category": "Information Disclosure", - "severity": "medium", - "vulnerability": "Access to API using service account token", - "description": " The API Server port is accessible. Depending on your RBAC settings this could expose access to or control of your cluster. ", - "evidence": "b'{\"kind\":\"APIVersions\",\"versions\":[\"v1\"],\"serverAddressByClientCIDRs\":[{\"clientCIDR\":\"0.0.0.0/0\",\"serverAddress\":\"172.17.0.2:6443\"}]}\\n'", - "hunter": "API Server Hunter" - } + "vulnerabilities": + [ + { + "location": "Local to Pod(scan-kube-hunter-in-cluster-4rfff)", + "vid": "KHV050", + "category": "Access Risk", + "severity": "low", + "vulnerability": "Read access to pod's service account token", + "description": " Accessing the pod service account token gives an attacker the option to use the server API ", + "evidence": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkNabmY2NVgxUmR1ZnQzbHJVQVAzZFFUNjBiR0hUVE9SRDNPcURyenlkODgifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6Imx1cmNoZXItdG9rZW4tcGpmNGIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoibHVyY2hlciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjUzOGVhYjdmLTY1YjAtNDE4Yy04MGI2LTI1NGQxNDQ4ODU3NiIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpkZWZhdWx0Omx1cmNoZXIifQ.cGtQHagQ2xxlAFnWwFRNgGJIkaeZIKnqoYYb8GmxN94ry0wwxCbgBm4Kg33A903wDBxd8iuITTk-r8UPZyYJHoxlVu0pHt-3SAc4NT0ob50R2acVXQ2qj_yJOOQHurCWeOJMkGqtCyUoZ8Xcnc6z32Ao-NWzKD-0wV7ndpKm-ytHP0YpHb9bLUPcQGvFoh_UF132yjeJqzwLPRX6hStMYOa8LNhJGyhdejW3BIOylzVPNkKE5lEjWv9f853qnTKG-TzXHBbth7qV8UHwSoY8YFoMezK3zazQt4dN1VG_wYmZ0ujikTC7TRTGr500kFxfpACKwdQ1M1fXgKJhNv9UgA", + "hunter": "Access Secrets", + }, + { + "location": "Local to Pod(scan-kube-hunter-in-cluster-4rfff)", + "vid": "None", + "category": "Access Risk", + "severity": "low", + "vulnerability": "CAP_NET_RAW Enabled", + "description": "CAP_NET_RAW is enabled by default for pods. If an attacker manages to compromise a pod, they could potentially take advantage of this capability to perform network attacks on other pods running on the same node", + "evidence": "", + "hunter": "Pod Capabilities Hunter", + }, + { + "location": "Local to Pod(scan-kube-hunter-in-cluster-4rfff)", + "vid": "None", + "category": "Access Risk", + "severity": "low", + "vulnerability": "Access to pod's secrets", + "description": " Accessing the pod's secrets within a compromised pod might disclose valuable data to a potential attacker", + "evidence": "['/var/run/secrets/kubernetes.io/serviceaccount/namespace', '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt', '/var/run/secrets/kubernetes.io/serviceaccount/token', '/var/run/secrets/kubernetes.io/serviceaccount/..2020_04_03_14_52_24.460746409/ca.crt', '/var/run/secrets/kubernetes.io/serviceaccount/..2020_04_03_14_52_24.460746409/token', '/var/run/secrets/kubernetes.io/serviceaccount/..2020_04_03_14_52_24.460746409/namespace']", + "hunter": "Access Secrets", + }, + { + "location": "10.96.0.1:443", + "vid": "KHV002", + "category": "Information Disclosure", + "severity": "medium", + "vulnerability": "K8s Version Disclosure", + "description": "The kubernetes version could be obtained from the /version endpoint ", + "evidence": "v1.18.0", + "hunter": "Api Version Hunter", + }, + { + "location": "10.96.0.1:443", + "vid": "KHV005", + "category": "Information Disclosure", + "severity": "medium", + "vulnerability": "Access to API using service account token", + "description": " The API Server port is accessible. Depending on your RBAC settings this could expose access to or control of your cluster. ", + "evidence": "b'{\"kind\":\"APIVersions\",\"versions\":[\"v1\"],\"serverAddressByClientCIDRs\":[{\"clientCIDR\":\"0.0.0.0/0\",\"serverAddress\":\"172.17.0.2:6443\"}]}\\n'", + "hunter": "API Server Hunter", + }, ], - "kburl": "https://aquasecurity.github.io/kube-hunter/kb/{vid}" + "kburl": "https://aquasecurity.github.io/kube-hunter/kb/{vid}", } diff --git a/scanners/kube-hunter/integration-tests/kube-hunter.test.js b/scanners/kube-hunter/integration-tests/kube-hunter.test.js index dfb76ad8f4..99b252fbf3 100644 --- a/scanners/kube-hunter/integration-tests/kube-hunter.test.js +++ b/scanners/kube-hunter/integration-tests/kube-hunter.test.js @@ -16,7 +16,7 @@ test( 4 * 60 ); - // If we got here the scan succeded + // If we got here the scan succeeded // as the number of findings will depend on the cluster, we just check if it is defined at all expect(true).toBe(true); }, diff --git a/scanners/kube-hunter/parser/__testFiles__/kind-1.18-in-cluster-scan.json b/scanners/kube-hunter/parser/__testFiles__/kind-1.18-in-cluster-scan.json index 9baec3de88..81d5d3186e 100644 --- a/scanners/kube-hunter/parser/__testFiles__/kind-1.18-in-cluster-scan.json +++ b/scanners/kube-hunter/parser/__testFiles__/kind-1.18-in-cluster-scan.json @@ -1 +1,76 @@ -{"nodes": [{"type": "Node/Master", "location": "10.244.0.1"}, {"type": "Node/Master", "location": "10.96.0.1"}], "services": [{"service": "Kubelet API", "location": "10.244.0.1:10250", "description": "The Kubelet is the main component in every Node, all pod operations goes through the kubelet"}, {"service": "Metrics Server", "location": "10.244.0.1:6443", "description": "The Metrics server is in charge of providing resource usage metrics for pods and nodes to the API server."}, {"service": "API Server", "location": "10.96.0.1:443", "description": "The API server is in charge of all operations on the cluster."}], "vulnerabilities": [{"location": "Local to Pod(scan-kube-hunter-in-cluster-4rfff)", "vid": "KHV050", "category": "Access Risk", "severity": "low", "vulnerability": "Read access to pod's service account token", "description": " Accessing the pod service account token gives an attacker the option to use the server API ", "evidence": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkNabmY2NVgxUmR1ZnQzbHJVQVAzZFFUNjBiR0hUVE9SRDNPcURyenlkODgifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6Imx1cmNoZXItdG9rZW4tcGpmNGIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoibHVyY2hlciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjUzOGVhYjdmLTY1YjAtNDE4Yy04MGI2LTI1NGQxNDQ4ODU3NiIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpkZWZhdWx0Omx1cmNoZXIifQ.cGtQHagQ2xxlAFnWwFRNgGJIkaeZIKnqoYYb8GmxN94ry0wwxCbgBm4Kg33A903wDBxd8iuITTk-r8UPZyYJHoxlVu0pHt-3SAc4NT0ob50R2acVXQ2qj_yJOOQHurCWeOJMkGqtCyUoZ8Xcnc6z32Ao-NWzKD-0wV7ndpKm-ytHP0YpHb9bLUPcQGvFoh_UF132yjeJqzwLPRX6hStMYOa8LNhJGyhdejW3BIOylzVPNkKE5lEjWv9f853qnTKG-TzXHBbth7qV8UHwSoY8YFoMezK3zazQt4dN1VG_wYmZ0ujikTC7TRTGr500kFxfpACKwdQ1M1fXgKJhNv9UgA", "hunter": "Access Secrets"}, {"location": "Local to Pod(scan-kube-hunter-in-cluster-4rfff)", "vid": "None", "category": "Access Risk", "severity": "low", "vulnerability": "CAP_NET_RAW Enabled", "description": "CAP_NET_RAW is enabled by default for pods. If an attacker manages to compromise a pod, they could potentially take advantage of this capability to perform network attacks on other pods running on the same node", "evidence": "", "hunter": "Pod Capabilities Hunter"}, {"location": "Local to Pod(scan-kube-hunter-in-cluster-4rfff)", "vid": "None", "category": "Access Risk", "severity": "low", "vulnerability": "Access to pod's secrets", "description": " Accessing the pod's secrets within a compromised pod might disclose valuable data to a potential attacker", "evidence": "['/var/run/secrets/kubernetes.io/serviceaccount/namespace', '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt', '/var/run/secrets/kubernetes.io/serviceaccount/token', '/var/run/secrets/kubernetes.io/serviceaccount/..2020_04_03_14_52_24.460746409/ca.crt', '/var/run/secrets/kubernetes.io/serviceaccount/..2020_04_03_14_52_24.460746409/token', '/var/run/secrets/kubernetes.io/serviceaccount/..2020_04_03_14_52_24.460746409/namespace']", "hunter": "Access Secrets"}, {"location": "10.96.0.1:443", "vid": "KHV002", "category": "Information Disclosure", "severity": "medium", "vulnerability": "K8s Version Disclosure", "description": "The kubernetes version could be obtained from the /version endpoint ", "evidence": "v1.18.0", "hunter": "Api Version Hunter"}, {"location": "10.96.0.1:443", "vid": "KHV005", "category": "Information Disclosure", "severity": "medium", "vulnerability": "Access to API using service account token", "description": " The API Server port is accessible. Depending on your RBAC settings this could expose access to or control of your cluster. ", "evidence": "b'{\"kind\":\"APIVersions\",\"versions\":[\"v1\"],\"serverAddressByClientCIDRs\":[{\"clientCIDR\":\"0.0.0.0/0\",\"serverAddress\":\"172.17.0.2:6443\"}]}\\n'", "hunter": "API Server Hunter"}], "kburl": "https://aquasecurity.github.io/kube-hunter/kb/{vid}"} +{ + "nodes": [ + { "type": "Node/Master", "location": "10.244.0.1" }, + { "type": "Node/Master", "location": "10.96.0.1" } + ], + "services": [ + { + "service": "Kubelet API", + "location": "10.244.0.1:10250", + "description": "The Kubelet is the main component in every Node, all pod operations goes through the kubelet" + }, + { + "service": "Metrics Server", + "location": "10.244.0.1:6443", + "description": "The Metrics server is in charge of providing resource usage metrics for pods and nodes to the API server." + }, + { + "service": "API Server", + "location": "10.96.0.1:443", + "description": "The API server is in charge of all operations on the cluster." + } + ], + "vulnerabilities": [ + { + "location": "Local to Pod(scan-kube-hunter-in-cluster-4rfff)", + "vid": "KHV050", + "category": "Access Risk", + "severity": "low", + "vulnerability": "Read access to pod's service account token", + "description": " Accessing the pod service account token gives an attacker the option to use the server API ", + "evidence": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkNabmY2NVgxUmR1ZnQzbHJVQVAzZFFUNjBiR0hUVE9SRDNPcURyenlkODgifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6Imx1cmNoZXItdG9rZW4tcGpmNGIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoibHVyY2hlciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjUzOGVhYjdmLTY1YjAtNDE4Yy04MGI2LTI1NGQxNDQ4ODU3NiIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpkZWZhdWx0Omx1cmNoZXIifQ.cGtQHagQ2xxlAFnWwFRNgGJIkaeZIKnqoYYb8GmxN94ry0wwxCbgBm4Kg33A903wDBxd8iuITTk-r8UPZyYJHoxlVu0pHt-3SAc4NT0ob50R2acVXQ2qj_yJOOQHurCWeOJMkGqtCyUoZ8Xcnc6z32Ao-NWzKD-0wV7ndpKm-ytHP0YpHb9bLUPcQGvFoh_UF132yjeJqzwLPRX6hStMYOa8LNhJGyhdejW3BIOylzVPNkKE5lEjWv9f853qnTKG-TzXHBbth7qV8UHwSoY8YFoMezK3zazQt4dN1VG_wYmZ0ujikTC7TRTGr500kFxfpACKwdQ1M1fXgKJhNv9UgA", + "hunter": "Access Secrets" + }, + { + "location": "Local to Pod(scan-kube-hunter-in-cluster-4rfff)", + "vid": "None", + "category": "Access Risk", + "severity": "low", + "vulnerability": "CAP_NET_RAW Enabled", + "description": "CAP_NET_RAW is enabled by default for pods. If an attacker manages to compromise a pod, they could potentially take advantage of this capability to perform network attacks on other pods running on the same node", + "evidence": "", + "hunter": "Pod Capabilities Hunter" + }, + { + "location": "Local to Pod(scan-kube-hunter-in-cluster-4rfff)", + "vid": "None", + "category": "Access Risk", + "severity": "low", + "vulnerability": "Access to pod's secrets", + "description": " Accessing the pod's secrets within a compromised pod might disclose valuable data to a potential attacker", + "evidence": "['/var/run/secrets/kubernetes.io/serviceaccount/namespace', '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt', '/var/run/secrets/kubernetes.io/serviceaccount/token', '/var/run/secrets/kubernetes.io/serviceaccount/..2020_04_03_14_52_24.460746409/ca.crt', '/var/run/secrets/kubernetes.io/serviceaccount/..2020_04_03_14_52_24.460746409/token', '/var/run/secrets/kubernetes.io/serviceaccount/..2020_04_03_14_52_24.460746409/namespace']", + "hunter": "Access Secrets" + }, + { + "location": "10.96.0.1:443", + "vid": "KHV002", + "category": "Information Disclosure", + "severity": "medium", + "vulnerability": "K8s Version Disclosure", + "description": "The kubernetes version could be obtained from the /version endpoint ", + "evidence": "v1.18.0", + "hunter": "Api Version Hunter" + }, + { + "location": "10.96.0.1:443", + "vid": "KHV005", + "category": "Information Disclosure", + "severity": "medium", + "vulnerability": "Access to API using service account token", + "description": " The API Server port is accessible. Depending on your RBAC settings this could expose access to or control of your cluster. ", + "evidence": "b'{\"kind\":\"APIVersions\",\"versions\":[\"v1\"],\"serverAddressByClientCIDRs\":[{\"clientCIDR\":\"0.0.0.0/0\",\"serverAddress\":\"172.17.0.2:6443\"}]}\\n'", + "hunter": "API Server Hunter" + } + ], + "kburl": "https://aquasecurity.github.io/kube-hunter/kb/{vid}" +} diff --git a/scanners/kube-hunter/parser/parser.js b/scanners/kube-hunter/parser/parser.js index a7334f3800..7ecd6baa04 100644 --- a/scanners/kube-hunter/parser/parser.js +++ b/scanners/kube-hunter/parser/parser.js @@ -13,7 +13,7 @@ async function parse({ vulnerabilities = [], nodes = [] }) { let location = vulnerability.location; if (location.startsWith('Local to Pod')) { - // This is a pod specific vulnarability. + // This is a pod specific vulnerability. // As this does not fit the secureCodeBox model to well we will scope this to the first "Node/Master" type node of the cluster. // This is subject to change. diff --git a/scanners/ncrack/cascading-rules/crack-ftp.yaml b/scanners/ncrack/cascading-rules/crack-ftp.yaml index 5588943aed..0cf8aac206 100644 --- a/scanners/ncrack/cascading-rules/crack-ftp.yaml +++ b/scanners/ncrack/cascading-rules/crack-ftp.yaml @@ -30,7 +30,6 @@ spec: - /ncrack/users.txt - -P - /ncrack/passwords.txt - - -p + - -p - ftp:{{attributes.port}} - "{{$.hostOrIP}}" - diff --git a/scanners/ncrack/cascading-rules/crack-mssql.yaml b/scanners/ncrack/cascading-rules/crack-mssql.yaml index 7d9fd19994..814620a633 100644 --- a/scanners/ncrack/cascading-rules/crack-mssql.yaml +++ b/scanners/ncrack/cascading-rules/crack-mssql.yaml @@ -30,6 +30,6 @@ spec: - /ncrack/users.txt - -P - /ncrack/passwords.txt - - -p + - -p - mssql:{{attributes.port}} - "{{$.hostOrIP}}" diff --git a/scanners/ncrack/cascading-rules/crack-mysql.yaml b/scanners/ncrack/cascading-rules/crack-mysql.yaml index cb77b56ef5..ff317b105b 100644 --- a/scanners/ncrack/cascading-rules/crack-mysql.yaml +++ b/scanners/ncrack/cascading-rules/crack-mysql.yaml @@ -30,6 +30,6 @@ spec: - /ncrack/users.txt - -P - /ncrack/passwords.txt - - -p + - -p - mysql:{{attributes.port}} - "{{$.hostOrIP}}" diff --git a/scanners/ncrack/cascading-rules/crack-postgresql.yaml b/scanners/ncrack/cascading-rules/crack-postgresql.yaml index 5a37fb0794..60729199a9 100644 --- a/scanners/ncrack/cascading-rules/crack-postgresql.yaml +++ b/scanners/ncrack/cascading-rules/crack-postgresql.yaml @@ -30,6 +30,6 @@ spec: - /ncrack/users.txt - -P - /ncrack/passwords.txt - - -p + - -p - psql:{{attributes.port}} - "{{$.hostOrIP}}" diff --git a/scanners/ncrack/cascading-rules/crack-rdp.yaml b/scanners/ncrack/cascading-rules/crack-rdp.yaml index 6e8969987f..a7a0d81175 100644 --- a/scanners/ncrack/cascading-rules/crack-rdp.yaml +++ b/scanners/ncrack/cascading-rules/crack-rdp.yaml @@ -30,6 +30,6 @@ spec: - /ncrack/users.txt - -P - /ncrack/passwords.txt - - -p + - -p - ms-wbt-server:{{attributes.port}} - "{{$.hostOrIP}}" diff --git a/scanners/ncrack/cascading-rules/crack-smb.yaml b/scanners/ncrack/cascading-rules/crack-smb.yaml index 823f498f9c..360c9a33dd 100644 --- a/scanners/ncrack/cascading-rules/crack-smb.yaml +++ b/scanners/ncrack/cascading-rules/crack-smb.yaml @@ -34,6 +34,6 @@ spec: - /ncrack/users.txt - -P - /ncrack/passwords.txt - - -p + - -p - smb:{{attributes.port}} - "{{$.hostOrIP}}" diff --git a/scanners/ncrack/cascading-rules/crack-ssh.yaml b/scanners/ncrack/cascading-rules/crack-ssh.yaml index babe4e74f9..c02f8faca4 100644 --- a/scanners/ncrack/cascading-rules/crack-ssh.yaml +++ b/scanners/ncrack/cascading-rules/crack-ssh.yaml @@ -30,6 +30,6 @@ spec: - /ncrack/users.txt - -P - /ncrack/passwords.txt - - -p + - -p - ssh:{{attributes.port}} - "{{$.hostOrIP}}" diff --git a/scanners/ncrack/cascading-rules/crack-telnet.yaml b/scanners/ncrack/cascading-rules/crack-telnet.yaml index c280812598..2c90131bdc 100644 --- a/scanners/ncrack/cascading-rules/crack-telnet.yaml +++ b/scanners/ncrack/cascading-rules/crack-telnet.yaml @@ -30,6 +30,6 @@ spec: - /ncrack/users.txt - -P - /ncrack/passwords.txt - - -p + - -p - telnet:{{attributes.port}} - "{{$.hostOrIP}}" diff --git a/scanners/ncrack/cascading-rules/crack-vnc.yaml b/scanners/ncrack/cascading-rules/crack-vnc.yaml index 3dc3e7680d..dc7c69d4fc 100644 --- a/scanners/ncrack/cascading-rules/crack-vnc.yaml +++ b/scanners/ncrack/cascading-rules/crack-vnc.yaml @@ -42,6 +42,6 @@ spec: - /ncrack/users.txt - -P - /ncrack/passwords.txt - - -p + - -p - vnc:{{attributes.port}} - "{{$.hostOrIP}}" diff --git a/scanners/nikto/examples/demo-bodgeit/findings.yaml b/scanners/nikto/examples/demo-bodgeit/findings.yaml index e0cc268b05..b25ab137bc 100644 --- a/scanners/nikto/examples/demo-bodgeit/findings.yaml +++ b/scanners/nikto/examples/demo-bodgeit/findings.yaml @@ -59,5 +59,5 @@ }, "id": "8f6141f1-7401-4fb0-8219-b711599cc1f5", "parsed_at": "2022-01-11T10:32:20.053Z", - } + }, ] diff --git a/scanners/nikto/examples/demo-bodgeit/nikto-results.json b/scanners/nikto/examples/demo-bodgeit/nikto-results.json index fffaba6843..59e47abc67 100644 --- a/scanners/nikto/examples/demo-bodgeit/nikto-results.json +++ b/scanners/nikto/examples/demo-bodgeit/nikto-results.json @@ -3,75 +3,89 @@ "ip": "10.96.46.204", "port": "8080", "banner": "", - "vulnerabilities": [{ - "id": "999957", - "references": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options", - "method": "GET", - "url": "", - "msg": "The anti-clickjacking X-Frame-Options header is not present." - }, { - "id": "999103", - "references": "https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/", - "method": "GET", - "url": "", - "msg": "The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type." - }, { - "id": "500645", - "references": "https://en.wikipedia.org/wiki/Favicon", - "method": "GET", - "url": "", - "msg": "/favicon.ico file identifies this app/server as: Apache Tomcat (possibly 5.5.26 through 8.0.15), Alfresco Community." - }, { - "id": "999990", - "method": "OPTIONS", - "url": "", - "msg": "Allowed HTTP Methods: GET, HEAD, POST, PUT, DELETE, OPTIONS ." - }, { - "id": "400001", - "method": "GET", - "url": "", - "msg": "HTTP method ('Allow' Header): 'PUT' method could allow clients to save files on the web server." - }, { - "id": "400000", - "method": "GET", - "url": "", - "msg": "HTTP method ('Allow' Header): 'DELETE' may allow clients to remove files on the web server." - }, { - "id": "000366", - "method": "GET", - "url": "", - "msg": "/examples/servlets/index.html: Apache Tomcat default JSP pages present." - }, { - "id": "001355", - "references": "CVE-2004-2104", - "method": "GET", - "url": "", - "msg": "/examples/jsp/snp/snoop.jsp: Displays information about page retrievals, including other users." - }, { - "id": "003399", - "references": "CWE-552", - "method": "GET", - "url": "", - "msg": "/manager/manager-howto.html: Tomcat documentation found." - }, { - "id": "006525", - "method": "GET", - "url": "", - "msg": "/manager/html: Default Tomcat Manager / Host Manager interface found." - }, { - "id": "006525", - "method": "GET", - "url": "", - "msg": "/host-manager/html: Default Tomcat Manager / Host Manager interface found." - }, { - "id": "007015", - "method": "GET", - "url": "", - "msg": "/manager/status: Default Tomcat Server Status interface found." - }, { - "id": "007015", - "method": "GET", - "url": "", - "msg": "/host-manager/status: Default Tomcat Server Status interface found." - }] + "vulnerabilities": [ + { + "id": "999957", + "references": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options", + "method": "GET", + "url": "", + "msg": "The anti-clickjacking X-Frame-Options header is not present." + }, + { + "id": "999103", + "references": "https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/", + "method": "GET", + "url": "", + "msg": "The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type." + }, + { + "id": "500645", + "references": "https://en.wikipedia.org/wiki/Favicon", + "method": "GET", + "url": "", + "msg": "/favicon.ico file identifies this app/server as: Apache Tomcat (possibly 5.5.26 through 8.0.15), Alfresco Community." + }, + { + "id": "999990", + "method": "OPTIONS", + "url": "", + "msg": "Allowed HTTP Methods: GET, HEAD, POST, PUT, DELETE, OPTIONS ." + }, + { + "id": "400001", + "method": "GET", + "url": "", + "msg": "HTTP method ('Allow' Header): 'PUT' method could allow clients to save files on the web server." + }, + { + "id": "400000", + "method": "GET", + "url": "", + "msg": "HTTP method ('Allow' Header): 'DELETE' may allow clients to remove files on the web server." + }, + { + "id": "000366", + "method": "GET", + "url": "", + "msg": "/examples/servlets/index.html: Apache Tomcat default JSP pages present." + }, + { + "id": "001355", + "references": "CVE-2004-2104", + "method": "GET", + "url": "", + "msg": "/examples/jsp/snp/snoop.jsp: Displays information about page retrievals, including other users." + }, + { + "id": "003399", + "references": "CWE-552", + "method": "GET", + "url": "", + "msg": "/manager/manager-howto.html: Tomcat documentation found." + }, + { + "id": "006525", + "method": "GET", + "url": "", + "msg": "/manager/html: Default Tomcat Manager / Host Manager interface found." + }, + { + "id": "006525", + "method": "GET", + "url": "", + "msg": "/host-manager/html: Default Tomcat Manager / Host Manager interface found." + }, + { + "id": "007015", + "method": "GET", + "url": "", + "msg": "/manager/status: Default Tomcat Server Status interface found." + }, + { + "id": "007015", + "method": "GET", + "url": "", + "msg": "/host-manager/status: Default Tomcat Server Status interface found." + } + ] } diff --git a/scanners/nikto/examples/demo-bodgeit/scan.yaml b/scanners/nikto/examples/demo-bodgeit/scan.yaml index f5cdb09f57..d5fa92270e 100644 --- a/scanners/nikto/examples/demo-bodgeit/scan.yaml +++ b/scanners/nikto/examples/demo-bodgeit/scan.yaml @@ -2,18 +2,18 @@ # # SPDX-License-Identifier: Apache-2.0 -apiVersion: 'execution.securecodebox.io/v1' +apiVersion: "execution.securecodebox.io/v1" kind: Scan metadata: - name: 'nikto-bodgeit' + name: "nikto-bodgeit" labels: - organization: 'secureCodeBox' + organization: "secureCodeBox" spec: - scanType: 'nikto' + scanType: "nikto" parameters: - - '-h' - - 'bodgeit.demo-targets.svc' - - '-port 8080' - - '-Tuning' + - "-h" + - "bodgeit.demo-targets.svc" + - "-port 8080" + - "-Tuning" # Only enable fast (ish) Scan Options, remove attack option like SQLi and RCE. We will leave those to ZAP - - '1,2,3,5,7,b' + - "1,2,3,5,7,b" diff --git a/scanners/nikto/examples/demo-docs.securecodebox.io/scan.yaml b/scanners/nikto/examples/demo-docs.securecodebox.io/scan.yaml index d5ff5b0ce2..5d13fa5bc4 100644 --- a/scanners/nikto/examples/demo-docs.securecodebox.io/scan.yaml +++ b/scanners/nikto/examples/demo-docs.securecodebox.io/scan.yaml @@ -2,17 +2,17 @@ # # SPDX-License-Identifier: Apache-2.0 -apiVersion: 'execution.securecodebox.io/v1' +apiVersion: "execution.securecodebox.io/v1" kind: Scan metadata: - name: 'nikto-www.securecodebox.io' + name: "nikto-www.securecodebox.io" labels: - organization: 'secureCodeBox' + organization: "secureCodeBox" spec: - scanType: 'nikto' + scanType: "nikto" parameters: - - '-h' - - 'https://www.securecodebox.io/' - - '-Tuning' + - "-h" + - "https://www.securecodebox.io/" + - "-Tuning" # Only enable fast (ish) Scan Options, remove attack option like SQLi and RCE. We will leave those to ZAP - - '1,2,3,5,7,b' + - "1,2,3,5,7,b" diff --git a/scanners/nikto/examples/demo-juice-shop/nikto-results.json b/scanners/nikto/examples/demo-juice-shop/nikto-results.json index 48b659aedf..f635894674 100644 --- a/scanners/nikto/examples/demo-juice-shop/nikto-results.json +++ b/scanners/nikto/examples/demo-juice-shop/nikto-results.json @@ -3,890 +3,1039 @@ "ip": "10.96.244.199", "port": "3000", "banner": "", - "vulnerabilities": [{ - "id": "999986", - "method": "GET", - "url": "", - "msg": "Retrieved access-control-allow-origin header: *." - }, { - "id": "999997", - "references": "https://portswigger.net/kb/issues/00600600_robots-txt-file", - "method": "GET", - "url": "", - "msg": "Entry '/ftp/' in robots.txt returned a non-forbidden or redirect HTTP code (200)." - }, { - "id": "999996", - "references": "https://developer.mozilla.org/en-US/docs/Glossary/Robots.txt", - "method": "GET", - "url": "", - "msg": "\"robots.txt\" contains 1 entry which should be manually viewed." - }, { - "id": "999103", - "references": "https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/", - "method": "GET", - "url": "", - "msg": "The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "001675", - "method": "GET", - "url": "", - "msg": "/ftp/: This might be interesting." - }, { - "id": "001811", - "method": "GET", - "url": "", - "msg": "/public/: This might be interesting." - }, { - "id": "006737", - "references": "https://seclists.org/fulldisclosure/2014/Feb/171", - "method": "POST", - "url": "", - "msg": "/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_addgallery_page/static/jquery.filetree/connectors/jqueryFileTree.php: NextGEN Gallery LFI." - }, { - "id": "006737", - "references": "https://seclists.org/fulldisclosure/2014/Feb/171", - "method": "POST", - "url": "", - "msg": "/wordpress/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_addgallery_page/static/jquery.filetree/connectors/jqueryFileTree.php: NextGEN Gallery LFI." - }] + "vulnerabilities": [ + { + "id": "999986", + "method": "GET", + "url": "", + "msg": "Retrieved access-control-allow-origin header: *." + }, + { + "id": "999997", + "references": "https://portswigger.net/kb/issues/00600600_robots-txt-file", + "method": "GET", + "url": "", + "msg": "Entry '/ftp/' in robots.txt returned a non-forbidden or redirect HTTP code (200)." + }, + { + "id": "999996", + "references": "https://developer.mozilla.org/en-US/docs/Glossary/Robots.txt", + "method": "GET", + "url": "", + "msg": "\"robots.txt\" contains 1 entry which should be manually viewed." + }, + { + "id": "999103", + "references": "https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/", + "method": "GET", + "url": "", + "msg": "The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "001675", + "method": "GET", + "url": "", + "msg": "/ftp/: This might be interesting." + }, + { + "id": "001811", + "method": "GET", + "url": "", + "msg": "/public/: This might be interesting." + }, + { + "id": "006737", + "references": "https://seclists.org/fulldisclosure/2014/Feb/171", + "method": "POST", + "url": "", + "msg": "/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_addgallery_page/static/jquery.filetree/connectors/jqueryFileTree.php: NextGEN Gallery LFI." + }, + { + "id": "006737", + "references": "https://seclists.org/fulldisclosure/2014/Feb/171", + "method": "POST", + "url": "", + "msg": "/wordpress/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_addgallery_page/static/jquery.filetree/connectors/jqueryFileTree.php: NextGEN Gallery LFI." + } + ] } diff --git a/scanners/nikto/examples/demo-juice-shop/scan.yaml b/scanners/nikto/examples/demo-juice-shop/scan.yaml index 237d5b62f9..0c3237fe31 100644 --- a/scanners/nikto/examples/demo-juice-shop/scan.yaml +++ b/scanners/nikto/examples/demo-juice-shop/scan.yaml @@ -2,18 +2,18 @@ # # SPDX-License-Identifier: Apache-2.0 -apiVersion: 'execution.securecodebox.io/v1' +apiVersion: "execution.securecodebox.io/v1" kind: Scan metadata: - name: 'nikto-juice-shop' + name: "nikto-juice-shop" labels: - organization: 'secureCodeBox' + organization: "secureCodeBox" spec: - scanType: 'nikto' + scanType: "nikto" parameters: - - '-h' - - 'juice-shop.demo-targets.svc' - - '-port 3000' - - '-Tuning' + - "-h" + - "juice-shop.demo-targets.svc" + - "-port 3000" + - "-Tuning" # Only enable fast (ish) Scan Options, remove attack option like SQLi and RCE. We will leave those to ZAP - - '1,2,3,5,7,b' + - "1,2,3,5,7,b" diff --git a/scanners/nikto/parser/__testFiles__/docs.securecodebox.io.json b/scanners/nikto/parser/__testFiles__/docs.securecodebox.io.json index 8e3d179a77..920dec4b54 100644 --- a/scanners/nikto/parser/__testFiles__/docs.securecodebox.io.json +++ b/scanners/nikto/parser/__testFiles__/docs.securecodebox.io.json @@ -1 +1,29 @@ -{"host":"docs.securecodebox.io","ip":"46.101.121.244","port":"80","banner":"Netlify","vulnerabilities":[{"id": "999957","references": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options","method":"GET","url":"","msg":"The anti-clickjacking X-Frame-Options header is not present."},{"id": "000287","references": "https://www.netlify.com/","method":"GET","url":"","msg":"Netlify was identified by the x-nf-request-id header."},{"id": "999103","references": "https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/","method":"GET","url":"","msg":"The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type."}]} +{ + "host": "docs.securecodebox.io", + "ip": "46.101.121.244", + "port": "80", + "banner": "Netlify", + "vulnerabilities": [ + { + "id": "999957", + "references": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options", + "method": "GET", + "url": "", + "msg": "The anti-clickjacking X-Frame-Options header is not present." + }, + { + "id": "000287", + "references": "https://www.netlify.com/", + "method": "GET", + "url": "", + "msg": "Netlify was identified by the x-nf-request-id header." + }, + { + "id": "999103", + "references": "https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/", + "method": "GET", + "url": "", + "msg": "The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type." + } + ] +} diff --git a/scanners/nikto/parser/__testFiles__/juice-shop.json b/scanners/nikto/parser/__testFiles__/juice-shop.json index 48b659aedf..f635894674 100644 --- a/scanners/nikto/parser/__testFiles__/juice-shop.json +++ b/scanners/nikto/parser/__testFiles__/juice-shop.json @@ -3,890 +3,1039 @@ "ip": "10.96.244.199", "port": "3000", "banner": "", - "vulnerabilities": [{ - "id": "999986", - "method": "GET", - "url": "", - "msg": "Retrieved access-control-allow-origin header: *." - }, { - "id": "999997", - "references": "https://portswigger.net/kb/issues/00600600_robots-txt-file", - "method": "GET", - "url": "", - "msg": "Entry '/ftp/' in robots.txt returned a non-forbidden or redirect HTTP code (200)." - }, { - "id": "999996", - "references": "https://developer.mozilla.org/en-US/docs/Glossary/Robots.txt", - "method": "GET", - "url": "", - "msg": "\"robots.txt\" contains 1 entry which should be manually viewed." - }, { - "id": "999103", - "references": "https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/", - "method": "GET", - "url": "", - "msg": "The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.war: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/demo-targets.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.tar.lzma: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/dump.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.svc.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.cer: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/10.96.244.199.tgz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/svc.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.pem: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targetssvc.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shopdemo-targets.tar: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/archive.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop_demo-targets_svc.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/site.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/juice-shop.demo-targets.jks: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/backup.tar.bz2: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.egg: Potentially interesting backup/cert file found. ." - }, { - "id": "740001", - "references": "https://cwe.mitre.org/data/definitions/530.html", - "method": "HEAD", - "url": "", - "msg": "/database.alz: Potentially interesting backup/cert file found. ." - }, { - "id": "001675", - "method": "GET", - "url": "", - "msg": "/ftp/: This might be interesting." - }, { - "id": "001811", - "method": "GET", - "url": "", - "msg": "/public/: This might be interesting." - }, { - "id": "006737", - "references": "https://seclists.org/fulldisclosure/2014/Feb/171", - "method": "POST", - "url": "", - "msg": "/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_addgallery_page/static/jquery.filetree/connectors/jqueryFileTree.php: NextGEN Gallery LFI." - }, { - "id": "006737", - "references": "https://seclists.org/fulldisclosure/2014/Feb/171", - "method": "POST", - "url": "", - "msg": "/wordpress/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_addgallery_page/static/jquery.filetree/connectors/jqueryFileTree.php: NextGEN Gallery LFI." - }] + "vulnerabilities": [ + { + "id": "999986", + "method": "GET", + "url": "", + "msg": "Retrieved access-control-allow-origin header: *." + }, + { + "id": "999997", + "references": "https://portswigger.net/kb/issues/00600600_robots-txt-file", + "method": "GET", + "url": "", + "msg": "Entry '/ftp/' in robots.txt returned a non-forbidden or redirect HTTP code (200)." + }, + { + "id": "999996", + "references": "https://developer.mozilla.org/en-US/docs/Glossary/Robots.txt", + "method": "GET", + "url": "", + "msg": "\"robots.txt\" contains 1 entry which should be manually viewed." + }, + { + "id": "999103", + "references": "https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/", + "method": "GET", + "url": "", + "msg": "The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.war: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/demo-targets.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.tar.lzma: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/dump.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.svc.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.cer: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/10.96.244.199.tgz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/svc.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.pem: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targetssvc.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shopdemo-targets.tar: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/archive.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop_demo-targets_svc.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/site.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/juice-shop.demo-targets.jks: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/backup.tar.bz2: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.egg: Potentially interesting backup/cert file found. ." + }, + { + "id": "740001", + "references": "https://cwe.mitre.org/data/definitions/530.html", + "method": "HEAD", + "url": "", + "msg": "/database.alz: Potentially interesting backup/cert file found. ." + }, + { + "id": "001675", + "method": "GET", + "url": "", + "msg": "/ftp/: This might be interesting." + }, + { + "id": "001811", + "method": "GET", + "url": "", + "msg": "/public/: This might be interesting." + }, + { + "id": "006737", + "references": "https://seclists.org/fulldisclosure/2014/Feb/171", + "method": "POST", + "url": "", + "msg": "/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_addgallery_page/static/jquery.filetree/connectors/jqueryFileTree.php: NextGEN Gallery LFI." + }, + { + "id": "006737", + "references": "https://seclists.org/fulldisclosure/2014/Feb/171", + "method": "POST", + "url": "", + "msg": "/wordpress/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_addgallery_page/static/jquery.filetree/connectors/jqueryFileTree.php: NextGEN Gallery LFI." + } + ] } diff --git a/scanners/nikto/parser/__testFiles__/unresolvable-host.json b/scanners/nikto/parser/__testFiles__/unresolvable-host.json index 15796cb1f5..c25b39dc1d 100644 --- a/scanners/nikto/parser/__testFiles__/unresolvable-host.json +++ b/scanners/nikto/parser/__testFiles__/unresolvable-host.json @@ -1 +1,14 @@ -{"host":"","ip":"","port":"80","banner":"","vulnerabilities":[{"id": "0","method":"GET","url":"","msg":"ERROR: Cannot resolve hostname 'www.unresolvablehost.com' because 'Name or service not known'."}]} \ No newline at end of file +{ + "host": "", + "ip": "", + "port": "80", + "banner": "", + "vulnerabilities": [ + { + "id": "0", + "method": "GET", + "url": "", + "msg": "ERROR: Cannot resolve hostname 'www.unresolvablehost.com' because 'Name or service not known'." + } + ] +} diff --git a/scanners/nmap/examples/basic-example/findings.yaml b/scanners/nmap/examples/basic-example/findings.yaml index 403177a28b..febef16a62 100644 --- a/scanners/nmap/examples/basic-example/findings.yaml +++ b/scanners/nmap/examples/basic-example/findings.yaml @@ -10,21 +10,22 @@ "location": "tcp://45.33.32.156:22", "osi_layer": "NETWORK", "severity": "INFORMATIONAL", - "attributes": { - "port": 22, - "state": "open", - "ip_address": "45.33.32.156", - "mac_address": null, - "protocol": "tcp", - "hostname": "scanme.nmap.org", - "method": "table", - "operating_system": null, - "service": "ssh", - "serviceProduct": null, - "serviceVersion": null, - "scripts": null - }, - "id": "0903c2b6-b3c3-4fb3-9661-3ce995044fdd" + "attributes": + { + "port": 22, + "state": "open", + "ip_address": "45.33.32.156", + "mac_address": null, + "protocol": "tcp", + "hostname": "scanme.nmap.org", + "method": "table", + "operating_system": null, + "service": "ssh", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null, + }, + "id": "0903c2b6-b3c3-4fb3-9661-3ce995044fdd", }, { "name": "http", @@ -33,21 +34,22 @@ "location": "tcp://45.33.32.156:80", "osi_layer": "NETWORK", "severity": "INFORMATIONAL", - "attributes": { - "port": 80, - "state": "open", - "ip_address": "45.33.32.156", - "mac_address": null, - "protocol": "tcp", - "hostname": "scanme.nmap.org", - "method": "table", - "operating_system": null, - "service": "http", - "serviceProduct": null, - "serviceVersion": null, - "scripts": null - }, - "id": "6235f66d-a851-4e24-8367-6fd528f71795" + "attributes": + { + "port": 80, + "state": "open", + "ip_address": "45.33.32.156", + "mac_address": null, + "protocol": "tcp", + "hostname": "scanme.nmap.org", + "method": "table", + "operating_system": null, + "service": "http", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null, + }, + "id": "6235f66d-a851-4e24-8367-6fd528f71795", }, { "name": "msrpc", @@ -56,21 +58,22 @@ "location": "tcp://45.33.32.156:135", "osi_layer": "NETWORK", "severity": "INFORMATIONAL", - "attributes": { - "port": 135, - "state": "filtered", - "ip_address": "45.33.32.156", - "mac_address": null, - "protocol": "tcp", - "hostname": "scanme.nmap.org", - "method": "table", - "operating_system": null, - "service": "msrpc", - "serviceProduct": null, - "serviceVersion": null, - "scripts": null - }, - "id": "831cd5a2-0860-4f11-9727-771f111a3538" + "attributes": + { + "port": 135, + "state": "filtered", + "ip_address": "45.33.32.156", + "mac_address": null, + "protocol": "tcp", + "hostname": "scanme.nmap.org", + "method": "table", + "operating_system": null, + "service": "msrpc", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null, + }, + "id": "831cd5a2-0860-4f11-9727-771f111a3538", }, { "name": "netbios-ssn", @@ -79,21 +82,22 @@ "location": "tcp://45.33.32.156:139", "osi_layer": "NETWORK", "severity": "INFORMATIONAL", - "attributes": { - "port": 139, - "state": "filtered", - "ip_address": "45.33.32.156", - "mac_address": null, - "protocol": "tcp", - "hostname": "scanme.nmap.org", - "method": "table", - "operating_system": null, - "service": "netbios-ssn", - "serviceProduct": null, - "serviceVersion": null, - "scripts": null - }, - "id": "eb4cbbda-c303-42c8-851f-6b3759713f85" + "attributes": + { + "port": 139, + "state": "filtered", + "ip_address": "45.33.32.156", + "mac_address": null, + "protocol": "tcp", + "hostname": "scanme.nmap.org", + "method": "table", + "operating_system": null, + "service": "netbios-ssn", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null, + }, + "id": "eb4cbbda-c303-42c8-851f-6b3759713f85", }, { "name": "microsoft-ds", @@ -102,21 +106,22 @@ "location": "tcp://45.33.32.156:445", "osi_layer": "NETWORK", "severity": "INFORMATIONAL", - "attributes": { - "port": 445, - "state": "filtered", - "ip_address": "45.33.32.156", - "mac_address": null, - "protocol": "tcp", - "hostname": "scanme.nmap.org", - "method": "table", - "operating_system": null, - "service": "microsoft-ds", - "serviceProduct": null, - "serviceVersion": null, - "scripts": null - }, - "id": "cee96358-93ea-4b1b-ab69-1bc8220015e6" + "attributes": + { + "port": 445, + "state": "filtered", + "ip_address": "45.33.32.156", + "mac_address": null, + "protocol": "tcp", + "hostname": "scanme.nmap.org", + "method": "table", + "operating_system": null, + "service": "microsoft-ds", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null, + }, + "id": "cee96358-93ea-4b1b-ab69-1bc8220015e6", }, { "name": "nping-echo", @@ -125,21 +130,22 @@ "location": "tcp://45.33.32.156:9929", "osi_layer": "NETWORK", "severity": "INFORMATIONAL", - "attributes": { - "port": 9929, - "state": "open", - "ip_address": "45.33.32.156", - "mac_address": null, - "protocol": "tcp", - "hostname": "scanme.nmap.org", - "method": "table", - "operating_system": null, - "service": "nping-echo", - "serviceProduct": null, - "serviceVersion": null, - "scripts": null - }, - "id": "4720cb35-87e3-4346-ab63-6434e1384efe" + "attributes": + { + "port": 9929, + "state": "open", + "ip_address": "45.33.32.156", + "mac_address": null, + "protocol": "tcp", + "hostname": "scanme.nmap.org", + "method": "table", + "operating_system": null, + "service": "nping-echo", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null, + }, + "id": "4720cb35-87e3-4346-ab63-6434e1384efe", }, { "name": "Elite", @@ -148,21 +154,22 @@ "location": "tcp://45.33.32.156:31337", "osi_layer": "NETWORK", "severity": "INFORMATIONAL", - "attributes": { - "port": 31337, - "state": "open", - "ip_address": "45.33.32.156", - "mac_address": null, - "protocol": "tcp", - "hostname": "scanme.nmap.org", - "method": "table", - "operating_system": null, - "service": "Elite", - "serviceProduct": null, - "serviceVersion": null, - "scripts": null - }, - "id": "1ceb1c93-e77f-41dc-a3fc-b1d04cec6a5e" + "attributes": + { + "port": 31337, + "state": "open", + "ip_address": "45.33.32.156", + "mac_address": null, + "protocol": "tcp", + "hostname": "scanme.nmap.org", + "method": "table", + "operating_system": null, + "service": "Elite", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null, + }, + "id": "1ceb1c93-e77f-41dc-a3fc-b1d04cec6a5e", }, { "name": "Host: scanme.nmap.org", @@ -171,11 +178,12 @@ "location": "scanme.nmap.org", "severity": "INFORMATIONAL", "osi_layer": "NETWORK", - "attributes": { - "ip_address": "45.33.32.156", - "hostname": "scanme.nmap.org", - "operating_system": null - }, - "id": "997e572f-13af-483a-aee6-6ce05e931daf" - } + "attributes": + { + "ip_address": "45.33.32.156", + "hostname": "scanme.nmap.org", + "operating_system": null, + }, + "id": "997e572f-13af-483a-aee6-6ce05e931daf", + }, ] diff --git a/scanners/nmap/examples/example-with-parameters/findings.yaml b/scanners/nmap/examples/example-with-parameters/findings.yaml index 386389cd6a..c65e6ebaa6 100644 --- a/scanners/nmap/examples/example-with-parameters/findings.yaml +++ b/scanners/nmap/examples/example-with-parameters/findings.yaml @@ -3,41 +3,43 @@ # SPDX-License-Identifier: Apache-2.0 [ - { - "name": "http", - "description": "Port 3000 is open using tcp protocol.", - "category": "Open Port", - "location": "tcp://10.111.199.4:3000", - "osi_layer": "NETWORK", - "severity": "INFORMATIONAL", - "attributes": { - "port": 3000, - "state": "open", - "ip_address": "10.111.199.4", - "mac_address": null, - "protocol": "tcp", - "hostname": "juice-shop.demo-targets.svc.cluster.local", - "method": "probed", - "operating_system": null, - "service": "http", - "serviceProduct": "Node.js Express framework", - "serviceVersion": null, - "scripts": null - }, - "id": "a9ec9f11-4cfa-461b-85c0-57ea31162112" - }, - { - "name": "Host: juice-shop.demo-targets.svc.cluster.local", - "category": "Host", - "description": "Found a host", - "location": "juice-shop.demo-targets.svc.cluster.local", - "severity": "INFORMATIONAL", - "osi_layer": "NETWORK", - "attributes": { - "ip_address": "10.111.199.4", - "hostname": "juice-shop.demo-targets.svc.cluster.local", - "operating_system": null - }, - "id": "080d888a-a9bc-4c74-8d03-c4c6cc40238d" - } + { + "name": "http", + "description": "Port 3000 is open using tcp protocol.", + "category": "Open Port", + "location": "tcp://10.111.199.4:3000", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + "attributes": + { + "port": 3000, + "state": "open", + "ip_address": "10.111.199.4", + "mac_address": null, + "protocol": "tcp", + "hostname": "juice-shop.demo-targets.svc.cluster.local", + "method": "probed", + "operating_system": null, + "service": "http", + "serviceProduct": "Node.js Express framework", + "serviceVersion": null, + "scripts": null, + }, + "id": "a9ec9f11-4cfa-461b-85c0-57ea31162112", + }, + { + "name": "Host: juice-shop.demo-targets.svc.cluster.local", + "category": "Host", + "description": "Found a host", + "location": "juice-shop.demo-targets.svc.cluster.local", + "severity": "INFORMATIONAL", + "osi_layer": "NETWORK", + "attributes": + { + "ip_address": "10.111.199.4", + "hostname": "juice-shop.demo-targets.svc.cluster.local", + "operating_system": null, + }, + "id": "080d888a-a9bc-4c74-8d03-c4c6cc40238d", + }, ] diff --git a/scanners/nmap/parser/parser.js b/scanners/nmap/parser/parser.js index 9cb575730f..4848f33027 100644 --- a/scanners/nmap/parser/parser.js +++ b/scanners/nmap/parser/parser.js @@ -221,7 +221,7 @@ function parseSmbProtocols(host, script) { } /** - * Parses a given NMAP XML file to a smaller JSON represenation with the following object: + * Parses a given NMAP XML file to a smaller JSON representation with the following object: * { * hostname: null, * ip: null, diff --git a/scanners/nuclei/cascading-rules/subdomain_http.yaml b/scanners/nuclei/cascading-rules/subdomain_http.yaml index c9c7024e97..86567ae6d0 100644 --- a/scanners/nuclei/cascading-rules/subdomain_http.yaml +++ b/scanners/nuclei/cascading-rules/subdomain_http.yaml @@ -24,7 +24,7 @@ spec: attributes: service: "http-*" state: open - + scanSpec: scanType: "nuclei" parameters: diff --git a/scanners/nuclei/values.yaml b/scanners/nuclei/values.yaml index 121cb7bb55..5b5c3d1a5b 100644 --- a/scanners/nuclei/values.yaml +++ b/scanners/nuclei/values.yaml @@ -95,12 +95,12 @@ nucleiTemplateCache: # -- Enables or disables the use of an persistent volume to cache the always downloaded nuclei-templates for all scans. enabled: true # -- Depending on your setup you can define the pvc access mode for one `ReadWriteOnce` or multiple node clusters `ReadWriteMany` - accessMode: + accessMode: - ReadWriteOnce - ReadOnlyMany # every day at 08:00: "0 8 * * *" # every full hour: "0 */1 * * *"" - # -- The schedule indicates when and how often the nuclei template cache should be updated + # -- The schedule indicates when and how often the nuclei template cache should be updated schedule: "0 */1 * * *" # -- Determines how many successful jobs are kept until kubernetes cleans them up. See: https://kubernetes.io/docs/tasks/job/automated-tasks-with-cron-jobs/#jobs-history-limits successfulJobsHistoryLimit: 3 diff --git a/scanners/screenshooter/scanner/wrapper.sh b/scanners/screenshooter/scanner/wrapper.sh index c0f76ca0f1..c5c04845df 100644 --- a/scanners/screenshooter/scanner/wrapper.sh +++ b/scanners/screenshooter/scanner/wrapper.sh @@ -8,7 +8,7 @@ timeout 30 firefox $@ timeout 30 firefox $@ if [ ! -f /home/securecodebox/screenshot.png ]; then - touch /home/securecodebox/screenshot.png + touch /home/securecodebox/screenshot.png fi chmod a=r /home/securecodebox/screenshot.png exit 0 diff --git a/scanners/semgrep/examples/vulnerable-flask-app/findings.yaml b/scanners/semgrep/examples/vulnerable-flask-app/findings.yaml index f601859d66..dad6f575d7 100644 --- a/scanners/semgrep/examples/vulnerable-flask-app/findings.yaml +++ b/scanners/semgrep/examples/vulnerable-flask-app/findings.yaml @@ -5,15 +5,16 @@ "description": "Detected a useless comparison operation `0 == 0` or `0 != 0`. This operation is always true. If testing for floating point NaN, use `math.isnan`, or `cmath.isnan` if the number is complex.", "category": "correctness", "severity": "HIGH", - "attributes": { - "cwe": null, - "owasp_category": null, - "references": null, - "rule_source": "https://semgrep.dev/r/javascript.lang.correctness.useless-eqeq.eqeq-is-bad", - "matching_lines": "K.h.i.Bf=function(b,c){var d=0,e=0,f=!1;b=K.h.i.Ta(b,c).split(K.h.i.Sl);for(c=0;cK.h.i.dl?K.h.i.O.Va:K.h.i.O.Ua};K.h.i.vq=function(b,c){return K.h.i.Bf(b,c)==K.h.i.O.Va};K.h.i.ht=function(b,c){b&&(c=K.h.i.Dl(c))&&(b.style.textAlign=c==K.h.i.O.Va?K.h.i.ec:K.h.i.cc,b.dir=c==K.h.i.O.Va?\"rtl\":\"ltr\")};" - }, + "attributes": + { + "cwe": null, + "owasp_category": null, + "references": null, + "rule_source": "https://semgrep.dev/r/javascript.lang.correctness.useless-eqeq.eqeq-is-bad", + "matching_lines": 'K.h.i.Bf=function(b,c){var d=0,e=0,f=!1;b=K.h.i.Ta(b,c).split(K.h.i.Sl);for(c=0;cK.h.i.dl?K.h.i.O.Va:K.h.i.O.Ua};K.h.i.vq=function(b,c){return K.h.i.Bf(b,c)==K.h.i.O.Va};K.h.i.ht=function(b,c){b&&(c=K.h.i.Dl(c))&&(b.style.textAlign=c==K.h.i.O.Va?K.h.i.ec:K.h.i.cc,b.dir=c==K.h.i.O.Va?"rtl":"ltr")};', + }, "id": "ee0afb67-a248-4bee-9863-68573bc900a9", - "parsed_at": "2021-10-15T09:05:12.769Z" + "parsed_at": "2021-10-15T09:05:12.769Z", }, { "name": "python.flask.security.dangerous-template-string.dangerous-template-string", @@ -21,18 +22,20 @@ "description": "Found a template created with string formatting. This is susceptible to server-side template injection and cross-site scripting attacks.", "category": "security", "severity": "HIGH", - "attributes": { - "cwe": "CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", - "owasp_category": "A1: Injection", - "references": [ - "https://nvisium.com/blog/2016/03/09/exploring-ssti-in-flask-jinja2.html", - "https://pequalsnp-team.github.io/cheatsheet/flask-jinja2-ssti" - ], - "rule_source": "https://semgrep.dev/r/python.flask.security.dangerous-template-string.dangerous-template-string", - "matching_lines": " template = '''\n \n Error\n \n \n

Oops that page doesn't exist!!

\n

%s

\n \n \n ''' % request.url\n\n return render_template_string(template, dir = dir, help = help, locals = locals),404" - }, + "attributes": + { + "cwe": "CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", + "owasp_category": "A1: Injection", + "references": + [ + "https://nvisium.com/blog/2016/03/09/exploring-ssti-in-flask-jinja2.html", + "https://pequalsnp-team.github.io/cheatsheet/flask-jinja2-ssti", + ], + "rule_source": "https://semgrep.dev/r/python.flask.security.dangerous-template-string.dangerous-template-string", + "matching_lines": " template = '''\n \n Error\n \n \n

Oops that page doesn't exist!!

\n

%s

\n \n \n ''' % request.url\n\n return render_template_string(template, dir = dir, help = help, locals = locals),404", + }, "id": "496862b3-6f61-4119-a5d7-f3ddec8ddc7e", - "parsed_at": "2021-10-15T09:05:12.769Z" + "parsed_at": "2021-10-15T09:05:12.769Z", }, { "name": "python.flask.security.dangerous-template-string.dangerous-template-string", @@ -40,18 +43,20 @@ "description": "Found a template created with string formatting. This is susceptible to server-side template injection and cross-site scripting attacks.", "category": "security", "severity": "HIGH", - "attributes": { - "cwe": "CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", - "owasp_category": "A1: Injection", - "references": [ - "https://nvisium.com/blog/2016/03/09/exploring-ssti-in-flask-jinja2.html", - "https://pequalsnp-team.github.io/cheatsheet/flask-jinja2-ssti" - ], - "rule_source": "https://semgrep.dev/r/python.flask.security.dangerous-template-string.dangerous-template-string", - "matching_lines": " template = '''\n \n Error\n \n \n

Oops Error Occurred

\n

%s

\n \n \n ''' % str(e)\n return render_template_string(template, dir=dir, help=help, locals=locals), 404" - }, + "attributes": + { + "cwe": "CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", + "owasp_category": "A1: Injection", + "references": + [ + "https://nvisium.com/blog/2016/03/09/exploring-ssti-in-flask-jinja2.html", + "https://pequalsnp-team.github.io/cheatsheet/flask-jinja2-ssti", + ], + "rule_source": "https://semgrep.dev/r/python.flask.security.dangerous-template-string.dangerous-template-string", + "matching_lines": " template = '''\n \n Error\n \n \n

Oops Error Occurred

\n

%s

\n \n \n ''' % str(e)\n return render_template_string(template, dir=dir, help=help, locals=locals), 404", + }, "id": "ded6aac2-e6bf-411a-9696-f6d70e3f9750", - "parsed_at": "2021-10-15T09:05:12.769Z" + "parsed_at": "2021-10-15T09:05:12.769Z", }, { "name": "python.flask.security.insecure-deserialization.insecure-deserialization", @@ -59,17 +64,16 @@ "description": "Detected the use of an insecure deserialization library in a Flask route. These libraries are prone to code execution vulnerabilities. Ensure user data does not enter this function. To fix this, try to avoid serializing whole objects. Consider instead using a serializer such as JSON.", "category": "security", "severity": "HIGH", - "attributes": { - "cwe": "CWE-502: Deserialization of Untrusted Data", - "owasp_category": "A8: Insecure Deserialization", - "references": [ - "https://docs.python.org/3/library/pickle.html" - ], - "rule_source": "https://semgrep.dev/r/python.flask.security.insecure-deserialization.insecure-deserialization", - "matching_lines": " ydata = yaml.load(y)" - }, + "attributes": + { + "cwe": "CWE-502: Deserialization of Untrusted Data", + "owasp_category": "A8: Insecure Deserialization", + "references": ["https://docs.python.org/3/library/pickle.html"], + "rule_source": "https://semgrep.dev/r/python.flask.security.insecure-deserialization.insecure-deserialization", + "matching_lines": " ydata = yaml.load(y)", + }, "id": "dfdf9a67-1ec3-40d8-8b5f-862ca5ebe3db", - "parsed_at": "2021-10-15T09:05:12.769Z" + "parsed_at": "2021-10-15T09:05:12.769Z", }, { "name": "python.lang.security.insecure-hash-algorithms.insecure-hash-algorithm-md5", @@ -77,19 +81,21 @@ "description": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.", "category": "security", "severity": "MEDIUM", - "attributes": { - "cwe": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm", - "owasp_category": "A3: Sensitive Data Exposure", - "references": [ - "https://tools.ietf.org/html/rfc6151", - "https://crypto.stackexchange.com/questions/44151/how-does-the-flame-malware-take-advantage-of-md5-collision", - "https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html" - ], - "rule_source": "https://semgrep.dev/r/python.lang.security.insecure-hash-algorithms.insecure-hash-algorithm-md5", - "matching_lines": " hash_pass = hashlib.md5(password).hexdigest()" - }, + "attributes": + { + "cwe": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm", + "owasp_category": "A3: Sensitive Data Exposure", + "references": + [ + "https://tools.ietf.org/html/rfc6151", + "https://crypto.stackexchange.com/questions/44151/how-does-the-flame-malware-take-advantage-of-md5-collision", + "https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html", + ], + "rule_source": "https://semgrep.dev/r/python.lang.security.insecure-hash-algorithms.insecure-hash-algorithm-md5", + "matching_lines": " hash_pass = hashlib.md5(password).hexdigest()", + }, "id": "4524f52b-7cb8-4a5b-8a89-12c188efc92e", - "parsed_at": "2021-10-15T09:05:12.769Z" + "parsed_at": "2021-10-15T09:05:12.769Z", }, { "name": "python.requests.security.disabled-cert-validation.disabled-cert-validation", @@ -97,17 +103,19 @@ "description": "Certificate verification has been explicitly disabled. This permits insecure connections to insecure servers. Re-enable certification validation.", "category": "security", "severity": "HIGH", - "attributes": { - "cwe": "CWE-295: Improper Certificate Validation", - "owasp_category": "A3: Sensitive Data Exposure", - "references": [ - "https://stackoverflow.com/questions/41740361/is-it-safe-to-disable-ssl-certificate-verification-in-pythonss-requests-lib" - ], - "rule_source": "https://semgrep.dev/r/python.requests.security.disabled-cert-validation.disabled-cert-validation", - "matching_lines": "login = requests.post(target_url + '/login',\n proxies=proxies, json=auth_dict, verify=False)" - }, + "attributes": + { + "cwe": "CWE-295: Improper Certificate Validation", + "owasp_category": "A3: Sensitive Data Exposure", + "references": + [ + "https://stackoverflow.com/questions/41740361/is-it-safe-to-disable-ssl-certificate-verification-in-pythonss-requests-lib", + ], + "rule_source": "https://semgrep.dev/r/python.requests.security.disabled-cert-validation.disabled-cert-validation", + "matching_lines": "login = requests.post(target_url + '/login',\n proxies=proxies, json=auth_dict, verify=False)", + }, "id": "18a0cd4b-4b43-4017-8d90-1e6de5dfde76", - "parsed_at": "2021-10-15T09:05:12.769Z" + "parsed_at": "2021-10-15T09:05:12.769Z", }, { "name": "python.requests.security.disabled-cert-validation.disabled-cert-validation", @@ -115,17 +123,19 @@ "description": "Certificate verification has been explicitly disabled. This permits insecure connections to insecure servers. Re-enable certification validation.", "category": "security", "severity": "HIGH", - "attributes": { - "cwe": "CWE-295: Improper Certificate Validation", - "owasp_category": "A3: Sensitive Data Exposure", - "references": [ - "https://stackoverflow.com/questions/41740361/is-it-safe-to-disable-ssl-certificate-verification-in-pythonss-requests-lib" - ], - "rule_source": "https://semgrep.dev/r/python.requests.security.disabled-cert-validation.disabled-cert-validation", - "matching_lines": " get_cust_id = requests.get(\n target_url + '/get/2', proxies=proxies, headers=auth_header, verify=False)" - }, + "attributes": + { + "cwe": "CWE-295: Improper Certificate Validation", + "owasp_category": "A3: Sensitive Data Exposure", + "references": + [ + "https://stackoverflow.com/questions/41740361/is-it-safe-to-disable-ssl-certificate-verification-in-pythonss-requests-lib", + ], + "rule_source": "https://semgrep.dev/r/python.requests.security.disabled-cert-validation.disabled-cert-validation", + "matching_lines": " get_cust_id = requests.get(\n target_url + '/get/2', proxies=proxies, headers=auth_header, verify=False)", + }, "id": "6ffd9ab4-f736-473b-88b3-24f1e1103ec6", - "parsed_at": "2021-10-15T09:05:12.769Z" + "parsed_at": "2021-10-15T09:05:12.769Z", }, { "name": "python.requests.security.disabled-cert-validation.disabled-cert-validation", @@ -133,17 +143,19 @@ "description": "Certificate verification has been explicitly disabled. This permits insecure connections to insecure servers. Re-enable certification validation.", "category": "security", "severity": "HIGH", - "attributes": { - "cwe": "CWE-295: Improper Certificate Validation", - "owasp_category": "A3: Sensitive Data Exposure", - "references": [ - "https://stackoverflow.com/questions/41740361/is-it-safe-to-disable-ssl-certificate-verification-in-pythonss-requests-lib" - ], - "rule_source": "https://semgrep.dev/r/python.requests.security.disabled-cert-validation.disabled-cert-validation", - "matching_lines": " fetch_customer_post = requests.post(\n target_url + '/fetch/customer', json=post, proxies=proxies, headers=auth_header, verify=False)" - }, + "attributes": + { + "cwe": "CWE-295: Improper Certificate Validation", + "owasp_category": "A3: Sensitive Data Exposure", + "references": + [ + "https://stackoverflow.com/questions/41740361/is-it-safe-to-disable-ssl-certificate-verification-in-pythonss-requests-lib", + ], + "rule_source": "https://semgrep.dev/r/python.requests.security.disabled-cert-validation.disabled-cert-validation", + "matching_lines": " fetch_customer_post = requests.post(\n target_url + '/fetch/customer', json=post, proxies=proxies, headers=auth_header, verify=False)", + }, "id": "b9d7d55c-d314-440d-a3dc-e41a5dd2ec0f", - "parsed_at": "2021-10-15T09:05:12.769Z" + "parsed_at": "2021-10-15T09:05:12.769Z", }, { "name": "python.requests.security.disabled-cert-validation.disabled-cert-validation", @@ -151,16 +163,18 @@ "description": "Certificate verification has been explicitly disabled. This permits insecure connections to insecure servers. Re-enable certification validation.", "category": "security", "severity": "HIGH", - "attributes": { - "cwe": "CWE-295: Improper Certificate Validation", - "owasp_category": "A3: Sensitive Data Exposure", - "references": [ - "https://stackoverflow.com/questions/41740361/is-it-safe-to-disable-ssl-certificate-verification-in-pythonss-requests-lib" - ], - "rule_source": "https://semgrep.dev/r/python.requests.security.disabled-cert-validation.disabled-cert-validation", - "matching_lines": " search_customer_username = requests.post(\n target_url + '/search', json=search, proxies=proxies, headers=auth_header, verify=False)" - }, + "attributes": + { + "cwe": "CWE-295: Improper Certificate Validation", + "owasp_category": "A3: Sensitive Data Exposure", + "references": + [ + "https://stackoverflow.com/questions/41740361/is-it-safe-to-disable-ssl-certificate-verification-in-pythonss-requests-lib", + ], + "rule_source": "https://semgrep.dev/r/python.requests.security.disabled-cert-validation.disabled-cert-validation", + "matching_lines": " search_customer_username = requests.post(\n target_url + '/search', json=search, proxies=proxies, headers=auth_header, verify=False)", + }, "id": "f82d51de-8ce7-43fb-a225-6b7662418ea9", - "parsed_at": "2021-10-15T09:05:12.769Z" - } + "parsed_at": "2021-10-15T09:05:12.769Z", + }, ] diff --git a/scanners/semgrep/examples/vulnerable-flask-app/scan.yaml b/scanners/semgrep/examples/vulnerable-flask-app/scan.yaml index ebdef2e954..5bf9941e3a 100644 --- a/scanners/semgrep/examples/vulnerable-flask-app/scan.yaml +++ b/scanners/semgrep/examples/vulnerable-flask-app/scan.yaml @@ -18,7 +18,7 @@ spec: - name: "provision-git" image: bitnami/git command: - - git + - git - clone - "https://github.com/we45/Vulnerable-Flask-App" - /test/flask diff --git a/scanners/semgrep/examples/vulnerable-flask-app/semgrep-findings.json b/scanners/semgrep/examples/vulnerable-flask-app/semgrep-findings.json index 6a0afc5192..7d74b3cacf 100644 --- a/scanners/semgrep/examples/vulnerable-flask-app/semgrep-findings.json +++ b/scanners/semgrep/examples/vulnerable-flask-app/semgrep-findings.json @@ -16,9 +16,7 @@ "category": "correctness", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "source": "https://semgrep.dev/r/javascript.lang.correctness.useless-eqeq.eqeq-is-bad", - "technology": [ - "javascript" - ] + "technology": ["javascript"] }, "metavars": { "$X": { @@ -69,9 +67,7 @@ "https://pequalsnp-team.github.io/cheatsheet/flask-jinja2-ssti" ], "source": "https://semgrep.dev/r/python.flask.security.dangerous-template-string.dangerous-template-string", - "technology": [ - "flask" - ] + "technology": ["flask"] }, "metavars": { "$MORE": { @@ -156,9 +152,7 @@ "https://pequalsnp-team.github.io/cheatsheet/flask-jinja2-ssti" ], "source": "https://semgrep.dev/r/python.flask.security.dangerous-template-string.dangerous-template-string", - "technology": [ - "flask" - ] + "technology": ["flask"] }, "metavars": { "$MORE": { @@ -238,13 +232,9 @@ "cwe": "CWE-502: Deserialization of Untrusted Data", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "owasp": "A8: Insecure Deserialization", - "references": [ - "https://docs.python.org/3/library/pickle.html" - ], + "references": ["https://docs.python.org/3/library/pickle.html"], "source": "https://semgrep.dev/r/python.flask.security.insecure-deserialization.insecure-deserialization", - "technology": [ - "flask" - ] + "technology": ["flask"] }, "metavars": { "$X": { @@ -304,9 +294,7 @@ ], "source": "https://semgrep.dev/r/python.lang.security.insecure-hash-algorithms.insecure-hash-algorithm-md5", "source-rule-url": "https://github.com/PyCQA/bandit/blob/d5f8fa0d89d7b11442fc6ec80ca42953974354c8/bandit/blacklists/calls.py#L59", - "technology": [ - "python" - ] + "technology": ["python"] }, "metavars": {}, "severity": "WARNING" @@ -338,9 +326,7 @@ "https://stackoverflow.com/questions/41740361/is-it-safe-to-disable-ssl-certificate-verification-in-pythonss-requests-lib" ], "source": "https://semgrep.dev/r/python.requests.security.disabled-cert-validation.disabled-cert-validation", - "technology": [ - "requests" - ] + "technology": ["requests"] }, "metavars": {}, "severity": "ERROR" @@ -372,9 +358,7 @@ "https://stackoverflow.com/questions/41740361/is-it-safe-to-disable-ssl-certificate-verification-in-pythonss-requests-lib" ], "source": "https://semgrep.dev/r/python.requests.security.disabled-cert-validation.disabled-cert-validation", - "technology": [ - "requests" - ] + "technology": ["requests"] }, "metavars": {}, "severity": "ERROR" @@ -406,9 +390,7 @@ "https://stackoverflow.com/questions/41740361/is-it-safe-to-disable-ssl-certificate-verification-in-pythonss-requests-lib" ], "source": "https://semgrep.dev/r/python.requests.security.disabled-cert-validation.disabled-cert-validation", - "technology": [ - "requests" - ] + "technology": ["requests"] }, "metavars": {}, "severity": "ERROR" @@ -440,9 +422,7 @@ "https://stackoverflow.com/questions/41740361/is-it-safe-to-disable-ssl-certificate-verification-in-pythonss-requests-lib" ], "source": "https://semgrep.dev/r/python.requests.security.disabled-cert-validation.disabled-cert-validation", - "technology": [ - "requests" - ] + "technology": ["requests"] }, "metavars": {}, "severity": "ERROR" diff --git a/scanners/semgrep/integration-tests/testfile.py b/scanners/semgrep/integration-tests/testfile.py index 3bbb8ef5e3..47f66fe0a9 100644 --- a/scanners/semgrep/integration-tests/testfile.py +++ b/scanners/semgrep/integration-tests/testfile.py @@ -1,22 +1,26 @@ # Source: Example code for the semgrep rule "python.django.security.injection.command.command-injection-os-system.command-injection-os-system" import os + def danger(request): # ruleid: command-injection-os-system - url = request.GET['url'] - os.system('wget ' + url) + url = request.GET["url"] + os.system("wget " + url) + def danger2(request): # ruleid: command-injection-os-system - image = request.POST['image'] + image = request.POST["image"] os.system("./face-recognize %s --N 24" % image) + def danger3(request): # ruleid: command-injection-os-system - url = request.GET['url'] + url = request.GET["url"] os.system("nslookup " + url) + def ok(request): # ok: command-injection-os-system - url = request.GET['url'] + url = request.GET["url"] os.system("echo 'hello'") diff --git a/scanners/semgrep/parser/__testFiles__/minimal-metadata.json b/scanners/semgrep/parser/__testFiles__/minimal-metadata.json index 6146fe339c..2b3d35ba65 100644 --- a/scanners/semgrep/parser/__testFiles__/minimal-metadata.json +++ b/scanners/semgrep/parser/__testFiles__/minimal-metadata.json @@ -1,62 +1,62 @@ { - "errors": [], - "results": [ - { - "check_id": "-", - "end": { - "col": 34, - "line": 44, - "offset": 1046 - }, - "extra": { - "is_ignored": false, - "lines": "\t\tactual := TruncateName(test.in)", - "message": "actual := TruncateName(test.in)", - "metadata": {}, - "metavars": { - "$A": { - "abstract_content": "actual", - "end": { - "col": 9, - "line": 44, - "offset": 1021 - }, - "start": { - "col": 3, - "line": 44, - "offset": 1015 - }, - "unique_id": { - "sid": 7, - "type": "id" - } + "errors": [], + "results": [ + { + "check_id": "-", + "end": { + "col": 34, + "line": 44, + "offset": 1046 + }, + "extra": { + "is_ignored": false, + "lines": "\t\tactual := TruncateName(test.in)", + "message": "actual := TruncateName(test.in)", + "metadata": {}, + "metavars": { + "$A": { + "abstract_content": "actual", + "end": { + "col": 9, + "line": 44, + "offset": 1021 + }, + "start": { + "col": 3, + "line": 44, + "offset": 1015 }, - "$B": { - "abstract_content": "TruncateName(test.in)", - "end": { - "col": 34, - "line": 44, - "offset": 1046 - }, - "start": { - "col": 13, - "line": 44, - "offset": 1025 - }, - "unique_id": { - "md5sum": "e3c6a62c3186d28aad5948e55d4e8a2f", - "type": "AST" - } + "unique_id": { + "sid": 7, + "type": "id" } }, - "severity": "ERROR" + "$B": { + "abstract_content": "TruncateName(test.in)", + "end": { + "col": 34, + "line": 44, + "offset": 1046 + }, + "start": { + "col": 13, + "line": 44, + "offset": 1025 + }, + "unique_id": { + "md5sum": "e3c6a62c3186d28aad5948e55d4e8a2f", + "type": "AST" + } + } }, - "path": "truncatedname_test.go", - "start": { - "col": 3, - "line": 44, - "offset": 1015 - } + "severity": "ERROR" + }, + "path": "truncatedname_test.go", + "start": { + "col": 3, + "line": 44, + "offset": 1015 } - ] - } \ No newline at end of file + } + ] +} diff --git a/scanners/semgrep/parser/__testFiles__/python-injection-multiresult.json b/scanners/semgrep/parser/__testFiles__/python-injection-multiresult.json index 2096b73281..bbb9f5b924 100644 --- a/scanners/semgrep/parser/__testFiles__/python-injection-multiresult.json +++ b/scanners/semgrep/parser/__testFiles__/python-injection-multiresult.json @@ -1,211 +1,207 @@ { - "errors": [], - "results": [ - { - "check_id": "python.django.security.injection.command.command-injection-os-system.command-injection-os-system", - "end": { - "col": 29, - "line": 6, - "offset": 131 + "errors": [], + "results": [ + { + "check_id": "python.django.security.injection.command.command-injection-os-system.command-injection-os-system", + "end": { + "col": 29, + "line": 6, + "offset": 131 + }, + "extra": { + "is_ignored": false, + "lines": " url = request.GET['url']\n os.system('wget ' + url)", + "message": "Request data detected in os.system. This could be vulnerable to a command injection and should be avoided. If this must be done, use the 'subprocess' module instead and pass the arguments as a list. See https://owasp.org/www-community/attacks/Command_Injection for more information.", + "metadata": { + "category": "security", + "cwe": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", + "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", + "owasp": "A1: Injection", + "references": [ + "https://owasp.org/www-community/attacks/Command_Injection" + ], + "source": "https://semgrep.dev/r/python.django.security.injection.command.command-injection-os-system.command-injection-os-system", + "technology": ["django"] }, - "extra": { - "is_ignored": false, - "lines": " url = request.GET['url']\n os.system('wget ' + url)", - "message": "Request data detected in os.system. This could be vulnerable to a command injection and should be avoided. If this must be done, use the 'subprocess' module instead and pass the arguments as a list. See https://owasp.org/www-community/attacks/Command_Injection for more information.", - "metadata": { - "category": "security", - "cwe": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", - "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", - "owasp": "A1: Injection", - "references": [ - "https://owasp.org/www-community/attacks/Command_Injection" - ], - "source": "https://semgrep.dev/r/python.django.security.injection.command.command-injection-os-system.command-injection-os-system", - "technology": [ - "django" - ] + "metavars": { + "$DATA": { + "abstract_content": "url", + "end": { + "col": 8, + "line": 5, + "offset": 81 + }, + "start": { + "col": 5, + "line": 5, + "offset": 78 + }, + "unique_id": { + "sid": 2, + "type": "id" + } + }, + "$FUNC": { + "abstract_content": "danger", + "end": { + "col": 11, + "line": 3, + "offset": 21 + }, + "start": { + "col": 5, + "line": 3, + "offset": 15 + }, + "unique_id": { + "md5sum": "e464e589a56001f3802f41abb5379c2f", + "type": "AST" + } }, - "metavars": { - "$DATA": { - "abstract_content": "url", - "end": { - "col": 8, - "line": 5, - "offset": 81 - }, - "start": { - "col": 5, - "line": 5, - "offset": 78 - }, - "unique_id": { - "sid": 2, - "type": "id" - } - }, - "$FUNC": { - "abstract_content": "danger", - "end": { - "col": 11, - "line": 3, - "offset": 21 - }, - "start": { - "col": 5, - "line": 3, - "offset": 15 - }, - "unique_id": { - "md5sum": "e464e589a56001f3802f41abb5379c2f", - "type": "AST" - } - }, - "$STR": { - "abstract_content": "'wget '", - "end": { - "col": 22, - "line": 6, - "offset": 124 - }, - "start": { - "col": 15, - "line": 6, - "offset": 117 - }, - "unique_id": { - "md5sum": "59ca841b827335bd089d3c8a878a2484", - "type": "AST" - } - }, - "$W": { - "abstract_content": "GET", - "end": { - "col": 22, - "line": 5, - "offset": 95 - }, - "start": { - "col": 19, - "line": 5, - "offset": 92 - }, - "unique_id": { - "md5sum": "9ed5273ba88f285705ba04822846d293", - "type": "AST" - } + "$STR": { + "abstract_content": "'wget '", + "end": { + "col": 22, + "line": 6, + "offset": 124 + }, + "start": { + "col": 15, + "line": 6, + "offset": 117 + }, + "unique_id": { + "md5sum": "59ca841b827335bd089d3c8a878a2484", + "type": "AST" } }, - "severity": "WARNING" + "$W": { + "abstract_content": "GET", + "end": { + "col": 22, + "line": 5, + "offset": 95 + }, + "start": { + "col": 19, + "line": 5, + "offset": 92 + }, + "unique_id": { + "md5sum": "9ed5273ba88f285705ba04822846d293", + "type": "AST" + } + } }, - "path": "test.py", - "start": { - "col": 5, - "line": 5, - "offset": 78 - } + "severity": "WARNING" + }, + "path": "test.py", + "start": { + "col": 5, + "line": 5, + "offset": 78 + } + }, + { + "check_id": "python.django.security.injection.command.command-injection-os-system.command-injection-os-system", + "end": { + "col": 52, + "line": 11, + "offset": 282 }, - { - "check_id": "python.django.security.injection.command.command-injection-os-system.command-injection-os-system", - "end": { - "col": 52, - "line": 11, - "offset": 282 + "extra": { + "is_ignored": false, + "lines": " image = request.POST['image']\n os.system(\"./face-recognize %s --N 24\" % image)", + "message": "Request data detected in os.system. This could be vulnerable to a command injection and should be avoided. If this must be done, use the 'subprocess' module instead and pass the arguments as a list. See https://owasp.org/www-community/attacks/Command_Injection for more information.", + "metadata": { + "category": "security", + "cwe": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", + "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", + "owasp": "A1: Injection", + "references": [ + "https://owasp.org/www-community/attacks/Command_Injection" + ], + "source": "https://semgrep.dev/r/python.django.security.injection.command.command-injection-os-system.command-injection-os-system", + "technology": ["django"] }, - "extra": { - "is_ignored": false, - "lines": " image = request.POST['image']\n os.system(\"./face-recognize %s --N 24\" % image)", - "message": "Request data detected in os.system. This could be vulnerable to a command injection and should be avoided. If this must be done, use the 'subprocess' module instead and pass the arguments as a list. See https://owasp.org/www-community/attacks/Command_Injection for more information.", - "metadata": { - "category": "security", - "cwe": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", - "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", - "owasp": "A1: Injection", - "references": [ - "https://owasp.org/www-community/attacks/Command_Injection" - ], - "source": "https://semgrep.dev/r/python.django.security.injection.command.command-injection-os-system.command-injection-os-system", - "technology": [ - "django" - ] + "metavars": { + "$DATA": { + "abstract_content": "image", + "end": { + "col": 10, + "line": 10, + "offset": 206 + }, + "start": { + "col": 5, + "line": 10, + "offset": 201 + }, + "unique_id": { + "sid": 4, + "type": "id" + } + }, + "$FUNC": { + "abstract_content": "danger2", + "end": { + "col": 12, + "line": 8, + "offset": 144 + }, + "start": { + "col": 5, + "line": 8, + "offset": 137 + }, + "unique_id": { + "md5sum": "f96ed4f1b3cc6e9796774e5f8b825527", + "type": "AST" + } }, - "metavars": { - "$DATA": { - "abstract_content": "image", - "end": { - "col": 10, - "line": 10, - "offset": 206 - }, - "start": { - "col": 5, - "line": 10, - "offset": 201 - }, - "unique_id": { - "sid": 4, - "type": "id" - } - }, - "$FUNC": { - "abstract_content": "danger2", - "end": { - "col": 12, - "line": 8, - "offset": 144 - }, - "start": { - "col": 5, - "line": 8, - "offset": 137 - }, - "unique_id": { - "md5sum": "f96ed4f1b3cc6e9796774e5f8b825527", - "type": "AST" - } - }, - "$STR": { - "abstract_content": "\"./face-recognize %s --N 24\"", - "end": { - "col": 43, - "line": 11, - "offset": 273 - }, - "start": { - "col": 15, - "line": 11, - "offset": 245 - }, - "unique_id": { - "md5sum": "c0d11430e9dd2fdc70d5fa03bcf2cc46", - "type": "AST" - } - }, - "$W": { - "abstract_content": "POST", - "end": { - "col": 25, - "line": 10, - "offset": 221 - }, - "start": { - "col": 21, - "line": 10, - "offset": 217 - }, - "unique_id": { - "md5sum": "2976ab2fedc9ac86ab8ba5a7e10329ac", - "type": "AST" - } + "$STR": { + "abstract_content": "\"./face-recognize %s --N 24\"", + "end": { + "col": 43, + "line": 11, + "offset": 273 + }, + "start": { + "col": 15, + "line": 11, + "offset": 245 + }, + "unique_id": { + "md5sum": "c0d11430e9dd2fdc70d5fa03bcf2cc46", + "type": "AST" } }, - "severity": "WARNING" + "$W": { + "abstract_content": "POST", + "end": { + "col": 25, + "line": 10, + "offset": 221 + }, + "start": { + "col": 21, + "line": 10, + "offset": 217 + }, + "unique_id": { + "md5sum": "2976ab2fedc9ac86ab8ba5a7e10329ac", + "type": "AST" + } + } }, - "path": "test.py", - "start": { - "col": 5, - "line": 10, - "offset": 201 - } + "severity": "WARNING" + }, + "path": "test.py", + "start": { + "col": 5, + "line": 10, + "offset": 201 } - ] - } \ No newline at end of file + } + ] +} diff --git a/scanners/semgrep/parser/__testFiles__/python-injection.json b/scanners/semgrep/parser/__testFiles__/python-injection.json index e63928d688..c4103cefc5 100644 --- a/scanners/semgrep/parser/__testFiles__/python-injection.json +++ b/scanners/semgrep/parser/__testFiles__/python-injection.json @@ -21,9 +21,7 @@ "https://owasp.org/www-community/attacks/Command_Injection" ], "source": "https://semgrep.dev/r/python.django.security.injection.command.command-injection-os-system.command-injection-os-system", - "technology": [ - "django" - ] + "technology": ["django"] }, "metavars": { "$DATA": { diff --git a/scanners/semgrep/parser/package.json b/scanners/semgrep/parser/package.json index c310b338fa..9931710c35 100644 --- a/scanners/semgrep/parser/package.json +++ b/scanners/semgrep/parser/package.json @@ -12,4 +12,4 @@ "xml2js": "^0.4.23" }, "devDependencies": {} -} \ No newline at end of file +} diff --git a/scanners/semgrep/values.yaml b/scanners/semgrep/values.yaml index a379dd7415..3f033652ca 100644 --- a/scanners/semgrep/values.yaml +++ b/scanners/semgrep/values.yaml @@ -6,7 +6,7 @@ parser: repository: securecodebox/parser-semgrep tag: null pullPolicy: IfNotPresent - + backoffLimit: 3 env: [] @@ -63,4 +63,4 @@ scanner: cascadingRules: # cascadingRules.enabled -- Enables or disables the installation of the default cascading rules for this scanner - enabled: true \ No newline at end of file + enabled: true diff --git a/scanners/ssh-scan/examples/demo-app-ssh/findings.yaml b/scanners/ssh-scan/examples/demo-app-ssh/findings.yaml index 201ac53b9b..f82e01f0ff 100644 --- a/scanners/ssh-scan/examples/demo-app-ssh/findings.yaml +++ b/scanners/ssh-scan/examples/demo-app-ssh/findings.yaml @@ -3,122 +3,118 @@ # SPDX-License-Identifier: Apache-2.0 [ - { - "name": "SSH Service", - "description": "SSH Service Information", - "category": "SSH Service", - "osi_layer": "APPLICATION", - "severity": "INFORMATIONAL", - "reference": {}, - "hint": "", - "location": "dummy-ssh.demo-targets.svc", - "attributes": { - "hostname": "dummy-ssh.demo-targets.svc", - "ip_address": "10.102.131.102", - "server_banner": "SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8", - "ssh_version": 2, - "os_cpe": "o:canonical:ubuntu:16.04", - "ssh_lib_cpe": "a:openssh:openssh:7.2p2", - "compliance_policy": "Mozilla Modern", - "compliant": false, - "grade": "D", - "references": [ - "https://wiki.mozilla.org/Security/Guidelines/OpenSSH" - ], - "auth_methods": [ - "publickey", - "password" - ], - "key_algorithms": [ - "curve25519-sha256@libssh.org", - "ecdh-sha2-nistp256", - "ecdh-sha2-nistp384", - "ecdh-sha2-nistp521", - "diffie-hellman-group-exchange-sha256", - "diffie-hellman-group14-sha1" - ], - "encryption_algorithms": [ - "chacha20-poly1305@openssh.com", - "aes128-ctr", - "aes192-ctr", - "aes256-ctr", - "aes128-gcm@openssh.com", - "aes256-gcm@openssh.com" - ], - "mac_algorithms": [ - "umac-64-etm@openssh.com", - "umac-128-etm@openssh.com", - "hmac-sha2-256-etm@openssh.com", - "hmac-sha2-512-etm@openssh.com", - "hmac-sha1-etm@openssh.com", - "umac-64@openssh.com", - "umac-128@openssh.com", - "hmac-sha2-256", - "hmac-sha2-512", - "hmac-sha1" - ], - "compression_algorithms": [ - "none", - "zlib@openssh.com" - ] - }, - "id": "17ac9886-d083-4c58-8518-557aa3b38d2d" - }, - { - "name": "Insecure SSH Key Algorithms", - "description": "Deprecated / discouraged SSH key algorithms are used", - "category": "SSH Policy Violation", - "osi_layer": "NETWORK", - "severity": "MEDIUM", - "reference": {}, - "hint": "Remove these key exchange algorithms: diffie-hellman-group14-sha1", - "location": "dummy-ssh.demo-targets.svc", - "attributes": { - "hostname": "dummy-ssh.demo-targets.svc", - "ip_address": "10.102.131.102", - "payload": [ - "diffie-hellman-group14-sha1" - ] - }, - "id": "650c5ed1-00fb-44e3-933c-515dca4a1eda" - }, - { - "name": "Insecure SSH MAC Algorithms", - "description": "Deprecated / discouraged SSH MAC algorithms are used", - "category": "SSH Policy Violation", - "osi_layer": "NETWORK", - "severity": "MEDIUM", - "reference": {}, - "hint": "Remove these MAC algorithms: umac-64-etm@openssh.com, hmac-sha1-etm@openssh.com, umac-64@openssh.com, hmac-sha1", - "location": "dummy-ssh.demo-targets.svc", - "attributes": { - "hostname": "dummy-ssh.demo-targets.svc", - "ip_address": "10.102.131.102", - "payload": [ - "umac-64-etm@openssh.com", - "hmac-sha1-etm@openssh.com", - "umac-64@openssh.com", - "hmac-sha1" - ] - }, - "id": "5b681ed0-b509-400b-bb1e-ae839bb1b766" - }, - { - "name": "Discouraged SSH authentication methods", - "description": "Discouraged SSH authentication methods are used", - "category": "SSH Policy Violation", - "osi_layer": "NETWORK", - "severity": "MEDIUM", - "reference": {}, - "hint": "Remove these authentication methods: password", - "location": "dummy-ssh.demo-targets.svc", - "attributes": { - "hostname": "dummy-ssh.demo-targets.svc", - "ip_address": "10.102.131.102", - "payload": [ - "password" - ] - }, - "id": "4485916d-3747-4c16-a730-a9b1146dd9a2" - } + { + "name": "SSH Service", + "description": "SSH Service Information", + "category": "SSH Service", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "reference": {}, + "hint": "", + "location": "dummy-ssh.demo-targets.svc", + "attributes": + { + "hostname": "dummy-ssh.demo-targets.svc", + "ip_address": "10.102.131.102", + "server_banner": "SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8", + "ssh_version": 2, + "os_cpe": "o:canonical:ubuntu:16.04", + "ssh_lib_cpe": "a:openssh:openssh:7.2p2", + "compliance_policy": "Mozilla Modern", + "compliant": false, + "grade": "D", + "references": ["https://wiki.mozilla.org/Security/Guidelines/OpenSSH"], + "auth_methods": ["publickey", "password"], + "key_algorithms": + [ + "curve25519-sha256@libssh.org", + "ecdh-sha2-nistp256", + "ecdh-sha2-nistp384", + "ecdh-sha2-nistp521", + "diffie-hellman-group-exchange-sha256", + "diffie-hellman-group14-sha1", + ], + "encryption_algorithms": + [ + "chacha20-poly1305@openssh.com", + "aes128-ctr", + "aes192-ctr", + "aes256-ctr", + "aes128-gcm@openssh.com", + "aes256-gcm@openssh.com", + ], + "mac_algorithms": + [ + "umac-64-etm@openssh.com", + "umac-128-etm@openssh.com", + "hmac-sha2-256-etm@openssh.com", + "hmac-sha2-512-etm@openssh.com", + "hmac-sha1-etm@openssh.com", + "umac-64@openssh.com", + "umac-128@openssh.com", + "hmac-sha2-256", + "hmac-sha2-512", + "hmac-sha1", + ], + "compression_algorithms": ["none", "zlib@openssh.com"], + }, + "id": "17ac9886-d083-4c58-8518-557aa3b38d2d", + }, + { + "name": "Insecure SSH Key Algorithms", + "description": "Deprecated / discouraged SSH key algorithms are used", + "category": "SSH Policy Violation", + "osi_layer": "NETWORK", + "severity": "MEDIUM", + "reference": {}, + "hint": "Remove these key exchange algorithms: diffie-hellman-group14-sha1", + "location": "dummy-ssh.demo-targets.svc", + "attributes": + { + "hostname": "dummy-ssh.demo-targets.svc", + "ip_address": "10.102.131.102", + "payload": ["diffie-hellman-group14-sha1"], + }, + "id": "650c5ed1-00fb-44e3-933c-515dca4a1eda", + }, + { + "name": "Insecure SSH MAC Algorithms", + "description": "Deprecated / discouraged SSH MAC algorithms are used", + "category": "SSH Policy Violation", + "osi_layer": "NETWORK", + "severity": "MEDIUM", + "reference": {}, + "hint": "Remove these MAC algorithms: umac-64-etm@openssh.com, hmac-sha1-etm@openssh.com, umac-64@openssh.com, hmac-sha1", + "location": "dummy-ssh.demo-targets.svc", + "attributes": + { + "hostname": "dummy-ssh.demo-targets.svc", + "ip_address": "10.102.131.102", + "payload": + [ + "umac-64-etm@openssh.com", + "hmac-sha1-etm@openssh.com", + "umac-64@openssh.com", + "hmac-sha1", + ], + }, + "id": "5b681ed0-b509-400b-bb1e-ae839bb1b766", + }, + { + "name": "Discouraged SSH authentication methods", + "description": "Discouraged SSH authentication methods are used", + "category": "SSH Policy Violation", + "osi_layer": "NETWORK", + "severity": "MEDIUM", + "reference": {}, + "hint": "Remove these authentication methods: password", + "location": "dummy-ssh.demo-targets.svc", + "attributes": + { + "hostname": "dummy-ssh.demo-targets.svc", + "ip_address": "10.102.131.102", + "payload": ["password"], + }, + "id": "4485916d-3747-4c16-a730-a9b1146dd9a2", + }, ] diff --git a/scanners/ssh-scan/examples/demo-app-ssh/ssh-scan-results.json b/scanners/ssh-scan/examples/demo-app-ssh/ssh-scan-results.json index 3b08c2b700..04bbbda605 100644 --- a/scanners/ssh-scan/examples/demo-app-ssh/ssh-scan-results.json +++ b/scanners/ssh-scan/examples/demo-app-ssh/ssh-scan-results.json @@ -58,24 +58,11 @@ "hmac-sha2-512", "hmac-sha1" ], - "compression_algorithms_client_to_server": [ - "none", - "zlib@openssh.com" - ], - "compression_algorithms_server_to_client": [ - "none", - "zlib@openssh.com" - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - "publickey", - "password" - ], + "compression_algorithms_client_to_server": ["none", "zlib@openssh.com"], + "compression_algorithms_server_to_client": ["none", "zlib@openssh.com"], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": ["publickey", "password"], "keys": { "rsa": { "raw": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDm2L8IYocSd9gmOCacv/W8rYTloYr3xqOiP65rdu1pqoRkhgdIe4KluDj3dor/cuPwl0W/E3v9eI5HJTJ0WfbPVUzNTDCoX+Fj4g2kdwGQdhePlYjfEBeLxze2cNK5bVP2ngjRAkhgDl9w0oQoFVAi4rpzvyu5xOO/YcmE0hMboQmAL5ckWxZNP3XPrEbxqUUzb1B5QU7oq2D8oh9o8WaLvTplssBH3ut/i7e4Tva2Y6d+lwlB4lep1Tat0sNyn8P5l5acprjA6CM4Dd2bd1mz/1L4hhX4bAx5fhuDGbM1OJvsLiDQx3Eic5q5iCrBFpjTs/4m4W3aLAo1jgXziMGv", @@ -105,12 +92,8 @@ } } }, - "dns_keys": [ - - ], - "duplicate_host_key_ips": [ - - ], + "dns_keys": [], + "duplicate_host_key_ips": [], "compliance": { "policy": "Mozilla Modern", "compliant": false, @@ -119,9 +102,7 @@ "Remove these MAC algorithms: umac-64-etm@openssh.com, hmac-sha1-etm@openssh.com, umac-64@openssh.com, hmac-sha1", "Remove these authentication methods: password" ], - "references": [ - "https://wiki.mozilla.org/Security/Guidelines/OpenSSH" - ], + "references": ["https://wiki.mozilla.org/Security/Guidelines/OpenSSH"], "grade": "D" }, "start_time": "2020-06-28 17:55:43 +0000", diff --git a/scanners/ssh-scan/examples/localhost/findings.yaml b/scanners/ssh-scan/examples/localhost/findings.yaml index b7651b83c0..a08a9b2b58 100644 --- a/scanners/ssh-scan/examples/localhost/findings.yaml +++ b/scanners/ssh-scan/examples/localhost/findings.yaml @@ -14,50 +14,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": [ - - ], - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": [], + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:08 +0200", "end_time": "2020-05-18 14:16:08 +0200", "scan_duration_seconds": 0.009147, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -70,48 +44,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:08 +0200", "end_time": "2020-05-18 14:16:13 +0200", "scan_duration_seconds": 5.018145, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -124,48 +74,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:08 +0200", "end_time": "2020-05-18 14:16:13 +0200", "scan_duration_seconds": 5.023781, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -178,48 +104,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:08 +0200", "end_time": "2020-05-18 14:16:13 +0200", "scan_duration_seconds": 5.025497, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -232,48 +134,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:08 +0200", "end_time": "2020-05-18 14:16:13 +0200", "scan_duration_seconds": 5.026574, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -286,48 +164,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:08 +0200", "end_time": "2020-05-18 14:16:13 +0200", "scan_duration_seconds": 5.019285, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -340,48 +194,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:13 +0200", "end_time": "2020-05-18 14:16:19 +0200", "scan_duration_seconds": 5.045999, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -394,48 +224,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:13 +0200", "end_time": "2020-05-18 14:16:19 +0200", "scan_duration_seconds": 5.05908, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -448,48 +254,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:13 +0200", "end_time": "2020-05-18 14:16:19 +0200", "scan_duration_seconds": 5.052545, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -502,48 +284,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:13 +0200", "end_time": "2020-05-18 14:16:19 +0200", "scan_duration_seconds": 5.056765, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -556,48 +314,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:13 +0200", "end_time": "2020-05-18 14:16:19 +0200", "scan_duration_seconds": 5.06131, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -610,48 +344,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:19 +0200", "end_time": "2020-05-18 14:16:24 +0200", "scan_duration_seconds": 5.015576, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -664,48 +374,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:19 +0200", "end_time": "2020-05-18 14:16:24 +0200", "scan_duration_seconds": 5.013597, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -718,48 +404,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:19 +0200", "end_time": "2020-05-18 14:16:24 +0200", "scan_duration_seconds": 5.012137, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -772,48 +434,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:19 +0200", "end_time": "2020-05-18 14:16:24 +0200", "scan_duration_seconds": 5.015068, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -826,48 +464,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:19 +0200", "end_time": "2020-05-18 14:16:24 +0200", "scan_duration_seconds": 5.016027, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -880,48 +494,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:24 +0200", "end_time": "2020-05-18 14:16:29 +0200", "scan_duration_seconds": 5.014476, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -934,48 +524,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:24 +0200", "end_time": "2020-05-18 14:16:29 +0200", "scan_duration_seconds": 5.012788, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -988,48 +554,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:39 +0200", "end_time": "2020-05-18 14:16:44 +0200", "scan_duration_seconds": 5.026775, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -1042,48 +584,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:44 +0200", "end_time": "2020-05-18 14:16:49 +0200", "scan_duration_seconds": 5.004179, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -1096,48 +614,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:44 +0200", "end_time": "2020-05-18 14:16:49 +0200", "scan_duration_seconds": 5.011815, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -1150,48 +644,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:44 +0200", "end_time": "2020-05-18 14:16:49 +0200", "scan_duration_seconds": 5.015197, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -1204,48 +674,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:44 +0200", "end_time": "2020-05-18 14:16:49 +0200", "scan_duration_seconds": 5.020542, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -1258,48 +704,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:44 +0200", "end_time": "2020-05-18 14:16:49 +0200", "scan_duration_seconds": 5.023733, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -1312,48 +734,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:49 +0200", "end_time": "2020-05-18 14:16:54 +0200", "scan_duration_seconds": 5.009096, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -1366,48 +764,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:49 +0200", "end_time": "2020-05-18 14:16:54 +0200", "scan_duration_seconds": 5.011373, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -1420,48 +794,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:49 +0200", "end_time": "2020-05-18 14:16:54 +0200", "scan_duration_seconds": 5.021025, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -1474,48 +824,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:49 +0200", "end_time": "2020-05-18 14:16:54 +0200", "scan_duration_seconds": 5.013896, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -1528,48 +854,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:49 +0200", "end_time": "2020-05-18 14:16:54 +0200", "scan_duration_seconds": 5.01212, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -1582,48 +884,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:54 +0200", "end_time": "2020-05-18 14:16:59 +0200", "scan_duration_seconds": 5.015682, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -1636,48 +914,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:54 +0200", "end_time": "2020-05-18 14:16:59 +0200", "scan_duration_seconds": 5.024721, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -1690,48 +944,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:54 +0200", "end_time": "2020-05-18 14:16:59 +0200", "scan_duration_seconds": 5.018128, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -1744,48 +974,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:54 +0200", "end_time": "2020-05-18 14:16:59 +0200", "scan_duration_seconds": 5.016329, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -1798,48 +1004,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:54 +0200", "end_time": "2020-05-18 14:16:59 +0200", "scan_duration_seconds": 5.017229, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -1852,48 +1034,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:59 +0200", "end_time": "2020-05-18 14:17:04 +0200", "scan_duration_seconds": 5.013938, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -1906,48 +1064,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:59 +0200", "end_time": "2020-05-18 14:17:04 +0200", "scan_duration_seconds": 5.027029, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -1960,48 +1094,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:59 +0200", "end_time": "2020-05-18 14:17:04 +0200", "scan_duration_seconds": 5.034224, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -2014,48 +1124,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:59 +0200", "end_time": "2020-05-18 14:17:04 +0200", "scan_duration_seconds": 5.039258, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -2068,48 +1154,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:59 +0200", "end_time": "2020-05-18 14:17:04 +0200", "scan_duration_seconds": 5.040982, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -2122,48 +1184,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:04 +0200", "end_time": "2020-05-18 14:17:09 +0200", "scan_duration_seconds": 5.00823, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -2176,48 +1214,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:04 +0200", "end_time": "2020-05-18 14:17:09 +0200", "scan_duration_seconds": 5.023171, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -2230,48 +1244,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:04 +0200", "end_time": "2020-05-18 14:17:09 +0200", "scan_duration_seconds": 5.013186, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -2284,48 +1274,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:04 +0200", "end_time": "2020-05-18 14:17:09 +0200", "scan_duration_seconds": 5.010377, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -2338,48 +1304,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:04 +0200", "end_time": "2020-05-18 14:17:09 +0200", "scan_duration_seconds": 5.014818, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -2392,48 +1334,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:09 +0200", "end_time": "2020-05-18 14:17:14 +0200", "scan_duration_seconds": 5.009808, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -2446,48 +1364,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:09 +0200", "end_time": "2020-05-18 14:17:14 +0200", "scan_duration_seconds": 5.017995, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -2500,48 +1394,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:09 +0200", "end_time": "2020-05-18 14:17:14 +0200", "scan_duration_seconds": 5.017735, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -2554,48 +1424,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:09 +0200", "end_time": "2020-05-18 14:17:14 +0200", "scan_duration_seconds": 5.019746, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -2608,48 +1454,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:09 +0200", "end_time": "2020-05-18 14:17:14 +0200", "scan_duration_seconds": 5.016963, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -2662,48 +1484,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:14 +0200", "end_time": "2020-05-18 14:17:19 +0200", "scan_duration_seconds": 5.009804, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -2716,48 +1514,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:14 +0200", "end_time": "2020-05-18 14:17:19 +0200", "scan_duration_seconds": 5.016983, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -2770,48 +1544,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:14 +0200", "end_time": "2020-05-18 14:17:19 +0200", "scan_duration_seconds": 5.01562, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -2824,48 +1574,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:14 +0200", "end_time": "2020-05-18 14:17:19 +0200", "scan_duration_seconds": 5.016326, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -2878,48 +1604,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:14 +0200", "end_time": "2020-05-18 14:17:19 +0200", "scan_duration_seconds": 5.017919, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -2932,48 +1634,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:19 +0200", "end_time": "2020-05-18 14:17:24 +0200", "scan_duration_seconds": 5.025453, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -2986,48 +1664,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:19 +0200", "end_time": "2020-05-18 14:17:24 +0200", "scan_duration_seconds": 5.016805, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -3040,48 +1694,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:19 +0200", "end_time": "2020-05-18 14:17:24 +0200", "scan_duration_seconds": 5.020961, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -3094,48 +1724,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:19 +0200", "end_time": "2020-05-18 14:17:24 +0200", "scan_duration_seconds": 5.024436, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -3148,48 +1754,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:19 +0200", "end_time": "2020-05-18 14:17:24 +0200", "scan_duration_seconds": 5.021202, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -3202,48 +1784,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:24 +0200", "end_time": "2020-05-18 14:17:29 +0200", "scan_duration_seconds": 5.008501, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -3256,48 +1814,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:24 +0200", "end_time": "2020-05-18 14:17:29 +0200", "scan_duration_seconds": 5.010518, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -3310,48 +1844,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:24 +0200", "end_time": "2020-05-18 14:17:29 +0200", "scan_duration_seconds": 5.017385, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -3364,48 +1874,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:24 +0200", "end_time": "2020-05-18 14:17:29 +0200", "scan_duration_seconds": 5.017398, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -3418,48 +1904,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:24 +0200", "end_time": "2020-05-18 14:17:29 +0200", "scan_duration_seconds": 5.019877, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -3472,48 +1934,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:29 +0200", "end_time": "2020-05-18 14:17:34 +0200", "scan_duration_seconds": 5.012493, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -3526,48 +1964,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:29 +0200", "end_time": "2020-05-18 14:17:34 +0200", "scan_duration_seconds": 5.01596, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -3580,48 +1994,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:29 +0200", "end_time": "2020-05-18 14:17:34 +0200", "scan_duration_seconds": 5.036337, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -3634,48 +2024,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:29 +0200", "end_time": "2020-05-18 14:17:34 +0200", "scan_duration_seconds": 5.040029, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -3688,48 +2054,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:29 +0200", "end_time": "2020-05-18 14:17:34 +0200", "scan_duration_seconds": 5.034385, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -3742,48 +2084,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:34 +0200", "end_time": "2020-05-18 14:17:39 +0200", "scan_duration_seconds": 5.009505, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -3796,48 +2114,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:34 +0200", "end_time": "2020-05-18 14:17:39 +0200", "scan_duration_seconds": 5.012555, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -3850,48 +2144,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:34 +0200", "end_time": "2020-05-18 14:17:39 +0200", "scan_duration_seconds": 5.014005, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -3904,48 +2174,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:34 +0200", "end_time": "2020-05-18 14:17:39 +0200", "scan_duration_seconds": 5.01487, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -3958,48 +2204,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:34 +0200", "end_time": "2020-05-18 14:17:39 +0200", "scan_duration_seconds": 5.015081, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -4012,48 +2234,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:39 +0200", "end_time": "2020-05-18 14:17:44 +0200", "scan_duration_seconds": 5.011196, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -4066,48 +2264,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:39 +0200", "end_time": "2020-05-18 14:17:44 +0200", "scan_duration_seconds": 5.00896, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -4120,48 +2294,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:39 +0200", "end_time": "2020-05-18 14:17:44 +0200", "scan_duration_seconds": 5.013573, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -4174,48 +2324,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:39 +0200", "end_time": "2020-05-18 14:17:44 +0200", "scan_duration_seconds": 5.015892, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -4228,48 +2354,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:39 +0200", "end_time": "2020-05-18 14:17:44 +0200", "scan_duration_seconds": 5.017638, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -4282,48 +2384,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:44 +0200", "end_time": "2020-05-18 14:17:49 +0200", "scan_duration_seconds": 5.014191, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -4336,48 +2414,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:44 +0200", "end_time": "2020-05-18 14:17:49 +0200", "scan_duration_seconds": 5.012209, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -4390,48 +2444,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:44 +0200", "end_time": "2020-05-18 14:17:49 +0200", "scan_duration_seconds": 5.015569, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -4444,48 +2474,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:44 +0200", "end_time": "2020-05-18 14:17:49 +0200", "scan_duration_seconds": 5.019266, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -4498,48 +2504,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:44 +0200", "end_time": "2020-05-18 14:17:49 +0200", "scan_duration_seconds": 5.019509, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -4552,48 +2534,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:49 +0200", "end_time": "2020-05-18 14:17:54 +0200", "scan_duration_seconds": 5.011426, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -4606,48 +2564,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:49 +0200", "end_time": "2020-05-18 14:17:54 +0200", "scan_duration_seconds": 5.008065, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -4660,48 +2594,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:49 +0200", "end_time": "2020-05-18 14:17:54 +0200", "scan_duration_seconds": 5.010373, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -4714,48 +2624,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:49 +0200", "end_time": "2020-05-18 14:17:54 +0200", "scan_duration_seconds": 5.011829, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -4768,48 +2654,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:49 +0200", "end_time": "2020-05-18 14:17:54 +0200", "scan_duration_seconds": 5.01201, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -4822,48 +2684,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:54 +0200", "end_time": "2020-05-18 14:17:59 +0200", "scan_duration_seconds": 5.011443, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -4876,48 +2714,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:54 +0200", "end_time": "2020-05-18 14:17:59 +0200", "scan_duration_seconds": 5.013181, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -4930,48 +2744,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:54 +0200", "end_time": "2020-05-18 14:17:59 +0200", "scan_duration_seconds": 5.009685, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -4984,48 +2774,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:54 +0200", "end_time": "2020-05-18 14:17:59 +0200", "scan_duration_seconds": 5.014025, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -5038,48 +2804,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:54 +0200", "end_time": "2020-05-18 14:17:59 +0200", "scan_duration_seconds": 5.014552, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -5092,48 +2834,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:59 +0200", "end_time": "2020-05-18 14:18:04 +0200", "scan_duration_seconds": 5.014669, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -5146,48 +2864,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:59 +0200", "end_time": "2020-05-18 14:18:04 +0200", "scan_duration_seconds": 5.011557, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -5200,48 +2894,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:59 +0200", "end_time": "2020-05-18 14:18:04 +0200", "scan_duration_seconds": 5.014777, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -5254,48 +2924,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:59 +0200", "end_time": "2020-05-18 14:18:04 +0200", "scan_duration_seconds": 5.012769, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -5308,48 +2954,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:59 +0200", "end_time": "2020-05-18 14:18:04 +0200", "scan_duration_seconds": 5.015077, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -5362,48 +2984,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:04 +0200", "end_time": "2020-05-18 14:18:09 +0200", "scan_duration_seconds": 5.012724, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -5416,48 +3014,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:04 +0200", "end_time": "2020-05-18 14:18:09 +0200", "scan_duration_seconds": 5.020184, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -5470,48 +3044,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:04 +0200", "end_time": "2020-05-18 14:18:09 +0200", "scan_duration_seconds": 5.015805, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -5524,48 +3074,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:04 +0200", "end_time": "2020-05-18 14:18:09 +0200", "scan_duration_seconds": 5.013292, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -5578,48 +3104,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:04 +0200", "end_time": "2020-05-18 14:18:09 +0200", "scan_duration_seconds": 5.013342, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -5632,48 +3134,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:09 +0200", "end_time": "2020-05-18 14:18:14 +0200", "scan_duration_seconds": 5.009917, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -5686,48 +3164,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:09 +0200", "end_time": "2020-05-18 14:18:14 +0200", "scan_duration_seconds": 5.00777, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -5740,48 +3194,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:09 +0200", "end_time": "2020-05-18 14:18:14 +0200", "scan_duration_seconds": 5.009052, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -5794,48 +3224,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:09 +0200", "end_time": "2020-05-18 14:18:14 +0200", "scan_duration_seconds": 5.010297, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -5848,48 +3254,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:09 +0200", "end_time": "2020-05-18 14:18:14 +0200", "scan_duration_seconds": 5.007845, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -5902,48 +3284,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:14 +0200", "end_time": "2020-05-18 14:18:19 +0200", "scan_duration_seconds": 5.007212, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -5956,48 +3314,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:14 +0200", "end_time": "2020-05-18 14:18:19 +0200", "scan_duration_seconds": 5.007011, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -6010,48 +3344,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:14 +0200", "end_time": "2020-05-18 14:18:19 +0200", "scan_duration_seconds": 5.010844, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -6064,48 +3374,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:14 +0200", "end_time": "2020-05-18 14:18:19 +0200", "scan_duration_seconds": 5.020804, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -6118,48 +3404,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:14 +0200", "end_time": "2020-05-18 14:18:19 +0200", "scan_duration_seconds": 5.011265, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -6172,48 +3434,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:19 +0200", "end_time": "2020-05-18 14:18:24 +0200", "scan_duration_seconds": 5.013889, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -6226,48 +3464,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:19 +0200", "end_time": "2020-05-18 14:18:24 +0200", "scan_duration_seconds": 5.011654, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -6280,48 +3494,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:19 +0200", "end_time": "2020-05-18 14:18:24 +0200", "scan_duration_seconds": 5.011695, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -6334,48 +3524,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:19 +0200", "end_time": "2020-05-18 14:18:24 +0200", "scan_duration_seconds": 5.012752, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -6388,48 +3554,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:19 +0200", "end_time": "2020-05-18 14:18:24 +0200", "scan_duration_seconds": 5.016228, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -6442,48 +3584,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:24 +0200", "end_time": "2020-05-18 14:18:29 +0200", "scan_duration_seconds": 5.007896, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -6496,48 +3614,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:24 +0200", "end_time": "2020-05-18 14:18:29 +0200", "scan_duration_seconds": 5.012671, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -6550,48 +3644,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:24 +0200", "end_time": "2020-05-18 14:18:29 +0200", "scan_duration_seconds": 5.01449, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -6604,48 +3674,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:24 +0200", "end_time": "2020-05-18 14:18:29 +0200", "scan_duration_seconds": 5.01353, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -6658,48 +3704,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:24 +0200", "end_time": "2020-05-18 14:18:29 +0200", "scan_duration_seconds": 5.02139, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -6712,48 +3734,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:29 +0200", "end_time": "2020-05-18 14:18:34 +0200", "scan_duration_seconds": 5.00722, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -6766,48 +3764,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:29 +0200", "end_time": "2020-05-18 14:18:34 +0200", "scan_duration_seconds": 5.008936, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -6820,48 +3794,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:29 +0200", "end_time": "2020-05-18 14:18:34 +0200", "scan_duration_seconds": 5.010428, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -6874,48 +3824,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:29 +0200", "end_time": "2020-05-18 14:18:34 +0200", "scan_duration_seconds": 5.010461, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -6928,48 +3854,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:29 +0200", "end_time": "2020-05-18 14:18:34 +0200", "scan_duration_seconds": 5.010366, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -6982,48 +3884,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:34 +0200", "end_time": "2020-05-18 14:18:39 +0200", "scan_duration_seconds": 5.004849, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -7036,48 +3914,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:34 +0200", "end_time": "2020-05-18 14:18:39 +0200", "scan_duration_seconds": 5.007421, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -7090,48 +3944,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:34 +0200", "end_time": "2020-05-18 14:18:39 +0200", "scan_duration_seconds": 5.010495, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -7144,48 +3974,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:34 +0200", "end_time": "2020-05-18 14:18:39 +0200", "scan_duration_seconds": 5.012477, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -7198,48 +4004,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:34 +0200", "end_time": "2020-05-18 14:18:39 +0200", "scan_duration_seconds": 5.009218, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -7252,48 +4034,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:39 +0200", "end_time": "2020-05-18 14:18:44 +0200", "scan_duration_seconds": 5.011404, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -7306,48 +4064,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:39 +0200", "end_time": "2020-05-18 14:18:44 +0200", "scan_duration_seconds": 5.009484, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -7360,48 +4094,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:39 +0200", "end_time": "2020-05-18 14:18:44 +0200", "scan_duration_seconds": 5.006623, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -7414,48 +4124,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:39 +0200", "end_time": "2020-05-18 14:18:44 +0200", "scan_duration_seconds": 5.009452, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -7468,48 +4154,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:39 +0200", "end_time": "2020-05-18 14:18:44 +0200", "scan_duration_seconds": 5.010617, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -7522,48 +4184,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:44 +0200", "end_time": "2020-05-18 14:18:49 +0200", "scan_duration_seconds": 5.007965, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -7576,48 +4214,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:44 +0200", "end_time": "2020-05-18 14:18:49 +0200", "scan_duration_seconds": 5.006987, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -7630,48 +4244,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:44 +0200", "end_time": "2020-05-18 14:18:49 +0200", "scan_duration_seconds": 5.005987, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -7684,48 +4274,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:44 +0200", "end_time": "2020-05-18 14:18:49 +0200", "scan_duration_seconds": 5.014419, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -7738,48 +4304,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:44 +0200", "end_time": "2020-05-18 14:18:49 +0200", "scan_duration_seconds": 5.01457, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -7792,48 +4334,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:49 +0200", "end_time": "2020-05-18 14:18:54 +0200", "scan_duration_seconds": 5.018359, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -7846,48 +4364,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:49 +0200", "end_time": "2020-05-18 14:18:54 +0200", "scan_duration_seconds": 5.017265, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -7900,48 +4394,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:49 +0200", "end_time": "2020-05-18 14:18:54 +0200", "scan_duration_seconds": 5.014736, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -7954,48 +4424,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:49 +0200", "end_time": "2020-05-18 14:18:54 +0200", "scan_duration_seconds": 5.016781, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -8008,48 +4454,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:49 +0200", "end_time": "2020-05-18 14:18:54 +0200", "scan_duration_seconds": 5.018615, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -8062,48 +4484,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:54 +0200", "end_time": "2020-05-18 14:18:59 +0200", "scan_duration_seconds": 5.009226, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -8116,48 +4514,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:54 +0200", "end_time": "2020-05-18 14:18:59 +0200", "scan_duration_seconds": 5.009719, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -8170,48 +4544,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:54 +0200", "end_time": "2020-05-18 14:18:59 +0200", "scan_duration_seconds": 5.01229, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -8224,48 +4574,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:54 +0200", "end_time": "2020-05-18 14:18:59 +0200", "scan_duration_seconds": 5.009089, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -8278,48 +4604,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:54 +0200", "end_time": "2020-05-18 14:18:59 +0200", "scan_duration_seconds": 5.008697, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -8332,48 +4634,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:59 +0200", "end_time": "2020-05-18 14:19:04 +0200", "scan_duration_seconds": 5.013729, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -8386,48 +4664,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:59 +0200", "end_time": "2020-05-18 14:19:04 +0200", "scan_duration_seconds": 5.021665, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -8440,48 +4694,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:59 +0200", "end_time": "2020-05-18 14:19:04 +0200", "scan_duration_seconds": 5.010501, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -8494,48 +4724,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:59 +0200", "end_time": "2020-05-18 14:19:04 +0200", "scan_duration_seconds": 5.009526, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -8548,48 +4754,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:59 +0200", "end_time": "2020-05-18 14:19:04 +0200", "scan_duration_seconds": 5.016848, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -8602,48 +4784,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:04 +0200", "end_time": "2020-05-18 14:19:09 +0200", "scan_duration_seconds": 5.013499, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -8656,48 +4814,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:04 +0200", "end_time": "2020-05-18 14:19:09 +0200", "scan_duration_seconds": 5.013188, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -8710,48 +4844,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:04 +0200", "end_time": "2020-05-18 14:19:09 +0200", "scan_duration_seconds": 5.012, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -8764,48 +4874,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:04 +0200", "end_time": "2020-05-18 14:19:09 +0200", "scan_duration_seconds": 5.01268, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -8818,48 +4904,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:04 +0200", "end_time": "2020-05-18 14:19:09 +0200", "scan_duration_seconds": 5.016068, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -8872,48 +4934,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:09 +0200", "end_time": "2020-05-18 14:19:14 +0200", "scan_duration_seconds": 5.009168, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -8926,48 +4964,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:09 +0200", "end_time": "2020-05-18 14:19:14 +0200", "scan_duration_seconds": 5.012193, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -8980,48 +4994,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:09 +0200", "end_time": "2020-05-18 14:19:14 +0200", "scan_duration_seconds": 5.012495, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -9034,48 +5024,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:09 +0200", "end_time": "2020-05-18 14:19:14 +0200", "scan_duration_seconds": 5.010615, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -9088,48 +5054,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:09 +0200", "end_time": "2020-05-18 14:19:14 +0200", "scan_duration_seconds": 5.009718, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -9142,48 +5084,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:14 +0200", "end_time": "2020-05-18 14:19:19 +0200", "scan_duration_seconds": 5.013079, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -9196,48 +5114,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:14 +0200", "end_time": "2020-05-18 14:19:19 +0200", "scan_duration_seconds": 5.008909, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -9250,48 +5144,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:14 +0200", "end_time": "2020-05-18 14:19:19 +0200", "scan_duration_seconds": 5.012701, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -9304,48 +5174,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:14 +0200", "end_time": "2020-05-18 14:19:19 +0200", "scan_duration_seconds": 5.011254, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -9358,48 +5204,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:14 +0200", "end_time": "2020-05-18 14:19:19 +0200", "scan_duration_seconds": 5.011075, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -9412,48 +5234,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:19 +0200", "end_time": "2020-05-18 14:19:24 +0200", "scan_duration_seconds": 5.008206, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -9466,48 +5264,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:19 +0200", "end_time": "2020-05-18 14:19:24 +0200", "scan_duration_seconds": 5.008122, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -9520,48 +5294,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:19 +0200", "end_time": "2020-05-18 14:19:24 +0200", "scan_duration_seconds": 5.008552, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -9574,48 +5324,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:19 +0200", "end_time": "2020-05-18 14:19:24 +0200", "scan_duration_seconds": 5.010205, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -9628,48 +5354,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:19 +0200", "end_time": "2020-05-18 14:19:24 +0200", "scan_duration_seconds": 5.009305, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -9682,48 +5384,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:24 +0200", "end_time": "2020-05-18 14:19:29 +0200", "scan_duration_seconds": 5.014749, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -9736,48 +5414,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:24 +0200", "end_time": "2020-05-18 14:19:29 +0200", "scan_duration_seconds": 5.009968, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -9790,48 +5444,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:24 +0200", "end_time": "2020-05-18 14:19:29 +0200", "scan_duration_seconds": 5.006475, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -9844,48 +5474,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:24 +0200", "end_time": "2020-05-18 14:19:29 +0200", "scan_duration_seconds": 5.009185, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -9898,48 +5504,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:24 +0200", "end_time": "2020-05-18 14:19:29 +0200", "scan_duration_seconds": 5.008749, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -9952,48 +5534,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:29 +0200", "end_time": "2020-05-18 14:19:34 +0200", "scan_duration_seconds": 5.008611, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -10006,48 +5564,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:29 +0200", "end_time": "2020-05-18 14:19:34 +0200", "scan_duration_seconds": 5.007647, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -10060,48 +5594,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:29 +0200", "end_time": "2020-05-18 14:19:34 +0200", "scan_duration_seconds": 5.009199, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -10114,48 +5624,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:29 +0200", "end_time": "2020-05-18 14:19:34 +0200", "scan_duration_seconds": 5.007476, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -10168,48 +5654,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:29 +0200", "end_time": "2020-05-18 14:19:34 +0200", "scan_duration_seconds": 5.012679, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -10220,50 +5682,26 @@ "ssh_version": "unknown", "os": "unknown", "os_cpe": "o:unknown", - "ssh_lib": "unknown", - "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:34 +0200", "end_time": "2020-05-18 14:19:39 +0200", "scan_duration_seconds": 5.016178, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -10276,48 +5714,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:34 +0200", "end_time": "2020-05-18 14:19:39 +0200", "scan_duration_seconds": 5.013339, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -10330,48 +5744,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:34 +0200", "end_time": "2020-05-18 14:19:39 +0200", "scan_duration_seconds": 5.011069, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -10384,48 +5774,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:34 +0200", "end_time": "2020-05-18 14:19:39 +0200", "scan_duration_seconds": 5.01491, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -10438,48 +5804,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:34 +0200", "end_time": "2020-05-18 14:19:39 +0200", "scan_duration_seconds": 5.008301, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -10492,48 +5834,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:39 +0200", "end_time": "2020-05-18 14:19:44 +0200", "scan_duration_seconds": 5.007219, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -10546,48 +5864,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:39 +0200", "end_time": "2020-05-18 14:19:44 +0200", "scan_duration_seconds": 5.008252, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -10600,48 +5894,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:39 +0200", "end_time": "2020-05-18 14:19:44 +0200", "scan_duration_seconds": 5.013376, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -10654,48 +5924,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:39 +0200", "end_time": "2020-05-18 14:19:44 +0200", "scan_duration_seconds": 5.005473, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -10708,48 +5954,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:39 +0200", "end_time": "2020-05-18 14:19:44 +0200", "scan_duration_seconds": 5.009484, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -10762,48 +5984,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:44 +0200", "end_time": "2020-05-18 14:19:49 +0200", "scan_duration_seconds": 5.004647, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -10816,48 +6014,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:44 +0200", "end_time": "2020-05-18 14:19:49 +0200", "scan_duration_seconds": 5.015997, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -10870,48 +6044,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:44 +0200", "end_time": "2020-05-18 14:19:49 +0200", "scan_duration_seconds": 5.009858, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -10924,48 +6074,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:44 +0200", "end_time": "2020-05-18 14:19:49 +0200", "scan_duration_seconds": 5.009426, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -10978,48 +6104,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:44 +0200", "end_time": "2020-05-18 14:19:49 +0200", "scan_duration_seconds": 5.011433, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -11032,48 +6134,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:49 +0200", "end_time": "2020-05-18 14:19:54 +0200", "scan_duration_seconds": 5.007592, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -11086,48 +6164,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:49 +0200", "end_time": "2020-05-18 14:19:54 +0200", "scan_duration_seconds": 5.014186, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -11140,48 +6194,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:49 +0200", "end_time": "2020-05-18 14:19:54 +0200", "scan_duration_seconds": 5.015063, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -11194,48 +6224,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:49 +0200", "end_time": "2020-05-18 14:19:54 +0200", "scan_duration_seconds": 5.011104, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -11248,48 +6254,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:49 +0200", "end_time": "2020-05-18 14:19:54 +0200", "scan_duration_seconds": 5.008299, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -11302,48 +6284,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:54 +0200", "end_time": "2020-05-18 14:19:59 +0200", "scan_duration_seconds": 5.006931, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -11356,48 +6314,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:54 +0200", "end_time": "2020-05-18 14:19:59 +0200", "scan_duration_seconds": 5.009133, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -11410,48 +6344,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:54 +0200", "end_time": "2020-05-18 14:19:59 +0200", "scan_duration_seconds": 5.007698, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -11463,49 +6373,25 @@ "os": "unknown", "os_cpe": "o:unknown", "ssh_lib": "unknown", - "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:54 +0200", "end_time": "2020-05-18 14:19:59 +0200", "scan_duration_seconds": 5.006834, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -11518,48 +6404,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:54 +0200", "end_time": "2020-05-18 14:19:59 +0200", "scan_duration_seconds": 5.009307, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -11572,48 +6434,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:59 +0200", "end_time": "2020-05-18 14:20:04 +0200", "scan_duration_seconds": 5.010224, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -11626,48 +6464,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:59 +0200", "end_time": "2020-05-18 14:20:04 +0200", "scan_duration_seconds": 5.017244, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -11680,48 +6494,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:59 +0200", "end_time": "2020-05-18 14:20:04 +0200", "scan_duration_seconds": 5.023908, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -11734,48 +6524,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:59 +0200", "end_time": "2020-05-18 14:20:04 +0200", "scan_duration_seconds": 5.022695, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -11788,48 +6554,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:59 +0200", "end_time": "2020-05-18 14:20:04 +0200", "scan_duration_seconds": 5.016382, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -11842,48 +6584,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:04 +0200", "end_time": "2020-05-18 14:20:09 +0200", "scan_duration_seconds": 5.012382, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -11896,48 +6614,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:04 +0200", "end_time": "2020-05-18 14:20:09 +0200", "scan_duration_seconds": 5.010582, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -11950,48 +6644,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:04 +0200", "end_time": "2020-05-18 14:20:09 +0200", "scan_duration_seconds": 5.013688, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -12004,48 +6674,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:04 +0200", "end_time": "2020-05-18 14:20:09 +0200", "scan_duration_seconds": 5.02014, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -12058,48 +6704,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:04 +0200", "end_time": "2020-05-18 14:20:09 +0200", "scan_duration_seconds": 5.019114, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -12112,48 +6734,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:09 +0200", "end_time": "2020-05-18 14:20:14 +0200", "scan_duration_seconds": 5.010204, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -12166,48 +6764,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:09 +0200", "end_time": "2020-05-18 14:20:14 +0200", "scan_duration_seconds": 5.026513, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -12220,48 +6794,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:09 +0200", "end_time": "2020-05-18 14:20:14 +0200", "scan_duration_seconds": 5.015253, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -12274,48 +6824,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:09 +0200", "end_time": "2020-05-18 14:20:14 +0200", "scan_duration_seconds": 5.00897, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -12328,48 +6854,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:09 +0200", "end_time": "2020-05-18 14:20:14 +0200", "scan_duration_seconds": 5.012336, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -12382,48 +6884,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:14 +0200", "end_time": "2020-05-18 14:20:19 +0200", "scan_duration_seconds": 5.016242, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -12436,48 +6914,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:14 +0200", "end_time": "2020-05-18 14:20:19 +0200", "scan_duration_seconds": 5.009471, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -12490,48 +6944,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:14 +0200", "end_time": "2020-05-18 14:20:19 +0200", "scan_duration_seconds": 5.010296, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -12544,48 +6974,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:14 +0200", "end_time": "2020-05-18 14:20:19 +0200", "scan_duration_seconds": 5.008444, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -12598,48 +7004,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:14 +0200", "end_time": "2020-05-18 14:20:19 +0200", "scan_duration_seconds": 5.029963, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -12652,48 +7034,24 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:19 +0200", "end_time": "2020-05-18 14:20:24 +0200", "scan_duration_seconds": 5.020419, - "error": "Socket is no longer valid" + "error": "Socket is no longer valid", }, { "ssh_scan_version": "0.0.42", @@ -12706,47 +7064,23 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:19 +0200", "end_time": "2020-05-18 14:20:24 +0200", "scan_duration_seconds": 5.009291, - "error": "Socket is no longer valid" - } + "error": "Socket is no longer valid", + }, ] diff --git a/scanners/ssh-scan/parser/__testFiles__/192.168.42.42.json b/scanners/ssh-scan/parser/__testFiles__/192.168.42.42.json index a3a3904d79..1b7e9925c1 100644 --- a/scanners/ssh-scan/parser/__testFiles__/192.168.42.42.json +++ b/scanners/ssh-scan/parser/__testFiles__/192.168.42.42.json @@ -58,31 +58,16 @@ "hmac-sha2-512", "hmac-sha1" ], - "compression_algorithms_client_to_server": [ - "none", - "zlib@openssh.com" - ], - "compression_algorithms_server_to_client": [ - "none", - "zlib@openssh.com" - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - "publickey", - "password" - ], + "compression_algorithms_client_to_server": ["none", "zlib@openssh.com"], + "compression_algorithms_server_to_client": ["none", "zlib@openssh.com"], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": ["publickey", "password"], "keys": { "removed_in_this_mock_file_for_space_reasons": true }, "dns_keys": null, - "duplicate_host_key_ips": [ - - ], + "duplicate_host_key_ips": [], "compliance": { "policy": "Mozilla Modern", "compliant": false, @@ -91,9 +76,7 @@ "Remove these MAC algorithms: umac-64-etm@openssh.com, hmac-sha1-etm@openssh.com, umac-64@openssh.com, hmac-sha1", "Remove these authentication methods: password" ], - "references": [ - "https://wiki.mozilla.org/Security/Guidelines/OpenSSH" - ], + "references": ["https://wiki.mozilla.org/Security/Guidelines/OpenSSH"], "grade": "D" }, "start_time": "2019-10-03 18:37:10 +0200", diff --git a/scanners/ssh-scan/parser/__testFiles__/local-network.json b/scanners/ssh-scan/parser/__testFiles__/local-network.json index 02216ed26d..91b811134f 100644 --- a/scanners/ssh-scan/parser/__testFiles__/local-network.json +++ b/scanners/ssh-scan/parser/__testFiles__/local-network.json @@ -10,46 +10,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": [ - - ], - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": [], + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:08 +0200", "end_time": "2020-05-18 14:16:08 +0200", "scan_duration_seconds": 0.009147, @@ -66,44 +40,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:08 +0200", "end_time": "2020-05-18 14:16:13 +0200", "scan_duration_seconds": 5.018145, @@ -120,44 +70,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:08 +0200", "end_time": "2020-05-18 14:16:13 +0200", "scan_duration_seconds": 5.023781, @@ -174,44 +100,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:08 +0200", "end_time": "2020-05-18 14:16:13 +0200", "scan_duration_seconds": 5.025497, @@ -228,44 +130,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:08 +0200", "end_time": "2020-05-18 14:16:13 +0200", "scan_duration_seconds": 5.026574, @@ -282,44 +160,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:08 +0200", "end_time": "2020-05-18 14:16:13 +0200", "scan_duration_seconds": 5.019285, @@ -336,44 +190,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:13 +0200", "end_time": "2020-05-18 14:16:19 +0200", "scan_duration_seconds": 5.045999, @@ -390,44 +220,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:13 +0200", "end_time": "2020-05-18 14:16:19 +0200", "scan_duration_seconds": 5.05908, @@ -444,44 +250,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:13 +0200", "end_time": "2020-05-18 14:16:19 +0200", "scan_duration_seconds": 5.052545, @@ -498,44 +280,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:13 +0200", "end_time": "2020-05-18 14:16:19 +0200", "scan_duration_seconds": 5.056765, @@ -552,44 +310,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:13 +0200", "end_time": "2020-05-18 14:16:19 +0200", "scan_duration_seconds": 5.06131, @@ -606,44 +340,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:19 +0200", "end_time": "2020-05-18 14:16:24 +0200", "scan_duration_seconds": 5.015576, @@ -660,44 +370,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:19 +0200", "end_time": "2020-05-18 14:16:24 +0200", "scan_duration_seconds": 5.013597, @@ -714,44 +400,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:19 +0200", "end_time": "2020-05-18 14:16:24 +0200", "scan_duration_seconds": 5.012137, @@ -768,44 +430,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:19 +0200", "end_time": "2020-05-18 14:16:24 +0200", "scan_duration_seconds": 5.015068, @@ -822,44 +460,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:19 +0200", "end_time": "2020-05-18 14:16:24 +0200", "scan_duration_seconds": 5.016027, @@ -876,44 +490,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:24 +0200", "end_time": "2020-05-18 14:16:29 +0200", "scan_duration_seconds": 5.014476, @@ -930,44 +520,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:24 +0200", "end_time": "2020-05-18 14:16:29 +0200", "scan_duration_seconds": 5.012788, @@ -984,44 +550,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:39 +0200", "end_time": "2020-05-18 14:16:44 +0200", "scan_duration_seconds": 5.026775, @@ -1038,44 +580,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:44 +0200", "end_time": "2020-05-18 14:16:49 +0200", "scan_duration_seconds": 5.004179, @@ -1092,44 +610,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:44 +0200", "end_time": "2020-05-18 14:16:49 +0200", "scan_duration_seconds": 5.011815, @@ -1146,44 +640,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:44 +0200", "end_time": "2020-05-18 14:16:49 +0200", "scan_duration_seconds": 5.015197, @@ -1200,44 +670,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:44 +0200", "end_time": "2020-05-18 14:16:49 +0200", "scan_duration_seconds": 5.020542, @@ -1254,44 +700,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:44 +0200", "end_time": "2020-05-18 14:16:49 +0200", "scan_duration_seconds": 5.023733, @@ -1308,44 +730,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:49 +0200", "end_time": "2020-05-18 14:16:54 +0200", "scan_duration_seconds": 5.009096, @@ -1362,44 +760,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:49 +0200", "end_time": "2020-05-18 14:16:54 +0200", "scan_duration_seconds": 5.011373, @@ -1416,44 +790,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:49 +0200", "end_time": "2020-05-18 14:16:54 +0200", "scan_duration_seconds": 5.021025, @@ -1470,44 +820,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:49 +0200", "end_time": "2020-05-18 14:16:54 +0200", "scan_duration_seconds": 5.013896, @@ -1524,44 +850,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:49 +0200", "end_time": "2020-05-18 14:16:54 +0200", "scan_duration_seconds": 5.01212, @@ -1578,44 +880,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:54 +0200", "end_time": "2020-05-18 14:16:59 +0200", "scan_duration_seconds": 5.015682, @@ -1632,44 +910,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:54 +0200", "end_time": "2020-05-18 14:16:59 +0200", "scan_duration_seconds": 5.024721, @@ -1686,44 +940,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:54 +0200", "end_time": "2020-05-18 14:16:59 +0200", "scan_duration_seconds": 5.018128, @@ -1740,44 +970,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:54 +0200", "end_time": "2020-05-18 14:16:59 +0200", "scan_duration_seconds": 5.016329, @@ -1794,44 +1000,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:54 +0200", "end_time": "2020-05-18 14:16:59 +0200", "scan_duration_seconds": 5.017229, @@ -1848,44 +1030,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:59 +0200", "end_time": "2020-05-18 14:17:04 +0200", "scan_duration_seconds": 5.013938, @@ -1902,44 +1060,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:59 +0200", "end_time": "2020-05-18 14:17:04 +0200", "scan_duration_seconds": 5.027029, @@ -1956,44 +1090,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:59 +0200", "end_time": "2020-05-18 14:17:04 +0200", "scan_duration_seconds": 5.034224, @@ -2010,44 +1120,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:59 +0200", "end_time": "2020-05-18 14:17:04 +0200", "scan_duration_seconds": 5.039258, @@ -2064,44 +1150,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:16:59 +0200", "end_time": "2020-05-18 14:17:04 +0200", "scan_duration_seconds": 5.040982, @@ -2118,44 +1180,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:04 +0200", "end_time": "2020-05-18 14:17:09 +0200", "scan_duration_seconds": 5.00823, @@ -2172,44 +1210,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:04 +0200", "end_time": "2020-05-18 14:17:09 +0200", "scan_duration_seconds": 5.023171, @@ -2226,44 +1240,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:04 +0200", "end_time": "2020-05-18 14:17:09 +0200", "scan_duration_seconds": 5.013186, @@ -2280,44 +1270,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:04 +0200", "end_time": "2020-05-18 14:17:09 +0200", "scan_duration_seconds": 5.010377, @@ -2334,44 +1300,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:04 +0200", "end_time": "2020-05-18 14:17:09 +0200", "scan_duration_seconds": 5.014818, @@ -2388,44 +1330,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:09 +0200", "end_time": "2020-05-18 14:17:14 +0200", "scan_duration_seconds": 5.009808, @@ -2442,44 +1360,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:09 +0200", "end_time": "2020-05-18 14:17:14 +0200", "scan_duration_seconds": 5.017995, @@ -2496,44 +1390,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:09 +0200", "end_time": "2020-05-18 14:17:14 +0200", "scan_duration_seconds": 5.017735, @@ -2550,44 +1420,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:09 +0200", "end_time": "2020-05-18 14:17:14 +0200", "scan_duration_seconds": 5.019746, @@ -2604,44 +1450,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:09 +0200", "end_time": "2020-05-18 14:17:14 +0200", "scan_duration_seconds": 5.016963, @@ -2658,44 +1480,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:14 +0200", "end_time": "2020-05-18 14:17:19 +0200", "scan_duration_seconds": 5.009804, @@ -2712,44 +1510,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:14 +0200", "end_time": "2020-05-18 14:17:19 +0200", "scan_duration_seconds": 5.016983, @@ -2766,44 +1540,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:14 +0200", "end_time": "2020-05-18 14:17:19 +0200", "scan_duration_seconds": 5.01562, @@ -2820,44 +1570,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:14 +0200", "end_time": "2020-05-18 14:17:19 +0200", "scan_duration_seconds": 5.016326, @@ -2874,44 +1600,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:14 +0200", "end_time": "2020-05-18 14:17:19 +0200", "scan_duration_seconds": 5.017919, @@ -2928,44 +1630,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:19 +0200", "end_time": "2020-05-18 14:17:24 +0200", "scan_duration_seconds": 5.025453, @@ -2982,44 +1660,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:19 +0200", "end_time": "2020-05-18 14:17:24 +0200", "scan_duration_seconds": 5.016805, @@ -3036,44 +1690,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:19 +0200", "end_time": "2020-05-18 14:17:24 +0200", "scan_duration_seconds": 5.020961, @@ -3090,44 +1720,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:19 +0200", "end_time": "2020-05-18 14:17:24 +0200", "scan_duration_seconds": 5.024436, @@ -3144,44 +1750,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:19 +0200", "end_time": "2020-05-18 14:17:24 +0200", "scan_duration_seconds": 5.021202, @@ -3198,44 +1780,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:24 +0200", "end_time": "2020-05-18 14:17:29 +0200", "scan_duration_seconds": 5.008501, @@ -3252,44 +1810,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:24 +0200", "end_time": "2020-05-18 14:17:29 +0200", "scan_duration_seconds": 5.010518, @@ -3306,44 +1840,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:24 +0200", "end_time": "2020-05-18 14:17:29 +0200", "scan_duration_seconds": 5.017385, @@ -3360,44 +1870,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:24 +0200", "end_time": "2020-05-18 14:17:29 +0200", "scan_duration_seconds": 5.017398, @@ -3414,44 +1900,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:24 +0200", "end_time": "2020-05-18 14:17:29 +0200", "scan_duration_seconds": 5.019877, @@ -3468,44 +1930,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:29 +0200", "end_time": "2020-05-18 14:17:34 +0200", "scan_duration_seconds": 5.012493, @@ -3522,44 +1960,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:29 +0200", "end_time": "2020-05-18 14:17:34 +0200", "scan_duration_seconds": 5.01596, @@ -3576,44 +1990,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:29 +0200", "end_time": "2020-05-18 14:17:34 +0200", "scan_duration_seconds": 5.036337, @@ -3630,44 +2020,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:29 +0200", "end_time": "2020-05-18 14:17:34 +0200", "scan_duration_seconds": 5.040029, @@ -3684,44 +2050,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:29 +0200", "end_time": "2020-05-18 14:17:34 +0200", "scan_duration_seconds": 5.034385, @@ -3738,44 +2080,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:34 +0200", "end_time": "2020-05-18 14:17:39 +0200", "scan_duration_seconds": 5.009505, @@ -3792,44 +2110,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:34 +0200", "end_time": "2020-05-18 14:17:39 +0200", "scan_duration_seconds": 5.012555, @@ -3846,44 +2140,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:34 +0200", "end_time": "2020-05-18 14:17:39 +0200", "scan_duration_seconds": 5.014005, @@ -3900,44 +2170,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:34 +0200", "end_time": "2020-05-18 14:17:39 +0200", "scan_duration_seconds": 5.01487, @@ -3954,44 +2200,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:34 +0200", "end_time": "2020-05-18 14:17:39 +0200", "scan_duration_seconds": 5.015081, @@ -4008,44 +2230,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:39 +0200", "end_time": "2020-05-18 14:17:44 +0200", "scan_duration_seconds": 5.011196, @@ -4062,44 +2260,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:39 +0200", "end_time": "2020-05-18 14:17:44 +0200", "scan_duration_seconds": 5.00896, @@ -4116,44 +2290,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:39 +0200", "end_time": "2020-05-18 14:17:44 +0200", "scan_duration_seconds": 5.013573, @@ -4170,44 +2320,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:39 +0200", "end_time": "2020-05-18 14:17:44 +0200", "scan_duration_seconds": 5.015892, @@ -4224,44 +2350,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:39 +0200", "end_time": "2020-05-18 14:17:44 +0200", "scan_duration_seconds": 5.017638, @@ -4278,44 +2380,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:44 +0200", "end_time": "2020-05-18 14:17:49 +0200", "scan_duration_seconds": 5.014191, @@ -4332,44 +2410,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:44 +0200", "end_time": "2020-05-18 14:17:49 +0200", "scan_duration_seconds": 5.012209, @@ -4386,44 +2440,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:44 +0200", "end_time": "2020-05-18 14:17:49 +0200", "scan_duration_seconds": 5.015569, @@ -4440,44 +2470,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:44 +0200", "end_time": "2020-05-18 14:17:49 +0200", "scan_duration_seconds": 5.019266, @@ -4494,44 +2500,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:44 +0200", "end_time": "2020-05-18 14:17:49 +0200", "scan_duration_seconds": 5.019509, @@ -4548,44 +2530,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:49 +0200", "end_time": "2020-05-18 14:17:54 +0200", "scan_duration_seconds": 5.011426, @@ -4602,44 +2560,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:49 +0200", "end_time": "2020-05-18 14:17:54 +0200", "scan_duration_seconds": 5.008065, @@ -4656,44 +2590,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:49 +0200", "end_time": "2020-05-18 14:17:54 +0200", "scan_duration_seconds": 5.010373, @@ -4710,44 +2620,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:49 +0200", "end_time": "2020-05-18 14:17:54 +0200", "scan_duration_seconds": 5.011829, @@ -4764,44 +2650,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:49 +0200", "end_time": "2020-05-18 14:17:54 +0200", "scan_duration_seconds": 5.01201, @@ -4818,44 +2680,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:54 +0200", "end_time": "2020-05-18 14:17:59 +0200", "scan_duration_seconds": 5.011443, @@ -4872,44 +2710,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:54 +0200", "end_time": "2020-05-18 14:17:59 +0200", "scan_duration_seconds": 5.013181, @@ -4926,44 +2740,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:54 +0200", "end_time": "2020-05-18 14:17:59 +0200", "scan_duration_seconds": 5.009685, @@ -4980,44 +2770,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:54 +0200", "end_time": "2020-05-18 14:17:59 +0200", "scan_duration_seconds": 5.014025, @@ -5034,44 +2800,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:54 +0200", "end_time": "2020-05-18 14:17:59 +0200", "scan_duration_seconds": 5.014552, @@ -5088,44 +2830,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:59 +0200", "end_time": "2020-05-18 14:18:04 +0200", "scan_duration_seconds": 5.014669, @@ -5142,44 +2860,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:59 +0200", "end_time": "2020-05-18 14:18:04 +0200", "scan_duration_seconds": 5.011557, @@ -5196,44 +2890,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:59 +0200", "end_time": "2020-05-18 14:18:04 +0200", "scan_duration_seconds": 5.014777, @@ -5250,44 +2920,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:59 +0200", "end_time": "2020-05-18 14:18:04 +0200", "scan_duration_seconds": 5.012769, @@ -5304,44 +2950,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:17:59 +0200", "end_time": "2020-05-18 14:18:04 +0200", "scan_duration_seconds": 5.015077, @@ -5358,44 +2980,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:04 +0200", "end_time": "2020-05-18 14:18:09 +0200", "scan_duration_seconds": 5.012724, @@ -5412,44 +3010,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:04 +0200", "end_time": "2020-05-18 14:18:09 +0200", "scan_duration_seconds": 5.020184, @@ -5466,44 +3040,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:04 +0200", "end_time": "2020-05-18 14:18:09 +0200", "scan_duration_seconds": 5.015805, @@ -5520,44 +3070,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:04 +0200", "end_time": "2020-05-18 14:18:09 +0200", "scan_duration_seconds": 5.013292, @@ -5574,44 +3100,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:04 +0200", "end_time": "2020-05-18 14:18:09 +0200", "scan_duration_seconds": 5.013342, @@ -5628,44 +3130,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:09 +0200", "end_time": "2020-05-18 14:18:14 +0200", "scan_duration_seconds": 5.009917, @@ -5682,44 +3160,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:09 +0200", "end_time": "2020-05-18 14:18:14 +0200", "scan_duration_seconds": 5.00777, @@ -5736,44 +3190,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:09 +0200", "end_time": "2020-05-18 14:18:14 +0200", "scan_duration_seconds": 5.009052, @@ -5790,44 +3220,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:09 +0200", "end_time": "2020-05-18 14:18:14 +0200", "scan_duration_seconds": 5.010297, @@ -5844,44 +3250,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:09 +0200", "end_time": "2020-05-18 14:18:14 +0200", "scan_duration_seconds": 5.007845, @@ -5898,44 +3280,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:14 +0200", "end_time": "2020-05-18 14:18:19 +0200", "scan_duration_seconds": 5.007212, @@ -5952,44 +3310,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:14 +0200", "end_time": "2020-05-18 14:18:19 +0200", "scan_duration_seconds": 5.007011, @@ -6006,44 +3340,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:14 +0200", "end_time": "2020-05-18 14:18:19 +0200", "scan_duration_seconds": 5.010844, @@ -6060,44 +3370,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:14 +0200", "end_time": "2020-05-18 14:18:19 +0200", "scan_duration_seconds": 5.020804, @@ -6114,44 +3400,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:14 +0200", "end_time": "2020-05-18 14:18:19 +0200", "scan_duration_seconds": 5.011265, @@ -6168,44 +3430,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:19 +0200", "end_time": "2020-05-18 14:18:24 +0200", "scan_duration_seconds": 5.013889, @@ -6222,44 +3460,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:19 +0200", "end_time": "2020-05-18 14:18:24 +0200", "scan_duration_seconds": 5.011654, @@ -6276,44 +3490,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:19 +0200", "end_time": "2020-05-18 14:18:24 +0200", "scan_duration_seconds": 5.011695, @@ -6330,44 +3520,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:19 +0200", "end_time": "2020-05-18 14:18:24 +0200", "scan_duration_seconds": 5.012752, @@ -6384,44 +3550,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:19 +0200", "end_time": "2020-05-18 14:18:24 +0200", "scan_duration_seconds": 5.016228, @@ -6438,44 +3580,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:24 +0200", "end_time": "2020-05-18 14:18:29 +0200", "scan_duration_seconds": 5.007896, @@ -6492,44 +3610,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:24 +0200", "end_time": "2020-05-18 14:18:29 +0200", "scan_duration_seconds": 5.012671, @@ -6546,44 +3640,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:24 +0200", "end_time": "2020-05-18 14:18:29 +0200", "scan_duration_seconds": 5.01449, @@ -6600,44 +3670,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:24 +0200", "end_time": "2020-05-18 14:18:29 +0200", "scan_duration_seconds": 5.01353, @@ -6654,44 +3700,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:24 +0200", "end_time": "2020-05-18 14:18:29 +0200", "scan_duration_seconds": 5.02139, @@ -6708,44 +3730,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:29 +0200", "end_time": "2020-05-18 14:18:34 +0200", "scan_duration_seconds": 5.00722, @@ -6762,44 +3760,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:29 +0200", "end_time": "2020-05-18 14:18:34 +0200", "scan_duration_seconds": 5.008936, @@ -6816,44 +3790,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:29 +0200", "end_time": "2020-05-18 14:18:34 +0200", "scan_duration_seconds": 5.010428, @@ -6870,44 +3820,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:29 +0200", "end_time": "2020-05-18 14:18:34 +0200", "scan_duration_seconds": 5.010461, @@ -6924,44 +3850,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:29 +0200", "end_time": "2020-05-18 14:18:34 +0200", "scan_duration_seconds": 5.010366, @@ -6978,44 +3880,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:34 +0200", "end_time": "2020-05-18 14:18:39 +0200", "scan_duration_seconds": 5.004849, @@ -7032,44 +3910,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:34 +0200", "end_time": "2020-05-18 14:18:39 +0200", "scan_duration_seconds": 5.007421, @@ -7086,44 +3940,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:34 +0200", "end_time": "2020-05-18 14:18:39 +0200", "scan_duration_seconds": 5.010495, @@ -7140,44 +3970,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:34 +0200", "end_time": "2020-05-18 14:18:39 +0200", "scan_duration_seconds": 5.012477, @@ -7194,44 +4000,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:34 +0200", "end_time": "2020-05-18 14:18:39 +0200", "scan_duration_seconds": 5.009218, @@ -7248,44 +4030,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:39 +0200", "end_time": "2020-05-18 14:18:44 +0200", "scan_duration_seconds": 5.011404, @@ -7302,44 +4060,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:39 +0200", "end_time": "2020-05-18 14:18:44 +0200", "scan_duration_seconds": 5.009484, @@ -7356,44 +4090,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:39 +0200", "end_time": "2020-05-18 14:18:44 +0200", "scan_duration_seconds": 5.006623, @@ -7410,44 +4120,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:39 +0200", "end_time": "2020-05-18 14:18:44 +0200", "scan_duration_seconds": 5.009452, @@ -7464,44 +4150,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:39 +0200", "end_time": "2020-05-18 14:18:44 +0200", "scan_duration_seconds": 5.010617, @@ -7518,44 +4180,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:44 +0200", "end_time": "2020-05-18 14:18:49 +0200", "scan_duration_seconds": 5.007965, @@ -7572,44 +4210,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:44 +0200", "end_time": "2020-05-18 14:18:49 +0200", "scan_duration_seconds": 5.006987, @@ -7626,44 +4240,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:44 +0200", "end_time": "2020-05-18 14:18:49 +0200", "scan_duration_seconds": 5.005987, @@ -7680,44 +4270,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:44 +0200", "end_time": "2020-05-18 14:18:49 +0200", "scan_duration_seconds": 5.014419, @@ -7734,44 +4300,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:44 +0200", "end_time": "2020-05-18 14:18:49 +0200", "scan_duration_seconds": 5.01457, @@ -7788,44 +4330,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:49 +0200", "end_time": "2020-05-18 14:18:54 +0200", "scan_duration_seconds": 5.018359, @@ -7842,44 +4360,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:49 +0200", "end_time": "2020-05-18 14:18:54 +0200", "scan_duration_seconds": 5.017265, @@ -7896,44 +4390,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:49 +0200", "end_time": "2020-05-18 14:18:54 +0200", "scan_duration_seconds": 5.014736, @@ -7950,44 +4420,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:49 +0200", "end_time": "2020-05-18 14:18:54 +0200", "scan_duration_seconds": 5.016781, @@ -8004,44 +4450,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:49 +0200", "end_time": "2020-05-18 14:18:54 +0200", "scan_duration_seconds": 5.018615, @@ -8058,44 +4480,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:54 +0200", "end_time": "2020-05-18 14:18:59 +0200", "scan_duration_seconds": 5.009226, @@ -8112,44 +4510,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:54 +0200", "end_time": "2020-05-18 14:18:59 +0200", "scan_duration_seconds": 5.009719, @@ -8166,44 +4540,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:54 +0200", "end_time": "2020-05-18 14:18:59 +0200", "scan_duration_seconds": 5.01229, @@ -8220,44 +4570,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:54 +0200", "end_time": "2020-05-18 14:18:59 +0200", "scan_duration_seconds": 5.009089, @@ -8274,44 +4600,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:54 +0200", "end_time": "2020-05-18 14:18:59 +0200", "scan_duration_seconds": 5.008697, @@ -8328,44 +4630,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:59 +0200", "end_time": "2020-05-18 14:19:04 +0200", "scan_duration_seconds": 5.013729, @@ -8382,44 +4660,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:59 +0200", "end_time": "2020-05-18 14:19:04 +0200", "scan_duration_seconds": 5.021665, @@ -8436,44 +4690,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:59 +0200", "end_time": "2020-05-18 14:19:04 +0200", "scan_duration_seconds": 5.010501, @@ -8490,44 +4720,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:59 +0200", "end_time": "2020-05-18 14:19:04 +0200", "scan_duration_seconds": 5.009526, @@ -8544,44 +4750,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:18:59 +0200", "end_time": "2020-05-18 14:19:04 +0200", "scan_duration_seconds": 5.016848, @@ -8598,44 +4780,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:04 +0200", "end_time": "2020-05-18 14:19:09 +0200", "scan_duration_seconds": 5.013499, @@ -8652,44 +4810,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:04 +0200", "end_time": "2020-05-18 14:19:09 +0200", "scan_duration_seconds": 5.013188, @@ -8706,44 +4840,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:04 +0200", "end_time": "2020-05-18 14:19:09 +0200", "scan_duration_seconds": 5.012, @@ -8760,44 +4870,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:04 +0200", "end_time": "2020-05-18 14:19:09 +0200", "scan_duration_seconds": 5.01268, @@ -8814,44 +4900,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:04 +0200", "end_time": "2020-05-18 14:19:09 +0200", "scan_duration_seconds": 5.016068, @@ -8868,44 +4930,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:09 +0200", "end_time": "2020-05-18 14:19:14 +0200", "scan_duration_seconds": 5.009168, @@ -8922,44 +4960,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:09 +0200", "end_time": "2020-05-18 14:19:14 +0200", "scan_duration_seconds": 5.012193, @@ -8976,44 +4990,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:09 +0200", "end_time": "2020-05-18 14:19:14 +0200", "scan_duration_seconds": 5.012495, @@ -9030,44 +5020,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:09 +0200", "end_time": "2020-05-18 14:19:14 +0200", "scan_duration_seconds": 5.010615, @@ -9084,44 +5050,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:09 +0200", "end_time": "2020-05-18 14:19:14 +0200", "scan_duration_seconds": 5.009718, @@ -9138,44 +5080,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:14 +0200", "end_time": "2020-05-18 14:19:19 +0200", "scan_duration_seconds": 5.013079, @@ -9192,44 +5110,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:14 +0200", "end_time": "2020-05-18 14:19:19 +0200", "scan_duration_seconds": 5.008909, @@ -9246,44 +5140,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:14 +0200", "end_time": "2020-05-18 14:19:19 +0200", "scan_duration_seconds": 5.012701, @@ -9300,44 +5170,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:14 +0200", "end_time": "2020-05-18 14:19:19 +0200", "scan_duration_seconds": 5.011254, @@ -9354,44 +5200,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:14 +0200", "end_time": "2020-05-18 14:19:19 +0200", "scan_duration_seconds": 5.011075, @@ -9408,44 +5230,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:19 +0200", "end_time": "2020-05-18 14:19:24 +0200", "scan_duration_seconds": 5.008206, @@ -9462,44 +5260,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:19 +0200", "end_time": "2020-05-18 14:19:24 +0200", "scan_duration_seconds": 5.008122, @@ -9516,44 +5290,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:19 +0200", "end_time": "2020-05-18 14:19:24 +0200", "scan_duration_seconds": 5.008552, @@ -9570,44 +5320,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:19 +0200", "end_time": "2020-05-18 14:19:24 +0200", "scan_duration_seconds": 5.010205, @@ -9624,44 +5350,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:19 +0200", "end_time": "2020-05-18 14:19:24 +0200", "scan_duration_seconds": 5.009305, @@ -9678,44 +5380,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:24 +0200", "end_time": "2020-05-18 14:19:29 +0200", "scan_duration_seconds": 5.014749, @@ -9732,44 +5410,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:24 +0200", "end_time": "2020-05-18 14:19:29 +0200", "scan_duration_seconds": 5.009968, @@ -9786,44 +5440,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:24 +0200", "end_time": "2020-05-18 14:19:29 +0200", "scan_duration_seconds": 5.006475, @@ -9840,44 +5470,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:24 +0200", "end_time": "2020-05-18 14:19:29 +0200", "scan_duration_seconds": 5.009185, @@ -9894,44 +5500,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:24 +0200", "end_time": "2020-05-18 14:19:29 +0200", "scan_duration_seconds": 5.008749, @@ -9948,44 +5530,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:29 +0200", "end_time": "2020-05-18 14:19:34 +0200", "scan_duration_seconds": 5.008611, @@ -10002,44 +5560,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:29 +0200", "end_time": "2020-05-18 14:19:34 +0200", "scan_duration_seconds": 5.007647, @@ -10056,44 +5590,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:29 +0200", "end_time": "2020-05-18 14:19:34 +0200", "scan_duration_seconds": 5.009199, @@ -10110,44 +5620,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:29 +0200", "end_time": "2020-05-18 14:19:34 +0200", "scan_duration_seconds": 5.007476, @@ -10164,44 +5650,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:29 +0200", "end_time": "2020-05-18 14:19:34 +0200", "scan_duration_seconds": 5.012679, @@ -10218,44 +5680,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:34 +0200", "end_time": "2020-05-18 14:19:39 +0200", "scan_duration_seconds": 5.016178, @@ -10272,44 +5710,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:34 +0200", "end_time": "2020-05-18 14:19:39 +0200", "scan_duration_seconds": 5.013339, @@ -10326,44 +5740,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:34 +0200", "end_time": "2020-05-18 14:19:39 +0200", "scan_duration_seconds": 5.011069, @@ -10380,44 +5770,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:34 +0200", "end_time": "2020-05-18 14:19:39 +0200", "scan_duration_seconds": 5.01491, @@ -10434,44 +5800,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:34 +0200", "end_time": "2020-05-18 14:19:39 +0200", "scan_duration_seconds": 5.008301, @@ -10488,44 +5830,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:39 +0200", "end_time": "2020-05-18 14:19:44 +0200", "scan_duration_seconds": 5.007219, @@ -10542,44 +5860,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:39 +0200", "end_time": "2020-05-18 14:19:44 +0200", "scan_duration_seconds": 5.008252, @@ -10596,44 +5890,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:39 +0200", "end_time": "2020-05-18 14:19:44 +0200", "scan_duration_seconds": 5.013376, @@ -10650,44 +5920,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:39 +0200", "end_time": "2020-05-18 14:19:44 +0200", "scan_duration_seconds": 5.005473, @@ -10704,44 +5950,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:39 +0200", "end_time": "2020-05-18 14:19:44 +0200", "scan_duration_seconds": 5.009484, @@ -10758,44 +5980,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:44 +0200", "end_time": "2020-05-18 14:19:49 +0200", "scan_duration_seconds": 5.004647, @@ -10812,44 +6010,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:44 +0200", "end_time": "2020-05-18 14:19:49 +0200", "scan_duration_seconds": 5.015997, @@ -10866,44 +6040,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:44 +0200", "end_time": "2020-05-18 14:19:49 +0200", "scan_duration_seconds": 5.009858, @@ -10920,44 +6070,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:44 +0200", "end_time": "2020-05-18 14:19:49 +0200", "scan_duration_seconds": 5.009426, @@ -10974,44 +6100,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:44 +0200", "end_time": "2020-05-18 14:19:49 +0200", "scan_duration_seconds": 5.011433, @@ -11028,44 +6130,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:49 +0200", "end_time": "2020-05-18 14:19:54 +0200", "scan_duration_seconds": 5.007592, @@ -11082,44 +6160,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:49 +0200", "end_time": "2020-05-18 14:19:54 +0200", "scan_duration_seconds": 5.014186, @@ -11136,44 +6190,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:49 +0200", "end_time": "2020-05-18 14:19:54 +0200", "scan_duration_seconds": 5.015063, @@ -11190,44 +6220,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:49 +0200", "end_time": "2020-05-18 14:19:54 +0200", "scan_duration_seconds": 5.011104, @@ -11244,44 +6250,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:49 +0200", "end_time": "2020-05-18 14:19:54 +0200", "scan_duration_seconds": 5.008299, @@ -11298,44 +6280,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:54 +0200", "end_time": "2020-05-18 14:19:59 +0200", "scan_duration_seconds": 5.006931, @@ -11352,44 +6310,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:54 +0200", "end_time": "2020-05-18 14:19:59 +0200", "scan_duration_seconds": 5.009133, @@ -11406,44 +6340,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:54 +0200", "end_time": "2020-05-18 14:19:59 +0200", "scan_duration_seconds": 5.007698, @@ -11460,44 +6370,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:54 +0200", "end_time": "2020-05-18 14:19:59 +0200", "scan_duration_seconds": 5.006834, @@ -11514,44 +6400,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:54 +0200", "end_time": "2020-05-18 14:19:59 +0200", "scan_duration_seconds": 5.009307, @@ -11568,44 +6430,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:59 +0200", "end_time": "2020-05-18 14:20:04 +0200", "scan_duration_seconds": 5.010224, @@ -11622,44 +6460,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:59 +0200", "end_time": "2020-05-18 14:20:04 +0200", "scan_duration_seconds": 5.017244, @@ -11676,44 +6490,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:59 +0200", "end_time": "2020-05-18 14:20:04 +0200", "scan_duration_seconds": 5.023908, @@ -11730,44 +6520,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:59 +0200", "end_time": "2020-05-18 14:20:04 +0200", "scan_duration_seconds": 5.022695, @@ -11784,44 +6550,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:19:59 +0200", "end_time": "2020-05-18 14:20:04 +0200", "scan_duration_seconds": 5.016382, @@ -11838,44 +6580,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:04 +0200", "end_time": "2020-05-18 14:20:09 +0200", "scan_duration_seconds": 5.012382, @@ -11892,44 +6610,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:04 +0200", "end_time": "2020-05-18 14:20:09 +0200", "scan_duration_seconds": 5.010582, @@ -11946,44 +6640,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:04 +0200", "end_time": "2020-05-18 14:20:09 +0200", "scan_duration_seconds": 5.013688, @@ -12000,44 +6670,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:04 +0200", "end_time": "2020-05-18 14:20:09 +0200", "scan_duration_seconds": 5.02014, @@ -12054,44 +6700,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:04 +0200", "end_time": "2020-05-18 14:20:09 +0200", "scan_duration_seconds": 5.019114, @@ -12108,44 +6730,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:09 +0200", "end_time": "2020-05-18 14:20:14 +0200", "scan_duration_seconds": 5.010204, @@ -12162,44 +6760,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:09 +0200", "end_time": "2020-05-18 14:20:14 +0200", "scan_duration_seconds": 5.026513, @@ -12216,44 +6790,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:09 +0200", "end_time": "2020-05-18 14:20:14 +0200", "scan_duration_seconds": 5.015253, @@ -12270,44 +6820,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:09 +0200", "end_time": "2020-05-18 14:20:14 +0200", "scan_duration_seconds": 5.00897, @@ -12324,44 +6850,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:09 +0200", "end_time": "2020-05-18 14:20:14 +0200", "scan_duration_seconds": 5.012336, @@ -12378,44 +6880,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:14 +0200", "end_time": "2020-05-18 14:20:19 +0200", "scan_duration_seconds": 5.016242, @@ -12432,44 +6910,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:14 +0200", "end_time": "2020-05-18 14:20:19 +0200", "scan_duration_seconds": 5.009471, @@ -12486,44 +6940,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:14 +0200", "end_time": "2020-05-18 14:20:19 +0200", "scan_duration_seconds": 5.010296, @@ -12540,44 +6970,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:14 +0200", "end_time": "2020-05-18 14:20:19 +0200", "scan_duration_seconds": 5.008444, @@ -12594,44 +7000,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:14 +0200", "end_time": "2020-05-18 14:20:19 +0200", "scan_duration_seconds": 5.029963, @@ -12648,44 +7030,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:19 +0200", "end_time": "2020-05-18 14:20:24 +0200", "scan_duration_seconds": 5.020419, @@ -12702,44 +7060,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": null, - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": null, + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2020-05-18 14:20:19 +0200", "end_time": "2020-05-18 14:20:24 +0200", "scan_duration_seconds": 5.009291, diff --git a/scanners/ssh-scan/parser/__testFiles__/localhost.json b/scanners/ssh-scan/parser/__testFiles__/localhost.json index 466a55183a..1e444b148b 100644 --- a/scanners/ssh-scan/parser/__testFiles__/localhost.json +++ b/scanners/ssh-scan/parser/__testFiles__/localhost.json @@ -10,46 +10,20 @@ "os_cpe": "o:unknown", "ssh_lib": "unknown", "ssh_lib_cpe": "a:unknown", - "key_algorithms": [ - - ], - "encryption_algorithms_client_to_server": [ - - ], - "encryption_algorithms_server_to_client": [ - - ], - "mac_algorithms_client_to_server": [ - - ], - "mac_algorithms_server_to_client": [ - - ], - "compression_algorithms_client_to_server": [ - - ], - "compression_algorithms_server_to_client": [ - - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - - ], - "keys": { - }, - "dns_keys": [ - - ], - "duplicate_host_key_ips": [ - - ], - "compliance": { - }, + "key_algorithms": [], + "encryption_algorithms_client_to_server": [], + "encryption_algorithms_server_to_client": [], + "mac_algorithms_client_to_server": [], + "mac_algorithms_server_to_client": [], + "compression_algorithms_client_to_server": [], + "compression_algorithms_server_to_client": [], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": [], + "keys": {}, + "dns_keys": [], + "duplicate_host_key_ips": [], + "compliance": {}, "start_time": "2019-10-03 18:27:45 +0200", "end_time": "2019-10-03 18:27:45 +0200", "scan_duration_seconds": 0.025856, diff --git a/scanners/ssh-scan/parser/__testFiles__/securecodebox.io.json b/scanners/ssh-scan/parser/__testFiles__/securecodebox.io.json index 2df2d4ccb5..601b107d51 100644 --- a/scanners/ssh-scan/parser/__testFiles__/securecodebox.io.json +++ b/scanners/ssh-scan/parser/__testFiles__/securecodebox.io.json @@ -58,32 +58,16 @@ "hmac-sha2-512", "hmac-sha1" ], - "compression_algorithms_client_to_server": [ - "none", - "zlib@openssh.com" - ], - "compression_algorithms_server_to_client": [ - "none", - "zlib@openssh.com" - ], - "languages_client_to_server": [ - - ], - "languages_server_to_client": [ - - ], - "auth_methods": [ - "publickey" - ], + "compression_algorithms_client_to_server": ["none", "zlib@openssh.com"], + "compression_algorithms_server_to_client": ["none", "zlib@openssh.com"], + "languages_client_to_server": [], + "languages_server_to_client": [], + "auth_methods": ["publickey"], "keys": { "removed_in_this_mock_file_for_space_reasons": true }, - "dns_keys": [ - - ], - "duplicate_host_key_ips": [ - - ], + "dns_keys": [], + "duplicate_host_key_ips": [], "compliance": { "policy": "Mozilla Modern", "compliant": false, @@ -91,9 +75,7 @@ "Remove these key exchange algorithms: diffie-hellman-group14-sha1", "Remove these MAC algorithms: umac-64-etm@openssh.com, hmac-sha1-etm@openssh.com, umac-64@openssh.com, hmac-sha1" ], - "references": [ - "https://wiki.mozilla.org/Security/Guidelines/OpenSSH" - ], + "references": ["https://wiki.mozilla.org/Security/Guidelines/OpenSSH"], "grade": "C" }, "start_time": "2019-10-03 18:28:08 +0200", diff --git a/scanners/sslyze/cascading-rules/ftps.yaml b/scanners/sslyze/cascading-rules/ftps.yaml index 85524b5848..144c43ad54 100644 --- a/scanners/sslyze/cascading-rules/ftps.yaml +++ b/scanners/sslyze/cascading-rules/ftps.yaml @@ -27,5 +27,5 @@ spec: state: open scanSpec: scanType: "sslyze" - parameters: ["--mozilla_config=modern", "{{$.hostOrIP}}:{{attributes.port}}"] - + parameters: + ["--mozilla_config=modern", "{{$.hostOrIP}}:{{attributes.port}}"] diff --git a/scanners/sslyze/cascading-rules/https.yaml b/scanners/sslyze/cascading-rules/https.yaml index d0289b2c78..2fdf9b5b13 100644 --- a/scanners/sslyze/cascading-rules/https.yaml +++ b/scanners/sslyze/cascading-rules/https.yaml @@ -31,4 +31,5 @@ spec: state: open scanSpec: scanType: "sslyze" - parameters: ["--mozilla_config=intermediate", "{{$.hostOrIP}}:{{attributes.port}}"] + parameters: + ["--mozilla_config=intermediate", "{{$.hostOrIP}}:{{attributes.port}}"] diff --git a/scanners/sslyze/cascading-rules/ldaps.yaml b/scanners/sslyze/cascading-rules/ldaps.yaml index fd46f630b4..9b2488300f 100644 --- a/scanners/sslyze/cascading-rules/ldaps.yaml +++ b/scanners/sslyze/cascading-rules/ldaps.yaml @@ -22,5 +22,5 @@ spec: state: open scanSpec: scanType: "sslyze" - parameters: ["--mozilla_config=intermediate", "{{$.hostOrIP}}:{{attributes.port}}"] - + parameters: + ["--mozilla_config=intermediate", "{{$.hostOrIP}}:{{attributes.port}}"] diff --git a/scanners/sslyze/cascading-rules/mail.yaml b/scanners/sslyze/cascading-rules/mail.yaml index c293eccaf8..ce2230402c 100644 --- a/scanners/sslyze/cascading-rules/mail.yaml +++ b/scanners/sslyze/cascading-rules/mail.yaml @@ -27,7 +27,8 @@ spec: state: open scanSpec: scanType: "sslyze" - parameters: ["--mozilla_config=intermediate", "{{$.hostOrIP}}:{{attributes.port}}"] + parameters: + ["--mozilla_config=intermediate", "{{$.hostOrIP}}:{{attributes.port}}"] --- apiVersion: "cascading.securecodebox.io/v1" kind: CascadingRule @@ -54,7 +55,8 @@ spec: state: open scanSpec: scanType: "sslyze" - parameters: ["--mozilla_config=intermediate", "{{$.hostOrIP}}:{{attributes.port}}"] + parameters: + ["--mozilla_config=intermediate", "{{$.hostOrIP}}:{{attributes.port}}"] --- apiVersion: "cascading.securecodebox.io/v1" kind: CascadingRule @@ -81,4 +83,5 @@ spec: state: open scanSpec: scanType: "sslyze" - parameters: ["--mozilla_config=intermediate", "{{$.hostOrIP}}:{{attributes.port}}"] + parameters: + ["--mozilla_config=intermediate", "{{$.hostOrIP}}:{{attributes.port}}"] diff --git a/scanners/sslyze/parser/__testFiles__/expired.badssl.com.json b/scanners/sslyze/parser/__testFiles__/expired.badssl.com.json index 1a6aa5ce67..1755653317 100644 --- a/scanners/sslyze/parser/__testFiles__/expired.badssl.com.json +++ b/scanners/sslyze/parser/__testFiles__/expired.badssl.com.json @@ -1,4829 +1,4826 @@ { - "date_scans_completed": "2021-12-28T12:21:27.539977", - "date_scans_started": "2021-12-28T12:20:45.594432", - "server_scan_results": [ - { - "connectivity_error_trace": null, - "connectivity_result": { - "cipher_suite_supported": "ECDHE-RSA-AES128-GCM-SHA256", - "client_auth_requirement": "DISABLED", - "highest_tls_version_supported": "TLS_1_2", - "supports_ecdh_key_exchange": true - }, - "connectivity_status": "COMPLETED", - "network_configuration": { - "network_max_retries": 3, - "network_timeout": 5, - "tls_client_auth_credentials": null, - "tls_opportunistic_encryption": null, - "tls_server_name_indication": "expired.badssl.com", - "xmpp_to_hostname": null - }, - "scan_result": { - "certificate_info": { - "error_reason": null, - "error_trace": null, - "result": { - "certificate_deployments": [ - { - "leaf_certificate_has_must_staple_extension": false, - "leaf_certificate_is_ev": false, - "leaf_certificate_signed_certificate_timestamps_count": 0, - "leaf_certificate_subject_matches_hostname": true, - "ocsp_response": null, - "ocsp_response_is_trusted": null, - "path_validation_results": [ - { - "openssl_error_string": "certificate has expired", - "trust_store": { - "ev_oids": null, - "name": "Android", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/google_aosp.pem", - "version": "12.0.0_r3" - }, - "verified_certificate_chain": null, - "was_validation_successful": false - }, - { - "openssl_error_string": "certificate has expired", - "trust_store": { - "ev_oids": null, - "name": "Apple", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/apple.pem", - "version": "iOS 15, iPadOS 15, macOS 12, tvOS 15, and watchOS 8" - }, - "verified_certificate_chain": null, - "was_validation_successful": false - }, - { - "openssl_error_string": "certificate has expired", - "trust_store": { - "ev_oids": null, - "name": "Java", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/oracle_java.pem", - "version": "jdk-13.0.2" - }, - "verified_certificate_chain": null, - "was_validation_successful": false - }, - { - "openssl_error_string": "certificate has expired", - "trust_store": { - "ev_oids": [ - { - "dotted_string": "1.2.276.0.44.1.1.1.4", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.392.200091.100.721.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.40.0.17.1.22", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.616.1.113527.2.5.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.159.1.17.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.13177.10.1.3.10", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14370.1.6", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14777.6.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14777.6.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.14.2.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.14.2.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.8.12.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.8.12.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.22234.2.5.2.3.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.23223.1.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.29836.1.10", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.3", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.4", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.36305.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.40869.1.1.22.3", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.4146.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.4788.2.202.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.6334.1.100.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.6449.1.2.1.5.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.782.1.2.1.8.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.7879.13.24.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.8024.0.2.100.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.156.112554.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.528.1.1003.1.2.7", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.578.1.26.1.3.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.756.1.83.21.0", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.756.1.89.1.2.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.792.3.0.3.1.1.5", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.792.3.0.4.1.1.4", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.113733.1.7.23.6", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.113733.1.7.48.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114028.10.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114171.500.9", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114404.1.1.2.4.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114412.2.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114413.1.7.23.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114414.1.7.23.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114414.1.7.24.3", - "name": "Unknown OID" - } - ], - "name": "Mozilla", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/mozilla_nss.pem", - "version": "2021-09-25" - }, - "verified_certificate_chain": null, - "was_validation_successful": false - }, - { - "openssl_error_string": "certificate has expired", - "trust_store": { - "ev_oids": null, - "name": "Windows", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/microsoft_windows.pem", - "version": "2021-09-25" - }, - "verified_certificate_chain": null, - "was_validation_successful": false - } - ], - "received_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFSzCCBDOgAwIBAgIQSueVSfqavj8QDxekeOFpCTANBgkqhkiG9w0BAQsFADCB\nkDELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G\nA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxNjA0BgNV\nBAMTLUNPTU9ETyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD\nQTAeFw0xNTA0MDkwMDAwMDBaFw0xNTA0MTIyMzU5NTlaMFkxITAfBgNVBAsTGERv\nbWFpbiBDb250cm9sIFZhbGlkYXRlZDEdMBsGA1UECxMUUG9zaXRpdmVTU0wgV2ls\nZGNhcmQxFTATBgNVBAMUDCouYmFkc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAMIE7PiM7gTCs9hQ1XBYzJMY61yoaEmwIrX5lZ6xKyx2PmzA\nS2BMTOqytMAPgLaw+XLJhgL5XEFdEyt/ccRLvOmULlA3pmccYYz2QULFRtMWhyef\ndOsKnRFSJiFzbIRMeVXk0WvoBj1IFVKtsyjbqv9u/2CVSndrOfEk0TG23U3AxPxT\nuW1CrbV8/q71FdIzSOciccfCFHpsKOo3St/qbLVytH5aohbcabFXRNsKEqveww9H\ndFxBIuGa+RuT5q0iBikusbpJHAwnnqP7i/dAcgCskgjZjFeEU4EFy+b+a1SYQCeF\nxxC7c3DvaRhBB0VVfPlkPz0sw6l865MaTIbRyoUCAwEAAaOCAdUwggHRMB8GA1Ud\nIwQYMBaAFJCvajqUWgvYkOoSVnPfQ7Q6KNrnMB0GA1UdDgQWBBSd7sF7gQs6R2lx\nGH0RN5O8pRs/+zAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE\nFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgwRjA6BgsrBgEEAbIxAQIC\nBzArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAI\nBgZngQwBAgEwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5jb21vZG9jYS5j\nb20vQ09NT0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCB\nhQYIKwYBBQUHAQEEeTB3ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LmNvbW9kb2Nh\nLmNvbS9DT01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0\nMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wIwYDVR0RBBww\nGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBq\nevHa/wMHcnjFZqFPRkMOXxQhjHUa6zbgH6QQFezaMyV8O7UKxwE4PSf9WNnM6i1p\nOXy+l+8L1gtY54x/v7NMHfO3kICmNnwUW+wHLQI+G1tjWxWrAPofOxkt3+IjEBEH\nfnJ/4r+3ABuYLyw/zoWaJ4wQIghBK4o+gk783SHGVnRwpDTysUCeK1iiWQ8dSO/r\nET7BSp68ZVVtxqPv1dSWzfGuJ/ekVxQ8lEEFeouhN0fX9X3c+s5vMaKwjOrMEpsi\n8TRwz311SotoKQwe6Zaoz7ASH1wq7mcvf71z81oBIgxw+s1F73hczg36TuHvzmWf\nRwxPuzZEaFZcVlmtqoq8\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "QEu9Lx9Mwv3u8Tqr3VI+9h8ccfM=", - "fingerprint_sha256": "uhBc4CusdoiOzuR81Ot5QWU+msmTthsus9zIIBTSG08=", - "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=GB", - "value": "GB" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=Greater Manchester", - "value": "Greater Manchester" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=Salford", - "value": "Salford" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=COMODO CA Limited", - "value": "COMODO CA Limited" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=COMODO RSA Domain Validation Secure Server CA", - "value": "COMODO RSA Domain Validation Secure Server CA" - } - ], - "rfc4514_string": "CN=COMODO RSA Domain Validation Secure Server CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB" - }, - "not_valid_after": "2015-04-12T23:59:59", - "not_valid_before": "2015-04-09T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 - }, - "serial_number": 99565320202650452861752791156765321481, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=Domain Control Validated", - "value": "Domain Control Validated" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=PositiveSSL Wildcard", - "value": "PositiveSSL Wildcard" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.badssl.com", - "value": "*.badssl.com" - } - ], - "rfc4514_string": "CN=*.badssl.com,OU=PositiveSSL Wildcard,OU=Domain Control Validated" - }, - "subject_alternative_name": { - "dns": [ - "*.badssl.com", - "badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGCDCCA/CgAwIBAgIQKy5u6tl1NmwUim7bo3yMBzANBgkqhkiG9w0BAQwFADCB\nhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G\nA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV\nBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMjEy\nMDAwMDAwWhcNMjkwMjExMjM1OTU5WjCBkDELMAkGA1UEBhMCR0IxGzAZBgNVBAgT\nEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR\nQ09NT0RPIENBIExpbWl0ZWQxNjA0BgNVBAMTLUNPTU9ETyBSU0EgRG9tYWluIFZh\nbGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP\nADCCAQoCggEBAI7CAhnhoFmk6zg1jSz9AdDTScBkxwtiBUUWOqigwAwCfx3M28Sh\nbXcDow+G+eMGnD4LgYqbSRutA776S9uMIO3Vzl5ljj4Nr0zCsLdFXlIvNN5IJGS0\nQa4Al/e+Z96e0HqnU4A7fK31llVvl0cKfIWLIpeNs4TgllfQcBhglo/uLQeTnaG6\nytHNe+nEKpooIZFNb5JPJaXyejXdJtxGpdCsWTWM/06RQ1A/WZMebFEh7lgUq/51\nUHg+TLAchhP6a5i84DuUHoVS3AOTJBhuyydRReZw3iVDpA3hSqXttn7IzW3uLh0n\nc13cRTCAquOyQQuvvUSH2rnlG51/ruWFgqUCAwEAAaOCAWUwggFhMB8GA1UdIwQY\nMBaAFLuvfgI9+qbxPISOre44mOzZMjLUMB0GA1UdDgQWBBSQr2o6lFoL2JDqElZz\n30O0Oija5zAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV\nHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgG\nBmeBDAECATBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNv\nbS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcB\nAQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9E\nT1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21v\nZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIBAE4rdk+SHGI2ibp3wScF9BzWRJ2p\nmj6q1WZmAT7qSeaiNbz69t2Vjpk1mA42GHWx3d1Qcnyu3HeIzg/3kCDKo2cuH1Z/\ne+FE6kKVxF0NAVBGFfKBiVlsit2M8RKhjTpCipj4SzR7JzsItG8kO3KdY3RYPBps\nP0/HEZrIqPW1N+8QRcZs2eBelSaz662jue5/DJpmNXMyYE7l3YphLG5SEXdoltMY\ndVEVABt0iN3hxzgEQyjpFv3ZBdRdRydg1vs4O2xyopT4Qhrf7W8GjEXCBgCq5Ojc\n2bXhc3js9iPc0d1sjhqPpepUfJa3w/5Vjo1JXvxku88+vZbrac2/4EjxYoIQ5QxG\nV/Iz2tDIY+3GH5QFlkoakdH368+PUq4NCNk+qKBR6cGHdNXJ93SrLlP7u3r7l+L4\nHyaPs9Kg4DdbKDsx5Q5XLVq4rXmsXiBmGqW5prU5wfWYQ//u+aen/e7KJD2AFsQX\nj4rBYKEMrltDR5FL1ZoXX/nUh8HCjLfn4g8wGTeGrODcQgPmlKidrv0PJFGUzpII\n0fxQ8ANAe4hZ7Q7drNJ3gjTcBpUC2JD5Leo31Rpg0Gcg19hCC0Wvgmje3WYkN5Ap\nlBlGGSW4gNfL1IYoakRwJiNiqZ+Gb7+6kHDSVneFeO/qJakXzlByjAA6quPbYzSf\n+AZxAeKCINT+b72x\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "M5zdV8/VsUEWm2Ff8xQoeC0dpjk=", - "fingerprint_sha256": "AqtX5OZ6DLSN0v80gw6KxA9EdvsIymvj9c2Eb2RoQPA=", - "hpkp_pin": "klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=GB", - "value": "GB" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=Greater Manchester", - "value": "Greater Manchester" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=Salford", - "value": "Salford" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=COMODO CA Limited", - "value": "COMODO CA Limited" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=COMODO RSA Certification Authority", - "value": "COMODO RSA Certification Authority" - } - ], - "rfc4514_string": "CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB" - }, - "not_valid_after": "2029-02-11T23:59:59", - "not_valid_before": "2014-02-12T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 18021508317891126045114383893640587389787314988023771299021472384098480478916503597778296613150634219765052113517870635171403307225477983047468706279013651027886500159485348697094115927961850381525182009137128777951162358715158533528593200093291791323275973789174789209802980910482500744419318360338528025872227868058578212418244189425301367382232973595110901594292490129763308095314503250053957090379265992785603931784956681691284995547158646635183735467516188519673313343149548166538558424521681954529559978463371620234598058977077392872218941503229331579208118464720991080636709101634982701306129953489796945248933 - }, - "serial_number": 57397899145990363081023081275480378375, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.12", - "name": "sha384WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 48, - "name": "sha384" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=GB", - "value": "GB" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=Greater Manchester", - "value": "Greater Manchester" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=Salford", - "value": "Salford" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=COMODO CA Limited", - "value": "COMODO CA Limited" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=COMODO RSA Domain Validation Secure Server CA", - "value": "COMODO RSA Domain Validation Secure Server CA" - } - ], - "rfc4514_string": "CN=COMODO RSA Domain Validation Secure Server CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFdDCCBFygAwIBAgIQJ2buVutJ846r13Ci/ITeIjANBgkqhkiG9w0BAQwFADBv\nMQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk\nZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF\neHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFow\ngYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO\nBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD\nVQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkq\nhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkehUktIKVrGsDSTdxc9EZ3SZKzejfSNw\nAHG8U9/E+ioSj0t/EFa9n3Byt2F/yUsPF6c947AEYe7/EZfH9IY+Cvo+XPmT5jR6\n2RRr55yzhaCCenavcZDX7P0N+pxs+t+wgvQUfvm+xKYvT3+Zf7X8Z0NyvQwA1onr\nayzT7Y+YHBSrfuXjbvzYqOSSJNpDa2K4Vf3qwbxstovzDo2a5JtsaZn4eEgwRdWt\n4Q08RWD8MpZRJ7xnw8outmvqRsfHIKCxH2XeSAi6pE6p8oNGN4Tr6MyBSENnTnIq\nm1y9TBsoilwie7SrmNnu4FGDwwlGTm0+mfqVF9p8M1dBPI1R7Qu2XK8sYxrfV8g/\nvOldxJuvRZnio1oktLqpVj3Pb6r/SVi+8Kj/9Lit6Tf7urj0Czr56ENCHonYhMsT\n8dm74YlguIwoVqwUHZwK53Hrzw7dPamWoUi9PPevtQ0iTMARgexWO/bTouJbt7IE\nIlKVgJNp6I5MZfGRAy1wdALqi2cVKWlSArvX31BqVUa/oKMoYX9w0MOiqiwhqkfO\nKJwGRXa/ghgntNWutMtQ5mv0TIZxMOmm3xaG4Nj/QN370EKIf6MzOi5cHkERgWPO\nGHFrK+ymircxXDpqR+DDeVnWIBqv8mqYqnK8V0rSS527EPywTEHl7R09XiidnMy/\ns1Hap0flhFMCAwEAAaOB9DCB8TAfBgNVHSMEGDAWgBStvZh6NLQm9/rEJlTvA73g\nJMtUGjAdBgNVHQ4EFgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQD\nAgGGMA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0gBAowCDAGBgRVHSAAMEQGA1UdHwQ9\nMDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9BZGRUcnVzdEV4dGVy\nbmFsQ0FSb290LmNybDA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAGGGWh0dHA6\nLy9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggEBAGS/g/FfmoXQ\nzbihKVcN6Fr30ek+8nYEbvFScLsePP9NDXRqzIGCJdPDoCpdTPW6i6FtxFQJdcfj\nJw5dhHk3QBN39bSsHNA7qxcS1u80GH4r6XnTq1dFDK8o+tDb5VCViLvfhVdpfZLY\nUspzgb8c8+a4bmYRBbMelC1/kZWSWfFMzqORcUx8Rww7Cxn2obFshj5cqsQugsv5\nB5a6SE2Q8pTIqXOi6wZ7I53eovNNVZ96YUWYGGjHXkBrI/V5eu+MtWuLt29G9Hvx\nPUsE2JOAWVrgQSQdso8VYFhH2+9uRv0V9dlfmrPb2LjkQLPNlzmuhbsdjrzch5vR\npu/xO28QOG8=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "9a0LzBrVbNFQclschmwwrZLvIbA=", - "fingerprint_sha256": "TzLV3AD3FSUKvMSGUR439QGomd6zv36orbvTrvHEEto=", - "hpkp_pin": "grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=SE", - "value": "SE" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=AddTrust AB", - "value": "AddTrust AB" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=AddTrust External TTP Network", - "value": "AddTrust External TTP Network" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=AddTrust External CA Root", - "value": "AddTrust External CA Root" - } - ], - "rfc4514_string": "CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE" - }, - "not_valid_after": "2020-05-30T10:48:38", - "not_valid_before": "2000-05-30T10:48:38", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 595250832037245141724642107398533641144111340640849154810839512193646804439589382557795096048235159392412856809181253983148280442751106836828767077478502910675291715965426418324395462826337195608826159904332409833532414343087397304684051488024083060971973988667565926401713702437407307790551210783180012029671811979458976709742365579736599681150756374332129237698142054260771585540729412505699671993111094681722253786369180597052805125225748672266569013967025850135765598233721214965171040686884703517711864518647963618102322884373894861238464186441528415873877499307554355231373646804211013770034465627350166153734933786011622475019872581027516832913754790596939102532587063612068091625752995700206528059096165261547017202283116886060219954285939324476288744352486373249118864714420341870384243932900936553074796547571643358129426474424573956572670213304441994994142333208766235762328926816055054634905252931414737971249889745696283503174642385591131856834241724878687870772321902051261453524679758731747154638983677185705464969589189761598154153383380395065347776922242683529305823609958629983678843126221186204478003285765580771286537570893899006127941280337699169761047271395591258462580922460487748761665926731923248227868312659 - }, - "serial_number": 52374340215108295845375962883522092578, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.12", - "name": "sha384WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 48, - "name": "sha384" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=GB", - "value": "GB" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=Greater Manchester", - "value": "Greater Manchester" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=Salford", - "value": "Salford" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=COMODO CA Limited", - "value": "COMODO CA Limited" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=COMODO RSA Certification Authority", - "value": "COMODO RSA Certification Authority" - } - ], - "rfc4514_string": "CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "received_chain_contains_anchor_certificate": null, - "received_chain_has_valid_order": true, - "verified_certificate_chain": null, - "verified_chain_has_legacy_symantec_anchor": null, - "verified_chain_has_sha1_signature": null - } - ], - "hostname_used_for_server_name_indication": "expired.badssl.com" + "date_scans_completed": "2021-12-28T12:21:27.539977", + "date_scans_started": "2021-12-28T12:20:45.594432", + "server_scan_results": [ + { + "connectivity_error_trace": null, + "connectivity_result": { + "cipher_suite_supported": "ECDHE-RSA-AES128-GCM-SHA256", + "client_auth_requirement": "DISABLED", + "highest_tls_version_supported": "TLS_1_2", + "supports_ecdh_key_exchange": true + }, + "connectivity_status": "COMPLETED", + "network_configuration": { + "network_max_retries": 3, + "network_timeout": 5, + "tls_client_auth_credentials": null, + "tls_opportunistic_encryption": null, + "tls_server_name_indication": "expired.badssl.com", + "xmpp_to_hostname": null + }, + "scan_result": { + "certificate_info": { + "error_reason": null, + "error_trace": null, + "result": { + "certificate_deployments": [ + { + "leaf_certificate_has_must_staple_extension": false, + "leaf_certificate_is_ev": false, + "leaf_certificate_signed_certificate_timestamps_count": 0, + "leaf_certificate_subject_matches_hostname": true, + "ocsp_response": null, + "ocsp_response_is_trusted": null, + "path_validation_results": [ + { + "openssl_error_string": "certificate has expired", + "trust_store": { + "ev_oids": null, + "name": "Android", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/google_aosp.pem", + "version": "12.0.0_r3" }, - "status": "COMPLETED" - }, - "elliptic_curves": { - "error_reason": null, - "error_trace": null, - "result": { - "rejected_curves": [ - { - "name": "X25519", - "openssl_nid": 1034 - }, - { - "name": "X448", - "openssl_nid": 1035 - }, - { - "name": "prime192v1", - "openssl_nid": 409 - }, - { - "name": "secp160k1", - "openssl_nid": 708 - }, - { - "name": "secp160r1", - "openssl_nid": 709 - }, - { - "name": "secp160r2", - "openssl_nid": 710 - }, - { - "name": "secp192k1", - "openssl_nid": 711 - }, - { - "name": "secp224k1", - "openssl_nid": 712 - }, - { - "name": "secp224r1", - "openssl_nid": 713 - }, - { - "name": "secp256k1", - "openssl_nid": 714 - }, - { - "name": "secp384r1", - "openssl_nid": 715 - }, - { - "name": "secp521r1", - "openssl_nid": 716 - }, - { - "name": "sect163k1", - "openssl_nid": 721 - }, - { - "name": "sect163r1", - "openssl_nid": 722 - }, - { - "name": "sect163r2", - "openssl_nid": 723 - }, - { - "name": "sect193r1", - "openssl_nid": 724 - }, - { - "name": "sect193r2", - "openssl_nid": 725 - }, - { - "name": "sect233k1", - "openssl_nid": 726 - }, - { - "name": "sect233r1", - "openssl_nid": 727 - }, - { - "name": "sect239k1", - "openssl_nid": 728 - }, - { - "name": "sect283k1", - "openssl_nid": 729 - }, - { - "name": "sect283r1", - "openssl_nid": 730 - }, - { - "name": "sect409k1", - "openssl_nid": 731 - }, - { - "name": "sect409r1", - "openssl_nid": 732 - }, - { - "name": "sect571k1", - "openssl_nid": 733 - }, - { - "name": "sect571r1", - "openssl_nid": 734 - } - ], - "supported_curves": [ - { - "name": "prime256v1", - "openssl_nid": 415 - } - ], - "supports_ecdh_key_exchange": true + "verified_certificate_chain": null, + "was_validation_successful": false + }, + { + "openssl_error_string": "certificate has expired", + "trust_store": { + "ev_oids": null, + "name": "Apple", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/apple.pem", + "version": "iOS 15, iPadOS 15, macOS 12, tvOS 15, and watchOS 8" }, - "status": "COMPLETED" - }, - "heartbleed": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_heartbleed": false + "verified_certificate_chain": null, + "was_validation_successful": false + }, + { + "openssl_error_string": "certificate has expired", + "trust_store": { + "ev_oids": null, + "name": "Java", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/oracle_java.pem", + "version": "jdk-13.0.2" }, - "status": "COMPLETED" - }, - "http_headers": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "openssl_ccs_injection": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_ccs_injection": false + "verified_certificate_chain": null, + "was_validation_successful": false + }, + { + "openssl_error_string": "certificate has expired", + "trust_store": { + "ev_oids": [ + { + "dotted_string": "1.2.276.0.44.1.1.1.4", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.392.200091.100.721.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.40.0.17.1.22", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.616.1.113527.2.5.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.159.1.17.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.13177.10.1.3.10", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14370.1.6", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14777.6.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14777.6.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.14.2.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.14.2.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.8.12.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.8.12.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.22234.2.5.2.3.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.23223.1.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.29836.1.10", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.3", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.4", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.36305.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.40869.1.1.22.3", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.4146.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.4788.2.202.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.6334.1.100.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.6449.1.2.1.5.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.782.1.2.1.8.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.7879.13.24.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.8024.0.2.100.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.156.112554.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.528.1.1003.1.2.7", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.578.1.26.1.3.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.756.1.83.21.0", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.756.1.89.1.2.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.792.3.0.3.1.1.5", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.792.3.0.4.1.1.4", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.113733.1.7.23.6", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.113733.1.7.48.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114028.10.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114171.500.9", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114404.1.1.2.4.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114412.2.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114413.1.7.23.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114414.1.7.23.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114414.1.7.24.3", + "name": "Unknown OID" + } + ], + "name": "Mozilla", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/mozilla_nss.pem", + "version": "2021-09-25" }, - "status": "COMPLETED" - }, - "robot": { - "error_reason": null, - "error_trace": null, - "result": { - "robot_result": "NOT_VULNERABLE_NO_ORACLE" + "verified_certificate_chain": null, + "was_validation_successful": false + }, + { + "openssl_error_string": "certificate has expired", + "trust_store": { + "ev_oids": null, + "name": "Windows", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/microsoft_windows.pem", + "version": "2021-09-25" + }, + "verified_certificate_chain": null, + "was_validation_successful": false + } + ], + "received_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFSzCCBDOgAwIBAgIQSueVSfqavj8QDxekeOFpCTANBgkqhkiG9w0BAQsFADCB\nkDELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G\nA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxNjA0BgNV\nBAMTLUNPTU9ETyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD\nQTAeFw0xNTA0MDkwMDAwMDBaFw0xNTA0MTIyMzU5NTlaMFkxITAfBgNVBAsTGERv\nbWFpbiBDb250cm9sIFZhbGlkYXRlZDEdMBsGA1UECxMUUG9zaXRpdmVTU0wgV2ls\nZGNhcmQxFTATBgNVBAMUDCouYmFkc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAMIE7PiM7gTCs9hQ1XBYzJMY61yoaEmwIrX5lZ6xKyx2PmzA\nS2BMTOqytMAPgLaw+XLJhgL5XEFdEyt/ccRLvOmULlA3pmccYYz2QULFRtMWhyef\ndOsKnRFSJiFzbIRMeVXk0WvoBj1IFVKtsyjbqv9u/2CVSndrOfEk0TG23U3AxPxT\nuW1CrbV8/q71FdIzSOciccfCFHpsKOo3St/qbLVytH5aohbcabFXRNsKEqveww9H\ndFxBIuGa+RuT5q0iBikusbpJHAwnnqP7i/dAcgCskgjZjFeEU4EFy+b+a1SYQCeF\nxxC7c3DvaRhBB0VVfPlkPz0sw6l865MaTIbRyoUCAwEAAaOCAdUwggHRMB8GA1Ud\nIwQYMBaAFJCvajqUWgvYkOoSVnPfQ7Q6KNrnMB0GA1UdDgQWBBSd7sF7gQs6R2lx\nGH0RN5O8pRs/+zAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE\nFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgwRjA6BgsrBgEEAbIxAQIC\nBzArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAI\nBgZngQwBAgEwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5jb21vZG9jYS5j\nb20vQ09NT0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCB\nhQYIKwYBBQUHAQEEeTB3ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LmNvbW9kb2Nh\nLmNvbS9DT01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0\nMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wIwYDVR0RBBww\nGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBq\nevHa/wMHcnjFZqFPRkMOXxQhjHUa6zbgH6QQFezaMyV8O7UKxwE4PSf9WNnM6i1p\nOXy+l+8L1gtY54x/v7NMHfO3kICmNnwUW+wHLQI+G1tjWxWrAPofOxkt3+IjEBEH\nfnJ/4r+3ABuYLyw/zoWaJ4wQIghBK4o+gk783SHGVnRwpDTysUCeK1iiWQ8dSO/r\nET7BSp68ZVVtxqPv1dSWzfGuJ/ekVxQ8lEEFeouhN0fX9X3c+s5vMaKwjOrMEpsi\n8TRwz311SotoKQwe6Zaoz7ASH1wq7mcvf71z81oBIgxw+s1F73hczg36TuHvzmWf\nRwxPuzZEaFZcVlmtqoq8\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "QEu9Lx9Mwv3u8Tqr3VI+9h8ccfM=", + "fingerprint_sha256": "uhBc4CusdoiOzuR81Ot5QWU+msmTthsus9zIIBTSG08=", + "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=GB", + "value": "GB" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=Greater Manchester", + "value": "Greater Manchester" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=Salford", + "value": "Salford" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=COMODO CA Limited", + "value": "COMODO CA Limited" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=COMODO RSA Domain Validation Secure Server CA", + "value": "COMODO RSA Domain Validation Secure Server CA" + } + ], + "rfc4514_string": "CN=COMODO RSA Domain Validation Secure Server CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB" + }, + "not_valid_after": "2015-04-12T23:59:59", + "not_valid_before": "2015-04-09T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 + }, + "serial_number": 99565320202650452861752791156765321481, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=Domain Control Validated", + "value": "Domain Control Validated" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=PositiveSSL Wildcard", + "value": "PositiveSSL Wildcard" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.badssl.com", + "value": "*.badssl.com" + } + ], + "rfc4514_string": "CN=*.badssl.com,OU=PositiveSSL Wildcard,OU=Domain Control Validated" }, - "status": "COMPLETED" - }, - "session_renegotiation": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_client_renegotiation_dos": false, - "supports_secure_renegotiation": true + "subject_alternative_name": { + "dns": ["*.badssl.com", "badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGCDCCA/CgAwIBAgIQKy5u6tl1NmwUim7bo3yMBzANBgkqhkiG9w0BAQwFADCB\nhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G\nA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV\nBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMjEy\nMDAwMDAwWhcNMjkwMjExMjM1OTU5WjCBkDELMAkGA1UEBhMCR0IxGzAZBgNVBAgT\nEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR\nQ09NT0RPIENBIExpbWl0ZWQxNjA0BgNVBAMTLUNPTU9ETyBSU0EgRG9tYWluIFZh\nbGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP\nADCCAQoCggEBAI7CAhnhoFmk6zg1jSz9AdDTScBkxwtiBUUWOqigwAwCfx3M28Sh\nbXcDow+G+eMGnD4LgYqbSRutA776S9uMIO3Vzl5ljj4Nr0zCsLdFXlIvNN5IJGS0\nQa4Al/e+Z96e0HqnU4A7fK31llVvl0cKfIWLIpeNs4TgllfQcBhglo/uLQeTnaG6\nytHNe+nEKpooIZFNb5JPJaXyejXdJtxGpdCsWTWM/06RQ1A/WZMebFEh7lgUq/51\nUHg+TLAchhP6a5i84DuUHoVS3AOTJBhuyydRReZw3iVDpA3hSqXttn7IzW3uLh0n\nc13cRTCAquOyQQuvvUSH2rnlG51/ruWFgqUCAwEAAaOCAWUwggFhMB8GA1UdIwQY\nMBaAFLuvfgI9+qbxPISOre44mOzZMjLUMB0GA1UdDgQWBBSQr2o6lFoL2JDqElZz\n30O0Oija5zAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV\nHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgG\nBmeBDAECATBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNv\nbS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcB\nAQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9E\nT1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21v\nZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIBAE4rdk+SHGI2ibp3wScF9BzWRJ2p\nmj6q1WZmAT7qSeaiNbz69t2Vjpk1mA42GHWx3d1Qcnyu3HeIzg/3kCDKo2cuH1Z/\ne+FE6kKVxF0NAVBGFfKBiVlsit2M8RKhjTpCipj4SzR7JzsItG8kO3KdY3RYPBps\nP0/HEZrIqPW1N+8QRcZs2eBelSaz662jue5/DJpmNXMyYE7l3YphLG5SEXdoltMY\ndVEVABt0iN3hxzgEQyjpFv3ZBdRdRydg1vs4O2xyopT4Qhrf7W8GjEXCBgCq5Ojc\n2bXhc3js9iPc0d1sjhqPpepUfJa3w/5Vjo1JXvxku88+vZbrac2/4EjxYoIQ5QxG\nV/Iz2tDIY+3GH5QFlkoakdH368+PUq4NCNk+qKBR6cGHdNXJ93SrLlP7u3r7l+L4\nHyaPs9Kg4DdbKDsx5Q5XLVq4rXmsXiBmGqW5prU5wfWYQ//u+aen/e7KJD2AFsQX\nj4rBYKEMrltDR5FL1ZoXX/nUh8HCjLfn4g8wGTeGrODcQgPmlKidrv0PJFGUzpII\n0fxQ8ANAe4hZ7Q7drNJ3gjTcBpUC2JD5Leo31Rpg0Gcg19hCC0Wvgmje3WYkN5Ap\nlBlGGSW4gNfL1IYoakRwJiNiqZ+Gb7+6kHDSVneFeO/qJakXzlByjAA6quPbYzSf\n+AZxAeKCINT+b72x\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "M5zdV8/VsUEWm2Ff8xQoeC0dpjk=", + "fingerprint_sha256": "AqtX5OZ6DLSN0v80gw6KxA9EdvsIymvj9c2Eb2RoQPA=", + "hpkp_pin": "klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=GB", + "value": "GB" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=Greater Manchester", + "value": "Greater Manchester" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=Salford", + "value": "Salford" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=COMODO CA Limited", + "value": "COMODO CA Limited" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=COMODO RSA Certification Authority", + "value": "COMODO RSA Certification Authority" + } + ], + "rfc4514_string": "CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB" }, - "status": "COMPLETED" - }, - "session_resumption": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "ssl_2_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_RC4_128_WITH_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "SSL_CK_RC4_128_EXPORT40_WITH_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_RC2_128_CBC_WITH_MD5", - "openssl_name": "RC2-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_IDEA_128_CBC_WITH_MD5", - "openssl_name": "IDEA-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "SSL_CK_DES_64_CBC_WITH_MD5", - "openssl_name": "DES-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "SSL_CK_DES_192_EDE3_CBC_WITH_MD5", - "openssl_name": "DES-CBC3-MD5" - }, - "error_message": "Server rejected the connection" - } - ], - "tls_version_used": "SSL_2_0" + "not_valid_after": "2029-02-11T23:59:59", + "not_valid_before": "2014-02-12T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 18021508317891126045114383893640587389787314988023771299021472384098480478916503597778296613150634219765052113517870635171403307225477983047468706279013651027886500159485348697094115927961850381525182009137128777951162358715158533528593200093291791323275973789174789209802980910482500744419318360338528025872227868058578212418244189425301367382232973595110901594292490129763308095314503250053957090379265992785603931784956681691284995547158646635183735467516188519673313343149548166538558424521681954529559978463371620234598058977077392872218941503229331579208118464720991080636709101634982701306129953489796945248933 }, - "status": "COMPLETED" - }, - "ssl_3_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "SSL_3_0" + "serial_number": 57397899145990363081023081275480378375, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.12", + "name": "sha384WithRSAEncryption" }, - "status": "COMPLETED" - }, - "tls_1_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BLvhBsFtwgwfM6dSvM4W9dZEsQIIaRhVhAKOKn8nok5URyguB3NLVSB+GxdNvtkRLk37sir2zfr7zHnm/u0/0Sk=", - "size": 256, - "type_name": "ECDH", - "x": "u+EGwW3CDB8zp1K8zhb11kSxAghpGFWEAo4qfyeiTlQ=", - "y": "RyguB3NLVSB+GxdNvtkRLk37sir2zfr7zHnm/u0/0Sk=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BG70+hW83to6m8WFSv7oHVEJV5Jjl+3WQcSwdVH92V+OxPBUn+cfbMqdqwCSGM8UkbpOpvA1ewM7xIY1ebZxnUs=", - "size": 256, - "type_name": "ECDH", - "x": "bvT6Fbze2jqbxYVK/ugdUQlXkmOX7dZBxLB1Uf3ZX44=", - "y": "xPBUn+cfbMqdqwCSGM8UkbpOpvA1ewM7xIY1ebZxnUs=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BJF55LPrrmbc7uYWBEQ4NFHIJzSga18A18UEZa4r4eAav6R02foJM2KK+ZCtYHDJlnfEKV2jUK4Bf/yAlNL6WOI=", - "size": 256, - "type_name": "ECDH", - "x": "kXnks+uuZtzu5hYERDg0UcgnNKBrXwDXxQRlrivh4Bo=", - "y": "v6R02foJM2KK+ZCtYHDJlnfEKV2jUK4Bf/yAlNL6WOI=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "hnkXKKuJenQ2RwHbztIjDTg22yzSWwzYttlBvrndf9WhBPafbq7M670Zx0CUFC/EuvtHksruMJTustE3WJORRiEImPMWD64lJwlYAz8anUfu3fL1yGZe1uz6oLiHmfibAKSQ0PB8ReT7k4Q+N1Y7u9oWnB0otOnCJkkEtTwQ78oYsMqmhUSwqLTo90v8I+nBXGwMgc3l3QtvLApWoeYmAd4P3PuCS21+thwAnZfes7vW+pmMfvYUVRjc4GfquYEAxa0ZH4sWtXlZIVPzpf4+8YWUVAujd8cZM3yIgWCRRL5F0k/x1BxhRTY5N+qb1mSmLAXWxoHgqsFcjv5mcz7OsQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "Ql0FqRJL6ZhqBWCV/7fw3FK+27mz+rJVWyuW5Z8x7OInB9v8d/+wnuWrXNDg393RSbhFCfKlZMULfKr79yAgEtkzIOIMdzcFWj/4tZJoL8Q/kVXEKkNzBYcZQygxOLG1bke7pIIF6ZakMHr5ypnPeb3voDvuwue4eDvWED8QE+nYcES3dbupMdXBFbrPfQO59P7q9KdP1s/sIJbEpcb6PnSeR9o7Oc6Bo3UGdLkOEc47MlAfMX3sVJkdDQcwXwAUwbISpv++AjgFunJakqpYmG0Xfvsd2TGIM4hVzZ5W80BaT2LIP3Xt9z7q2PHlCIUEYhq45Tloep5W4r+FCQAnzw==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "EY10JTsuPIge1DrxR2ImFWpPmqT0Xw8CMXqUbC/C+BH0qcqL94BA1GSSepSv60oCG7upy4GBYdw9dCyIhtpa7oezadDL63N1AGwus99MHnV34qvTZP5zYYaEw+7107Pjk2Hv3dKU3FBRtEGIVBsrPqY7mbjpdNNh14OAGZEvhLlFoHpAHb9fCQgJ71R8i5tmfHd5g8+6d7yX1U0ZCzTqHbGYlimpIeKEDkuDugwt9+r79w08hrzuzBSAdqPUkG/Mp+Q5ROqroWYvEYflcF/KHoSoQAW4OzZtJFUFuTUggSV1G7j9dfyigE1XKe/OWbbraHuvzWszaYSnGEGi3W1OIw==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "bT+ATl7+3y2SJ/BlnegYCSrkeiXFDSKcfqgz5v8VsRFZnwdQNPk+GpFvLmkAMK2hTuKhjx15pPWWE3XTzXEoiWR2iiTG5L8JEayvCbp9gWGD58at+JrQlHL2TLwMJZGW7wiGeoOVFwJUQCgo8avYgK5cNf1scb+NDT5xvH6P6R17hARBj0Qv8DQBu/AFSTaGz8YnwA57TabC5L2icW3MZRm+skBtM381wUpA1iE/+IGhVth2I2f2LgWm0fkMvIsn29QTfhjn7lT93iUbGDKKN6fO+YFtA7ZKw4NkzdDBQ0Nc9Z+yYnKxy/X1t4k2V10SukXEh130foMifIQA81hA0A==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_0" + "signature_hash_algorithm": { + "digest_size": 48, + "name": "sha384" }, - "status": "COMPLETED" - }, - "tls_1_1_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BHpk+nCCDVVhxxH+txtM11AmL5huCb5NN2sfLAeoRxn3H2U5eyAcOZi0Ug9ddh5UOb/lKX6zQWS6nXf2TOf9ySM=", - "size": 256, - "type_name": "ECDH", - "x": "emT6cIINVWHHEf63G0zXUCYvmG4Jvk03ax8sB6hHGfc=", - "y": "H2U5eyAcOZi0Ug9ddh5UOb/lKX6zQWS6nXf2TOf9ySM=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BE0rUepmIujOQ/I6XQpqL/2B+L/8d1i8ypkauvQIrt5SOWnDS91gCdj6P7jr7LwCKPIGbVndeTb1LNmNGBM/WLs=", - "size": 256, - "type_name": "ECDH", - "x": "TStR6mYi6M5D8jpdCmov/YH4v/x3WLzKmRq69Aiu3lI=", - "y": "OWnDS91gCdj6P7jr7LwCKPIGbVndeTb1LNmNGBM/WLs=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BJQ39t5/xh6wYHss3nXyOoH0uN+fdVYnWX7OKxhRRBJwHE9lqqF5GXE1gAE6Iq4U7wYQ028JK0RaDMM3I3DBtKg=", - "size": 256, - "type_name": "ECDH", - "x": "lDf23n/GHrBgeyzedfI6gfS43591VidZfs4rGFFEEnA=", - "y": "HE9lqqF5GXE1gAE6Iq4U7wYQ028JK0RaDMM3I3DBtKg=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "sMQRA2RA9MOm3P1S7mSRyS+gcLPJRpf4E7xDiQOwLXpAdyPrX92pbj1jhccn4ZV/vI7jMa4qbV71RFnAOVjs+4ttwKFfy1/w4OiaFK3pfA2ju1i8NuzuaLc34L4BCF3f50aN/u4rFYE2ntzgf56f2ICnVpWWcWlIc09AwpXi3I9gIBDEoDFqWjfLgvrVxK+/KIq7wJbrP7eLVcht8d6seYYxv2Z2nhLKZgr8T+T1ubIVeoIHTWzV9vN5FvvYvgUEoqkD6xp0FD0XPDnrWFBkcm5WwN1H99EmMmIMhxskTHCVGalkWC+qGzAnvy2Z+2B1nYpPDISUIsS8QHf7xyRz2A==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "IuE+vywBbTd/ZfSeIl8Sb3Dv+7bGNZ0tOL5tygQitUmDwk5wd7otfldo9PY9luhI5i/IjS4zN5mbmwn3J6uIMdQ95LdCB+9h16ZCBUsW3BILHk88+PKVy5o7l587cGhxXVqpsKnf5qi2YJF/TNilR7gZDp1ryDZVCWBULqxf5cv7jCXw/8aH/CRNujCCQLDrkGqy45peEuaL1m36wucjaWA8w5cb16OhVC6dQ34Kx6O8BF3Q6/BMpkSpUyXAbqaQatuxia67lUE0f1LFoCS6OojXfJjAb7NmJcF61sYIZ3YoDUT2ZgZwoRwouAQJkFHjWJ8CZFl/oq4eUTap2trU7g==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "FkOz2y14+w3N0Gya2HBHRqv05u0ChpuBE/XQGz6J7mrsYHoksdVtfC7N+2B5NqCtx3TEcYKYHojXeElgW6n/Zxg0ZRkSr1E8Nuy4SvElAS9xVQXHszb0JwzbBBXU5Yw1UR0uYAQyGY1ip/P88C9sI8A3ww5+/eb2avt2raxdtYzb/t1uu/pxLy74s1ygy38MtD1Bq0L+zQOSAryLdRvVIVyOdJyCSqntN1bLNYl8qEmRV7uaArV76mYfFL5tntvOdhItMIq8wmKwMjQmNSM9T8s9OGK+MAXyzqQIgv5OBoncE+93V1ocbCekE5+8fqGgx6loli9Z0MX3v6r+a0dO+g==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "lS9AZuRZttoaYel45plQPwrbruWWzOg9UKiJIrRTxE5AhTM78gd6BJ/OEsvUqiBYQMktbtSPt13Z7jMaNd2VpiwQDMfOPrpkrNDLTX0fOpV0m6rVpEmQfqRcmSaeYPXmdeUjHqSUdflQseD1w1OihAKmKBevhJx57/R3ItSA6+YAWMwwzP5gh2GHVuktj5Upoc7b6C53CAeSSuQ1doG5yAR4bcsFLHJxAZXeMe21atsIstF5C/dcd9gpA6o8y0j29tzvS/ShvV0+ATCnqmKHAyswMqjiBuJrXsh9+fw4L0J2inxBTHTEwVjljUVjL38GxM3x+GpLlaY4O6gXUUewoQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_1" + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=GB", + "value": "GB" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=Greater Manchester", + "value": "Greater Manchester" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=Salford", + "value": "Salford" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=COMODO CA Limited", + "value": "COMODO CA Limited" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=COMODO RSA Domain Validation Secure Server CA", + "value": "COMODO RSA Domain Validation Secure Server CA" + } + ], + "rfc4514_string": "CN=COMODO RSA Domain Validation Secure Server CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB" }, - "status": "COMPLETED" - }, - "tls_1_2_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "AES256-GCM-SHA384" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "AES256-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "AES128-GCM-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "AES128-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDHE-RSA-AES256-GCM-SHA384" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BKkxhYCdIYJ8JAzkcFM0dNljDQ9FmY6Plc3YlooYszYwX9/2frpTtVaKvSY374OtCDmjvifJBwBi7oI0sTZHLRg=", - "size": 256, - "type_name": "ECDH", - "x": "qTGFgJ0hgnwkDORwUzR02WMND0WZjo+VzdiWihizNjA=", - "y": "X9/2frpTtVaKvSY374OtCDmjvifJBwBi7oI0sTZHLRg=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDHE-RSA-AES256-SHA384" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BFos5xBGV2MYzys7gsmreIrtcJ6/I6Qinmn50b2/IrXHs2hPIUwQks7EAOI6MBxRxmTiXblvH4ilIpV06vuXHSU=", - "size": 256, - "type_name": "ECDH", - "x": "WiznEEZXYxjPKzuCyat4iu1wnr8jpCKeafnRvb8itcc=", - "y": "s2hPIUwQks7EAOI6MBxRxmTiXblvH4ilIpV06vuXHSU=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BCWd4VHuwJ8tAWpV7QkRIz4NucuUWTAbAbRKwZtTaxPuJTDRgtTJYuaSb++q6wQ62W7MTdFHRnz6R1kBl8ukpMs=", - "size": 256, - "type_name": "ECDH", - "x": "JZ3hUe7Any0BalXtCREjPg25y5RZMBsBtErBm1NrE+4=", - "y": "JTDRgtTJYuaSb++q6wQ62W7MTdFHRnz6R1kBl8ukpMs=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDHE-RSA-AES128-GCM-SHA256" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BIBq9LgHjJo+XwTMM0ULwdvQnKcaXHeuAUpAU2MGupIdCy3RdbEe/jQWfNYHUyYb2fpXSmRb+Im9ej3kyycfVsU=", - "size": 256, - "type_name": "ECDH", - "x": "gGr0uAeMmj5fBMwzRQvB29Ccpxpcd64BSkBTYwa6kh0=", - "y": "Cy3RdbEe/jQWfNYHUyYb2fpXSmRb+Im9ej3kyycfVsU=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDHE-RSA-AES128-SHA256" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BAAXU5KV2aEx0pqj2VoGU86Q1DtBkE1OAeiCd0uOG7WPF6fAPJeTdf17xH5rEympZnK440VH34UJGmoXkz/Y43Q=", - "size": 256, - "type_name": "ECDH", - "x": "F1OSldmhMdKao9laBlPOkNQ7QZBNTgHogndLjhu1jw==", - "y": "F6fAPJeTdf17xH5rEympZnK440VH34UJGmoXkz/Y43Q=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BBGBy7rMgGmzg4rgS8SN9pmHmsuNBzZMNIcg+qFmDSr+3eIbjBMXWX2zm9PS0vf6Pa2hWP0QdctpUFf2OPQlziI=", - "size": 256, - "type_name": "ECDH", - "x": "EYHLusyAabODiuBLxI32mYeay40HNkw0hyD6oWYNKv4=", - "y": "3eIbjBMXWX2zm9PS0vf6Pa2hWP0QdctpUFf2OPQlziI=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BDKzBbTOl8NEkMbOII9Se36pq0FWb9uaGXB5hDyNsPmvXPSbU7JwlDy/XYi9YYknzcyRCCk+oD8XCP3c7ytJ5ig=", - "size": 256, - "type_name": "ECDH", - "x": "MrMFtM6Xw0SQxs4gj1J7fqmrQVZv25oZcHmEPI2w+a8=", - "y": "XPSbU7JwlDy/XYi9YYknzcyRCCk+oD8XCP3c7ytJ5ig=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "YIgwOvLMjYOg5kDwH1yx0SUe5S9SsFV1gLXcljKfyJHRHD6p04QlOLFXvTMYmA9YNw3hnRQbkK8Rc4j4AZ4uqNw7OYmG1YFHTSUH+leDDpaAI1jh2vosRIi8aIlMwca3PxHXz3H9zbOvls4OvXSgq+jQTWpf9zjfT77oDwISQSIoxCgzj2WLm1ZtZLKcV77PxS3DbiNbbpiIF/r8psKslRHJtjOys5rgHW2GKPcrCX9urD2Up0yE09qHGIOuWsKpGmDWueOOBcusJdoR4F/WosWXIoaulCpcot06eBf0w1pd/mkvmiMHTYNudLiYyCo1K2BPp0H0SuCovEdQbBbOwg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "sKjMRrE+L8xX6lQZiikB64SK9vJgj0Nah8ESrbl/35ymeNPg0EqVk7f8lrWfw7chis5J1/yuHAwHZZJw+bp6vyK/muZIJ8ecGI+ClzY51aLKcs34DclerGYhzfET+nwt06W5qET0fqMfmaEV9JTWQwnAiFZrgt6doyLX2sxMaIUmUQQum9Ki7x9IusiTBnpjlYfDZ4k5xcvwKPwZlZ5O3yCR/mdYzTmWIicAcWWeJha3ZDnFcquXWkUJyE+uk5OgEp9niMHGAWN+J/d67cMr0AbP4bV5qkdZXaMCtsOLtwAUOHRAENQnAqanUJ+VXUgCqwJiTluy7zqXK/d+48EKQQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "DHE-RSA-AES256-GCM-SHA384" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "t8w1faQ+NIO62dATQkXBe6796aMbqohFdzcLMGVJyEFqYwqBzXcTQReItadCJBgmpHnC7AgUO0Z1xbYxGFc2Aw3oGLCtodrP5oE3aXNRR5PHMWyevoL/++qnQ3X13Tgl+TcwR0iiyQgTONYlnj8dSHVpD/K5IPKYSTCODBiCmTEOk5RFjGAS6jqTYg/iF/ssKZCwFla0XjOIbXbKqjJRvreNcqiYmIaDKtY2o+MDCQ+QSool2A2O9d9t0LNAUlk7wt6xag64V9P4yqbiUtY2llOSJC+K3tktfxrRQ9r4/jn0aL/71oEcvhedYBWMMfgZNNhxrHP65ssOLFi410zXbQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "DHE-RSA-AES256-SHA256" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "Ma2JY2Kc6O3F7QyB9i0JPcZcO5b7mhcprSoU0nDvuYLf9kx+AGIiHZtl9eT+Y23Tp2nmVhHVs7L4EuvXwIYvrYDpdAQmnWp8LAlSKDoh8g1N7mFgF8AerGNzCzt/71s3mpywA0CfF9OpowoQ5rimYXE3D1OqwGJ7XJ+VcGGpL9XSRdaatwUOGBYL4VOtGHsqGFy4ivQmrQntILmWA/6GUg1PhsEaUTVV4QmMjBFbkN80HRe+hb3AItoXNsRe9fqlx+QQ19wtw9ZoxOono75fTmwidZsqMatBaSPsQS0aJEG3n7C6h/y8hczBM0tFikrXSI5NZ+O3AmIQylbV7b+mgg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "iGTjMCFcc/PJaVDjXjn8x3Gnw5+IJkIVNGqMWwu71Kzsa/Fjm7TlnFeu0RPflidcdyAVny+pjH5E/UDff/Q3sYQ/vEpHRGCWkm8GRHEo6jo6ZB73GKlDtSfsibwwvUqNmYK0/78yCdJxrxG3T2cuLKfJCdyggIpV00oEew+OoqdfbrxiwNGH0lZLIh2WBIyWz+SgTcHuXPKkKaoQzUF+oe5f4bLEpDLWvhrRVXEYHhgyy9AQiTTDEHOECLUX33YGZoNc2UxmL0dgMGK259lUQGJujWiBxcmE2NwHaPq7qH+esgpvKi8P+MkAtHVWpdQkbkCysFfYtDHzrfSnyDTBfw==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "DHE-RSA-AES128-GCM-SHA256" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "j4AvQyY+Uplt94y+5HOiCUQoDckxWuurMRAdvJhAcaO/4jZffpe1gtk95pjm0IBlQeimjkgF41lVUcouSnmxvDzHayx5sa8M10QKFBBHrhFDy9UFDWGk13uc0NkRyEV0xlaVtp1mrotwPZ2tu+dMkCKeGXu7TxuIuLTMVI4fayIpCfOE3o/pYFqmQ93tkN8zUHYMl+XLdiv3cMKvc+Beuxu9DOkJMdPpQD8EFWBDgqsBLmKUVrT1S0tKHZrGotG0B6xG1dyGUwHQIuaVL8oOii1XN36E9C89iro6iUmMvCP2pV1Sx43Exn+HoJzFbvFA3GCQMWtebXpzxgSLzYjhQg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "DHE-RSA-AES128-SHA256" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "M9yExOk0AhXADYFrA1XKN8g7vvxaNs0K5Sa2kypueWJabmKRwM2HAcSCQyLtCx3mVKhx8P/28sjsDOIAgjnM7SGwIa2kbUvYbW6pz5B5pd2WkfQrRCj5X/faOeE1mBuuPKCVdR6z/XYLvkXY5trH2QSsMzPwQa3VaRwOqiT47ubN/z+OCssCoFR6WsThHIwaSMpghse8jEQLvJYdsuxl0eTw3Ynj0bVEIvRa+Bl9y0RIi0QgFvlDv1CoQIIujw3Y9LxGoaRTOuHI2/nyNzSgf2JW+dqa3I7IKALXSVJXpV1MFhll9ZGQKrEasSFlrmydwAs5ol+fgipw1jlNagPNFA==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "lwur4gIP9h+mQumyWpcAQs1El2kwcNfB3ICOpEqVJ3JysjgF4igIELHgQcOgrymPTUkbdl1oZ2aoA5YDVpCuOCpO7equdyZghoMBbKRhy4c1k4HodKwtTK5XO8Z2JAeX3OX2iUAPxxURQJH+JAh+rhcuBK5eo9AdySMWz5OYb0kPjteqM5sawXyLBgJAPRnwMlXGbC3S6Sb1M/wBpIS3OltSxC6ALXdItuaLPOUCV7XLtOKJCsj2RD2sCZnBXP4h5Sajhqj5xFzAd+akV2iFLRRnHAk0DENFlkWTg7F0oodn+MkN2NCVddBczk0nD+NU14xC5idiH+0xYcgbHfx4Fg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA256", - "openssl_name": "NULL-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_256_CCM_8", - "openssl_name": "AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CCM", - "openssl_name": "AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CCM_8", - "openssl_name": "AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CCM", - "openssl_name": "AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDH-RSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDH-RSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDH-RSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDH-RSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDH-ECDSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDH-ECDSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDH-ECDSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDH-ECDSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "ECDHE-RSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", - "openssl_name": "ECDHE-RSA-CAMELLIA256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "ECDHE-RSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ECDHE-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ECDHE-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "ECDHE-ECDSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", - "openssl_name": "ECDHE-ECDSA-CAMELLIA256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "ECDHE-ECDSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ECDHE-ECDSA-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ECDHE-ECDSA-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDHE-ECDSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", - "openssl_name": "ECDHE-ECDSA-AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", - "openssl_name": "ECDHE-ECDSA-AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDHE-ECDSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDHE-ECDSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", - "openssl_name": "ECDHE-ECDSA-AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", - "openssl_name": "ECDHE-ECDSA-AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDHE-ECDSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_GCM_SHA384", - "openssl_name": "ADH-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA256", - "openssl_name": "ADH-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_GCM_SHA256", - "openssl_name": "ADH-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA256", - "openssl_name": "ADH-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "DH-RSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "DH-RSA-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "DH-RSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "DH-RSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", - "openssl_name": "DH-DSS-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", - "openssl_name": "DH-DSS-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", - "openssl_name": "DH-DSS-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", - "openssl_name": "DH-DSS-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "DHE-RSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "DHE-RSA-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "DHE-RSA-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CCM_8", - "openssl_name": "DHE-RSA-AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CCM", - "openssl_name": "DHE-RSA-AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CCM_8", - "openssl_name": "DHE-RSA-AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CCM", - "openssl_name": "DHE-RSA-AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "DHE-DSS-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "DHE-DSS-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", - "openssl_name": "DHE-DSS-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", - "openssl_name": "DHE-DSS-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", - "openssl_name": "DHE-DSS-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", - "openssl_name": "DHE-DSS-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_2" + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFdDCCBFygAwIBAgIQJ2buVutJ846r13Ci/ITeIjANBgkqhkiG9w0BAQwFADBv\nMQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk\nZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF\neHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFow\ngYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO\nBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD\nVQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkq\nhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkehUktIKVrGsDSTdxc9EZ3SZKzejfSNw\nAHG8U9/E+ioSj0t/EFa9n3Byt2F/yUsPF6c947AEYe7/EZfH9IY+Cvo+XPmT5jR6\n2RRr55yzhaCCenavcZDX7P0N+pxs+t+wgvQUfvm+xKYvT3+Zf7X8Z0NyvQwA1onr\nayzT7Y+YHBSrfuXjbvzYqOSSJNpDa2K4Vf3qwbxstovzDo2a5JtsaZn4eEgwRdWt\n4Q08RWD8MpZRJ7xnw8outmvqRsfHIKCxH2XeSAi6pE6p8oNGN4Tr6MyBSENnTnIq\nm1y9TBsoilwie7SrmNnu4FGDwwlGTm0+mfqVF9p8M1dBPI1R7Qu2XK8sYxrfV8g/\nvOldxJuvRZnio1oktLqpVj3Pb6r/SVi+8Kj/9Lit6Tf7urj0Czr56ENCHonYhMsT\n8dm74YlguIwoVqwUHZwK53Hrzw7dPamWoUi9PPevtQ0iTMARgexWO/bTouJbt7IE\nIlKVgJNp6I5MZfGRAy1wdALqi2cVKWlSArvX31BqVUa/oKMoYX9w0MOiqiwhqkfO\nKJwGRXa/ghgntNWutMtQ5mv0TIZxMOmm3xaG4Nj/QN370EKIf6MzOi5cHkERgWPO\nGHFrK+ymircxXDpqR+DDeVnWIBqv8mqYqnK8V0rSS527EPywTEHl7R09XiidnMy/\ns1Hap0flhFMCAwEAAaOB9DCB8TAfBgNVHSMEGDAWgBStvZh6NLQm9/rEJlTvA73g\nJMtUGjAdBgNVHQ4EFgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQD\nAgGGMA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0gBAowCDAGBgRVHSAAMEQGA1UdHwQ9\nMDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9BZGRUcnVzdEV4dGVy\nbmFsQ0FSb290LmNybDA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAGGGWh0dHA6\nLy9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggEBAGS/g/FfmoXQ\nzbihKVcN6Fr30ek+8nYEbvFScLsePP9NDXRqzIGCJdPDoCpdTPW6i6FtxFQJdcfj\nJw5dhHk3QBN39bSsHNA7qxcS1u80GH4r6XnTq1dFDK8o+tDb5VCViLvfhVdpfZLY\nUspzgb8c8+a4bmYRBbMelC1/kZWSWfFMzqORcUx8Rww7Cxn2obFshj5cqsQugsv5\nB5a6SE2Q8pTIqXOi6wZ7I53eovNNVZ96YUWYGGjHXkBrI/V5eu+MtWuLt29G9Hvx\nPUsE2JOAWVrgQSQdso8VYFhH2+9uRv0V9dlfmrPb2LjkQLPNlzmuhbsdjrzch5vR\npu/xO28QOG8=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "9a0LzBrVbNFQclschmwwrZLvIbA=", + "fingerprint_sha256": "TzLV3AD3FSUKvMSGUR439QGomd6zv36orbvTrvHEEto=", + "hpkp_pin": "grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=SE", + "value": "SE" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=AddTrust AB", + "value": "AddTrust AB" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=AddTrust External TTP Network", + "value": "AddTrust External TTP Network" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=AddTrust External CA Root", + "value": "AddTrust External CA Root" + } + ], + "rfc4514_string": "CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE" }, - "status": "COMPLETED" - }, - "tls_1_3_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_CHACHA20_POLY1305_SHA256", - "openssl_name": "TLS_CHACHA20_POLY1305_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_AES_256_GCM_SHA384", - "openssl_name": "TLS_AES_256_GCM_SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_GCM_SHA256", - "openssl_name": "TLS_AES_128_GCM_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_CCM_SHA256", - "openssl_name": "TLS_AES_128_CCM_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_CCM_8_SHA256", - "openssl_name": "TLS_AES_128_CCM_8_SHA256" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_3" + "not_valid_after": "2020-05-30T10:48:38", + "not_valid_before": "2000-05-30T10:48:38", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 595250832037245141724642107398533641144111340640849154810839512193646804439589382557795096048235159392412856809181253983148280442751106836828767077478502910675291715965426418324395462826337195608826159904332409833532414343087397304684051488024083060971973988667565926401713702437407307790551210783180012029671811979458976709742365579736599681150756374332129237698142054260771585540729412505699671993111094681722253786369180597052805125225748672266569013967025850135765598233721214965171040686884703517711864518647963618102322884373894861238464186441528415873877499307554355231373646804211013770034465627350166153734933786011622475019872581027516832913754790596939102532587063612068091625752995700206528059096165261547017202283116886060219954285939324476288744352486373249118864714420341870384243932900936553074796547571643358129426474424573956572670213304441994994142333208766235762328926816055054634905252931414737971249889745696283503174642385591131856834241724878687870772321902051261453524679758731747154638983677185705464969589189761598154153383380395065347776922242683529305823609958629983678843126221186204478003285765580771286537570893899006127941280337699169761047271395591258462580922460487748761665926731923248227868312659 }, - "status": "COMPLETED" - }, - "tls_1_3_early_data": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "tls_compression": { - "error_reason": null, - "error_trace": null, - "result": { - "supports_compression": false + "serial_number": 52374340215108295845375962883522092578, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.12", + "name": "sha384WithRSAEncryption" }, - "status": "COMPLETED" + "signature_hash_algorithm": { + "digest_size": 48, + "name": "sha384" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=GB", + "value": "GB" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=Greater Manchester", + "value": "Greater Manchester" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=Salford", + "value": "Salford" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=COMODO CA Limited", + "value": "COMODO CA Limited" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=COMODO RSA Certification Authority", + "value": "COMODO RSA Certification Authority" + } + ], + "rfc4514_string": "CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "received_chain_contains_anchor_certificate": null, + "received_chain_has_valid_order": true, + "verified_certificate_chain": null, + "verified_chain_has_legacy_symantec_anchor": null, + "verified_chain_has_sha1_signature": null + } + ], + "hostname_used_for_server_name_indication": "expired.badssl.com" + }, + "status": "COMPLETED" + }, + "elliptic_curves": { + "error_reason": null, + "error_trace": null, + "result": { + "rejected_curves": [ + { + "name": "X25519", + "openssl_nid": 1034 + }, + { + "name": "X448", + "openssl_nid": 1035 + }, + { + "name": "prime192v1", + "openssl_nid": 409 + }, + { + "name": "secp160k1", + "openssl_nid": 708 + }, + { + "name": "secp160r1", + "openssl_nid": 709 + }, + { + "name": "secp160r2", + "openssl_nid": 710 + }, + { + "name": "secp192k1", + "openssl_nid": 711 + }, + { + "name": "secp224k1", + "openssl_nid": 712 + }, + { + "name": "secp224r1", + "openssl_nid": 713 + }, + { + "name": "secp256k1", + "openssl_nid": 714 + }, + { + "name": "secp384r1", + "openssl_nid": 715 + }, + { + "name": "secp521r1", + "openssl_nid": 716 + }, + { + "name": "sect163k1", + "openssl_nid": 721 + }, + { + "name": "sect163r1", + "openssl_nid": 722 + }, + { + "name": "sect163r2", + "openssl_nid": 723 + }, + { + "name": "sect193r1", + "openssl_nid": 724 + }, + { + "name": "sect193r2", + "openssl_nid": 725 + }, + { + "name": "sect233k1", + "openssl_nid": 726 + }, + { + "name": "sect233r1", + "openssl_nid": 727 + }, + { + "name": "sect239k1", + "openssl_nid": 728 + }, + { + "name": "sect283k1", + "openssl_nid": 729 + }, + { + "name": "sect283r1", + "openssl_nid": 730 + }, + { + "name": "sect409k1", + "openssl_nid": 731 + }, + { + "name": "sect409r1", + "openssl_nid": 732 + }, + { + "name": "sect571k1", + "openssl_nid": 733 + }, + { + "name": "sect571r1", + "openssl_nid": 734 + } + ], + "supported_curves": [ + { + "name": "prime256v1", + "openssl_nid": 415 + } + ], + "supports_ecdh_key_exchange": true + }, + "status": "COMPLETED" + }, + "heartbleed": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_heartbleed": false + }, + "status": "COMPLETED" + }, + "http_headers": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "openssl_ccs_injection": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_ccs_injection": false + }, + "status": "COMPLETED" + }, + "robot": { + "error_reason": null, + "error_trace": null, + "result": { + "robot_result": "NOT_VULNERABLE_NO_ORACLE" + }, + "status": "COMPLETED" + }, + "session_renegotiation": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_client_renegotiation_dos": false, + "supports_secure_renegotiation": true + }, + "status": "COMPLETED" + }, + "session_resumption": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "ssl_2_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_RC4_128_WITH_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "SSL_CK_RC4_128_EXPORT40_WITH_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_RC2_128_CBC_WITH_MD5", + "openssl_name": "RC2-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_IDEA_128_CBC_WITH_MD5", + "openssl_name": "IDEA-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "SSL_CK_DES_64_CBC_WITH_MD5", + "openssl_name": "DES-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "SSL_CK_DES_192_EDE3_CBC_WITH_MD5", + "openssl_name": "DES-CBC3-MD5" + }, + "error_message": "Server rejected the connection" + } + ], + "tls_version_used": "SSL_2_0" + }, + "status": "COMPLETED" + }, + "ssl_3_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "SSL_3_0" + }, + "status": "COMPLETED" + }, + "tls_1_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BLvhBsFtwgwfM6dSvM4W9dZEsQIIaRhVhAKOKn8nok5URyguB3NLVSB+GxdNvtkRLk37sir2zfr7zHnm/u0/0Sk=", + "size": 256, + "type_name": "ECDH", + "x": "u+EGwW3CDB8zp1K8zhb11kSxAghpGFWEAo4qfyeiTlQ=", + "y": "RyguB3NLVSB+GxdNvtkRLk37sir2zfr7zHnm/u0/0Sk=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BG70+hW83to6m8WFSv7oHVEJV5Jjl+3WQcSwdVH92V+OxPBUn+cfbMqdqwCSGM8UkbpOpvA1ewM7xIY1ebZxnUs=", + "size": 256, + "type_name": "ECDH", + "x": "bvT6Fbze2jqbxYVK/ugdUQlXkmOX7dZBxLB1Uf3ZX44=", + "y": "xPBUn+cfbMqdqwCSGM8UkbpOpvA1ewM7xIY1ebZxnUs=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BJF55LPrrmbc7uYWBEQ4NFHIJzSga18A18UEZa4r4eAav6R02foJM2KK+ZCtYHDJlnfEKV2jUK4Bf/yAlNL6WOI=", + "size": 256, + "type_name": "ECDH", + "x": "kXnks+uuZtzu5hYERDg0UcgnNKBrXwDXxQRlrivh4Bo=", + "y": "v6R02foJM2KK+ZCtYHDJlnfEKV2jUK4Bf/yAlNL6WOI=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "hnkXKKuJenQ2RwHbztIjDTg22yzSWwzYttlBvrndf9WhBPafbq7M670Zx0CUFC/EuvtHksruMJTustE3WJORRiEImPMWD64lJwlYAz8anUfu3fL1yGZe1uz6oLiHmfibAKSQ0PB8ReT7k4Q+N1Y7u9oWnB0otOnCJkkEtTwQ78oYsMqmhUSwqLTo90v8I+nBXGwMgc3l3QtvLApWoeYmAd4P3PuCS21+thwAnZfes7vW+pmMfvYUVRjc4GfquYEAxa0ZH4sWtXlZIVPzpf4+8YWUVAujd8cZM3yIgWCRRL5F0k/x1BxhRTY5N+qb1mSmLAXWxoHgqsFcjv5mcz7OsQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "Ql0FqRJL6ZhqBWCV/7fw3FK+27mz+rJVWyuW5Z8x7OInB9v8d/+wnuWrXNDg393RSbhFCfKlZMULfKr79yAgEtkzIOIMdzcFWj/4tZJoL8Q/kVXEKkNzBYcZQygxOLG1bke7pIIF6ZakMHr5ypnPeb3voDvuwue4eDvWED8QE+nYcES3dbupMdXBFbrPfQO59P7q9KdP1s/sIJbEpcb6PnSeR9o7Oc6Bo3UGdLkOEc47MlAfMX3sVJkdDQcwXwAUwbISpv++AjgFunJakqpYmG0Xfvsd2TGIM4hVzZ5W80BaT2LIP3Xt9z7q2PHlCIUEYhq45Tloep5W4r+FCQAnzw==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "EY10JTsuPIge1DrxR2ImFWpPmqT0Xw8CMXqUbC/C+BH0qcqL94BA1GSSepSv60oCG7upy4GBYdw9dCyIhtpa7oezadDL63N1AGwus99MHnV34qvTZP5zYYaEw+7107Pjk2Hv3dKU3FBRtEGIVBsrPqY7mbjpdNNh14OAGZEvhLlFoHpAHb9fCQgJ71R8i5tmfHd5g8+6d7yX1U0ZCzTqHbGYlimpIeKEDkuDugwt9+r79w08hrzuzBSAdqPUkG/Mp+Q5ROqroWYvEYflcF/KHoSoQAW4OzZtJFUFuTUggSV1G7j9dfyigE1XKe/OWbbraHuvzWszaYSnGEGi3W1OIw==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "bT+ATl7+3y2SJ/BlnegYCSrkeiXFDSKcfqgz5v8VsRFZnwdQNPk+GpFvLmkAMK2hTuKhjx15pPWWE3XTzXEoiWR2iiTG5L8JEayvCbp9gWGD58at+JrQlHL2TLwMJZGW7wiGeoOVFwJUQCgo8avYgK5cNf1scb+NDT5xvH6P6R17hARBj0Qv8DQBu/AFSTaGz8YnwA57TabC5L2icW3MZRm+skBtM381wUpA1iE/+IGhVth2I2f2LgWm0fkMvIsn29QTfhjn7lT93iUbGDKKN6fO+YFtA7ZKw4NkzdDBQ0Nc9Z+yYnKxy/X1t4k2V10SukXEh130foMifIQA81hA0A==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_0" + }, + "status": "COMPLETED" + }, + "tls_1_1_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BHpk+nCCDVVhxxH+txtM11AmL5huCb5NN2sfLAeoRxn3H2U5eyAcOZi0Ug9ddh5UOb/lKX6zQWS6nXf2TOf9ySM=", + "size": 256, + "type_name": "ECDH", + "x": "emT6cIINVWHHEf63G0zXUCYvmG4Jvk03ax8sB6hHGfc=", + "y": "H2U5eyAcOZi0Ug9ddh5UOb/lKX6zQWS6nXf2TOf9ySM=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BE0rUepmIujOQ/I6XQpqL/2B+L/8d1i8ypkauvQIrt5SOWnDS91gCdj6P7jr7LwCKPIGbVndeTb1LNmNGBM/WLs=", + "size": 256, + "type_name": "ECDH", + "x": "TStR6mYi6M5D8jpdCmov/YH4v/x3WLzKmRq69Aiu3lI=", + "y": "OWnDS91gCdj6P7jr7LwCKPIGbVndeTb1LNmNGBM/WLs=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BJQ39t5/xh6wYHss3nXyOoH0uN+fdVYnWX7OKxhRRBJwHE9lqqF5GXE1gAE6Iq4U7wYQ028JK0RaDMM3I3DBtKg=", + "size": 256, + "type_name": "ECDH", + "x": "lDf23n/GHrBgeyzedfI6gfS43591VidZfs4rGFFEEnA=", + "y": "HE9lqqF5GXE1gAE6Iq4U7wYQ028JK0RaDMM3I3DBtKg=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "sMQRA2RA9MOm3P1S7mSRyS+gcLPJRpf4E7xDiQOwLXpAdyPrX92pbj1jhccn4ZV/vI7jMa4qbV71RFnAOVjs+4ttwKFfy1/w4OiaFK3pfA2ju1i8NuzuaLc34L4BCF3f50aN/u4rFYE2ntzgf56f2ICnVpWWcWlIc09AwpXi3I9gIBDEoDFqWjfLgvrVxK+/KIq7wJbrP7eLVcht8d6seYYxv2Z2nhLKZgr8T+T1ubIVeoIHTWzV9vN5FvvYvgUEoqkD6xp0FD0XPDnrWFBkcm5WwN1H99EmMmIMhxskTHCVGalkWC+qGzAnvy2Z+2B1nYpPDISUIsS8QHf7xyRz2A==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "IuE+vywBbTd/ZfSeIl8Sb3Dv+7bGNZ0tOL5tygQitUmDwk5wd7otfldo9PY9luhI5i/IjS4zN5mbmwn3J6uIMdQ95LdCB+9h16ZCBUsW3BILHk88+PKVy5o7l587cGhxXVqpsKnf5qi2YJF/TNilR7gZDp1ryDZVCWBULqxf5cv7jCXw/8aH/CRNujCCQLDrkGqy45peEuaL1m36wucjaWA8w5cb16OhVC6dQ34Kx6O8BF3Q6/BMpkSpUyXAbqaQatuxia67lUE0f1LFoCS6OojXfJjAb7NmJcF61sYIZ3YoDUT2ZgZwoRwouAQJkFHjWJ8CZFl/oq4eUTap2trU7g==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "FkOz2y14+w3N0Gya2HBHRqv05u0ChpuBE/XQGz6J7mrsYHoksdVtfC7N+2B5NqCtx3TEcYKYHojXeElgW6n/Zxg0ZRkSr1E8Nuy4SvElAS9xVQXHszb0JwzbBBXU5Yw1UR0uYAQyGY1ip/P88C9sI8A3ww5+/eb2avt2raxdtYzb/t1uu/pxLy74s1ygy38MtD1Bq0L+zQOSAryLdRvVIVyOdJyCSqntN1bLNYl8qEmRV7uaArV76mYfFL5tntvOdhItMIq8wmKwMjQmNSM9T8s9OGK+MAXyzqQIgv5OBoncE+93V1ocbCekE5+8fqGgx6loli9Z0MX3v6r+a0dO+g==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "lS9AZuRZttoaYel45plQPwrbruWWzOg9UKiJIrRTxE5AhTM78gd6BJ/OEsvUqiBYQMktbtSPt13Z7jMaNd2VpiwQDMfOPrpkrNDLTX0fOpV0m6rVpEmQfqRcmSaeYPXmdeUjHqSUdflQseD1w1OihAKmKBevhJx57/R3ItSA6+YAWMwwzP5gh2GHVuktj5Upoc7b6C53CAeSSuQ1doG5yAR4bcsFLHJxAZXeMe21atsIstF5C/dcd9gpA6o8y0j29tzvS/ShvV0+ATCnqmKHAyswMqjiBuJrXsh9+fw4L0J2inxBTHTEwVjljUVjL38GxM3x+GpLlaY4O6gXUUewoQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" }, - "tls_fallback_scsv": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_1" + }, + "status": "COMPLETED" + }, + "tls_1_2_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "AES256-GCM-SHA384" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "AES256-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "AES128-GCM-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "AES128-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDHE-RSA-AES256-GCM-SHA384" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BKkxhYCdIYJ8JAzkcFM0dNljDQ9FmY6Plc3YlooYszYwX9/2frpTtVaKvSY374OtCDmjvifJBwBi7oI0sTZHLRg=", + "size": 256, + "type_name": "ECDH", + "x": "qTGFgJ0hgnwkDORwUzR02WMND0WZjo+VzdiWihizNjA=", + "y": "X9/2frpTtVaKvSY374OtCDmjvifJBwBi7oI0sTZHLRg=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDHE-RSA-AES256-SHA384" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BFos5xBGV2MYzys7gsmreIrtcJ6/I6Qinmn50b2/IrXHs2hPIUwQks7EAOI6MBxRxmTiXblvH4ilIpV06vuXHSU=", + "size": 256, + "type_name": "ECDH", + "x": "WiznEEZXYxjPKzuCyat4iu1wnr8jpCKeafnRvb8itcc=", + "y": "s2hPIUwQks7EAOI6MBxRxmTiXblvH4ilIpV06vuXHSU=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BCWd4VHuwJ8tAWpV7QkRIz4NucuUWTAbAbRKwZtTaxPuJTDRgtTJYuaSb++q6wQ62W7MTdFHRnz6R1kBl8ukpMs=", + "size": 256, + "type_name": "ECDH", + "x": "JZ3hUe7Any0BalXtCREjPg25y5RZMBsBtErBm1NrE+4=", + "y": "JTDRgtTJYuaSb++q6wQ62W7MTdFHRnz6R1kBl8ukpMs=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDHE-RSA-AES128-GCM-SHA256" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BIBq9LgHjJo+XwTMM0ULwdvQnKcaXHeuAUpAU2MGupIdCy3RdbEe/jQWfNYHUyYb2fpXSmRb+Im9ej3kyycfVsU=", + "size": 256, + "type_name": "ECDH", + "x": "gGr0uAeMmj5fBMwzRQvB29Ccpxpcd64BSkBTYwa6kh0=", + "y": "Cy3RdbEe/jQWfNYHUyYb2fpXSmRb+Im9ej3kyycfVsU=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDHE-RSA-AES128-SHA256" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BAAXU5KV2aEx0pqj2VoGU86Q1DtBkE1OAeiCd0uOG7WPF6fAPJeTdf17xH5rEympZnK440VH34UJGmoXkz/Y43Q=", + "size": 256, + "type_name": "ECDH", + "x": "F1OSldmhMdKao9laBlPOkNQ7QZBNTgHogndLjhu1jw==", + "y": "F6fAPJeTdf17xH5rEympZnK440VH34UJGmoXkz/Y43Q=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BBGBy7rMgGmzg4rgS8SN9pmHmsuNBzZMNIcg+qFmDSr+3eIbjBMXWX2zm9PS0vf6Pa2hWP0QdctpUFf2OPQlziI=", + "size": 256, + "type_name": "ECDH", + "x": "EYHLusyAabODiuBLxI32mYeay40HNkw0hyD6oWYNKv4=", + "y": "3eIbjBMXWX2zm9PS0vf6Pa2hWP0QdctpUFf2OPQlziI=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BDKzBbTOl8NEkMbOII9Se36pq0FWb9uaGXB5hDyNsPmvXPSbU7JwlDy/XYi9YYknzcyRCCk+oD8XCP3c7ytJ5ig=", + "size": 256, + "type_name": "ECDH", + "x": "MrMFtM6Xw0SQxs4gj1J7fqmrQVZv25oZcHmEPI2w+a8=", + "y": "XPSbU7JwlDy/XYi9YYknzcyRCCk+oD8XCP3c7ytJ5ig=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "YIgwOvLMjYOg5kDwH1yx0SUe5S9SsFV1gLXcljKfyJHRHD6p04QlOLFXvTMYmA9YNw3hnRQbkK8Rc4j4AZ4uqNw7OYmG1YFHTSUH+leDDpaAI1jh2vosRIi8aIlMwca3PxHXz3H9zbOvls4OvXSgq+jQTWpf9zjfT77oDwISQSIoxCgzj2WLm1ZtZLKcV77PxS3DbiNbbpiIF/r8psKslRHJtjOys5rgHW2GKPcrCX9urD2Up0yE09qHGIOuWsKpGmDWueOOBcusJdoR4F/WosWXIoaulCpcot06eBf0w1pd/mkvmiMHTYNudLiYyCo1K2BPp0H0SuCovEdQbBbOwg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "sKjMRrE+L8xX6lQZiikB64SK9vJgj0Nah8ESrbl/35ymeNPg0EqVk7f8lrWfw7chis5J1/yuHAwHZZJw+bp6vyK/muZIJ8ecGI+ClzY51aLKcs34DclerGYhzfET+nwt06W5qET0fqMfmaEV9JTWQwnAiFZrgt6doyLX2sxMaIUmUQQum9Ki7x9IusiTBnpjlYfDZ4k5xcvwKPwZlZ5O3yCR/mdYzTmWIicAcWWeJha3ZDnFcquXWkUJyE+uk5OgEp9niMHGAWN+J/d67cMr0AbP4bV5qkdZXaMCtsOLtwAUOHRAENQnAqanUJ+VXUgCqwJiTluy7zqXK/d+48EKQQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "DHE-RSA-AES256-GCM-SHA384" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "t8w1faQ+NIO62dATQkXBe6796aMbqohFdzcLMGVJyEFqYwqBzXcTQReItadCJBgmpHnC7AgUO0Z1xbYxGFc2Aw3oGLCtodrP5oE3aXNRR5PHMWyevoL/++qnQ3X13Tgl+TcwR0iiyQgTONYlnj8dSHVpD/K5IPKYSTCODBiCmTEOk5RFjGAS6jqTYg/iF/ssKZCwFla0XjOIbXbKqjJRvreNcqiYmIaDKtY2o+MDCQ+QSool2A2O9d9t0LNAUlk7wt6xag64V9P4yqbiUtY2llOSJC+K3tktfxrRQ9r4/jn0aL/71oEcvhedYBWMMfgZNNhxrHP65ssOLFi410zXbQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "DHE-RSA-AES256-SHA256" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "Ma2JY2Kc6O3F7QyB9i0JPcZcO5b7mhcprSoU0nDvuYLf9kx+AGIiHZtl9eT+Y23Tp2nmVhHVs7L4EuvXwIYvrYDpdAQmnWp8LAlSKDoh8g1N7mFgF8AerGNzCzt/71s3mpywA0CfF9OpowoQ5rimYXE3D1OqwGJ7XJ+VcGGpL9XSRdaatwUOGBYL4VOtGHsqGFy4ivQmrQntILmWA/6GUg1PhsEaUTVV4QmMjBFbkN80HRe+hb3AItoXNsRe9fqlx+QQ19wtw9ZoxOono75fTmwidZsqMatBaSPsQS0aJEG3n7C6h/y8hczBM0tFikrXSI5NZ+O3AmIQylbV7b+mgg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null } - }, - "scan_status": "COMPLETED", - "server_location": { - "connection_type": "DIRECT", - "hostname": "expired.badssl.com", - "http_proxy_settings": null, - "ip_address": "104.154.89.105", - "port": 443 - }, - "uuid": "70e17747-bb8b-4807-937d-7c03a9f6a7fe" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "iGTjMCFcc/PJaVDjXjn8x3Gnw5+IJkIVNGqMWwu71Kzsa/Fjm7TlnFeu0RPflidcdyAVny+pjH5E/UDff/Q3sYQ/vEpHRGCWkm8GRHEo6jo6ZB73GKlDtSfsibwwvUqNmYK0/78yCdJxrxG3T2cuLKfJCdyggIpV00oEew+OoqdfbrxiwNGH0lZLIh2WBIyWz+SgTcHuXPKkKaoQzUF+oe5f4bLEpDLWvhrRVXEYHhgyy9AQiTTDEHOECLUX33YGZoNc2UxmL0dgMGK259lUQGJujWiBxcmE2NwHaPq7qH+esgpvKi8P+MkAtHVWpdQkbkCysFfYtDHzrfSnyDTBfw==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "DHE-RSA-AES128-GCM-SHA256" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "j4AvQyY+Uplt94y+5HOiCUQoDckxWuurMRAdvJhAcaO/4jZffpe1gtk95pjm0IBlQeimjkgF41lVUcouSnmxvDzHayx5sa8M10QKFBBHrhFDy9UFDWGk13uc0NkRyEV0xlaVtp1mrotwPZ2tu+dMkCKeGXu7TxuIuLTMVI4fayIpCfOE3o/pYFqmQ93tkN8zUHYMl+XLdiv3cMKvc+Beuxu9DOkJMdPpQD8EFWBDgqsBLmKUVrT1S0tKHZrGotG0B6xG1dyGUwHQIuaVL8oOii1XN36E9C89iro6iUmMvCP2pV1Sx43Exn+HoJzFbvFA3GCQMWtebXpzxgSLzYjhQg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "DHE-RSA-AES128-SHA256" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "M9yExOk0AhXADYFrA1XKN8g7vvxaNs0K5Sa2kypueWJabmKRwM2HAcSCQyLtCx3mVKhx8P/28sjsDOIAgjnM7SGwIa2kbUvYbW6pz5B5pd2WkfQrRCj5X/faOeE1mBuuPKCVdR6z/XYLvkXY5trH2QSsMzPwQa3VaRwOqiT47ubN/z+OCssCoFR6WsThHIwaSMpghse8jEQLvJYdsuxl0eTw3Ynj0bVEIvRa+Bl9y0RIi0QgFvlDv1CoQIIujw3Y9LxGoaRTOuHI2/nyNzSgf2JW+dqa3I7IKALXSVJXpV1MFhll9ZGQKrEasSFlrmydwAs5ol+fgipw1jlNagPNFA==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "lwur4gIP9h+mQumyWpcAQs1El2kwcNfB3ICOpEqVJ3JysjgF4igIELHgQcOgrymPTUkbdl1oZ2aoA5YDVpCuOCpO7equdyZghoMBbKRhy4c1k4HodKwtTK5XO8Z2JAeX3OX2iUAPxxURQJH+JAh+rhcuBK5eo9AdySMWz5OYb0kPjteqM5sawXyLBgJAPRnwMlXGbC3S6Sb1M/wBpIS3OltSxC6ALXdItuaLPOUCV7XLtOKJCsj2RD2sCZnBXP4h5Sajhqj5xFzAd+akV2iFLRRnHAk0DENFlkWTg7F0oodn+MkN2NCVddBczk0nD+NU14xC5idiH+0xYcgbHfx4Fg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA256", + "openssl_name": "NULL-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_256_CCM_8", + "openssl_name": "AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CCM", + "openssl_name": "AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CCM_8", + "openssl_name": "AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CCM", + "openssl_name": "AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDH-RSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDH-RSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDH-RSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDH-RSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDH-ECDSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDH-ECDSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDH-ECDSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDH-ECDSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "ECDHE-RSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", + "openssl_name": "ECDHE-RSA-CAMELLIA256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "ECDHE-RSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ECDHE-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ECDHE-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "ECDHE-ECDSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", + "openssl_name": "ECDHE-ECDSA-CAMELLIA256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "ECDHE-ECDSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ECDHE-ECDSA-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ECDHE-ECDSA-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDHE-ECDSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", + "openssl_name": "ECDHE-ECDSA-AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", + "openssl_name": "ECDHE-ECDSA-AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDHE-ECDSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDHE-ECDSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", + "openssl_name": "ECDHE-ECDSA-AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", + "openssl_name": "ECDHE-ECDSA-AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDHE-ECDSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_GCM_SHA384", + "openssl_name": "ADH-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA256", + "openssl_name": "ADH-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_GCM_SHA256", + "openssl_name": "ADH-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA256", + "openssl_name": "ADH-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "DH-RSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "DH-RSA-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "DH-RSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "DH-RSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", + "openssl_name": "DH-DSS-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", + "openssl_name": "DH-DSS-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", + "openssl_name": "DH-DSS-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", + "openssl_name": "DH-DSS-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "DHE-RSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "DHE-RSA-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "DHE-RSA-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CCM_8", + "openssl_name": "DHE-RSA-AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CCM", + "openssl_name": "DHE-RSA-AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CCM_8", + "openssl_name": "DHE-RSA-AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CCM", + "openssl_name": "DHE-RSA-AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "DHE-DSS-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "DHE-DSS-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", + "openssl_name": "DHE-DSS-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", + "openssl_name": "DHE-DSS-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", + "openssl_name": "DHE-DSS-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", + "openssl_name": "DHE-DSS-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_2" + }, + "status": "COMPLETED" + }, + "tls_1_3_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_CHACHA20_POLY1305_SHA256", + "openssl_name": "TLS_CHACHA20_POLY1305_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_AES_256_GCM_SHA384", + "openssl_name": "TLS_AES_256_GCM_SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_GCM_SHA256", + "openssl_name": "TLS_AES_128_GCM_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_CCM_SHA256", + "openssl_name": "TLS_AES_128_CCM_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_CCM_8_SHA256", + "openssl_name": "TLS_AES_128_CCM_8_SHA256" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_3" + }, + "status": "COMPLETED" + }, + "tls_1_3_early_data": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "tls_compression": { + "error_reason": null, + "error_trace": null, + "result": { + "supports_compression": false + }, + "status": "COMPLETED" + }, + "tls_fallback_scsv": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" } - ], - "sslyze_url": "https://github.com/nabla-c0d3/sslyze", - "sslyze_version": "5.0.0" -} \ No newline at end of file + }, + "scan_status": "COMPLETED", + "server_location": { + "connection_type": "DIRECT", + "hostname": "expired.badssl.com", + "http_proxy_settings": null, + "ip_address": "104.154.89.105", + "port": 443 + }, + "uuid": "70e17747-bb8b-4807-937d-7c03a9f6a7fe" + } + ], + "sslyze_url": "https://github.com/nabla-c0d3/sslyze", + "sslyze_version": "5.0.0" +} diff --git a/scanners/sslyze/parser/__testFiles__/google.com.json b/scanners/sslyze/parser/__testFiles__/google.com.json index f0de6670e9..2304e7e8c5 100644 --- a/scanners/sslyze/parser/__testFiles__/google.com.json +++ b/scanners/sslyze/parser/__testFiles__/google.com.json @@ -1,10089 +1,10089 @@ { - "date_scans_completed": "2021-12-22T12:52:44.657908", - "date_scans_started": "2021-12-22T12:52:27.272408", - "server_scan_results": [ - { - "connectivity_error_trace": null, - "connectivity_result": { - "cipher_suite_supported": "TLS_AES_256_GCM_SHA384", - "client_auth_requirement": "DISABLED", - "highest_tls_version_supported": "TLS_1_3", - "supports_ecdh_key_exchange": true - }, - "connectivity_status": "COMPLETED", - "network_configuration": { - "network_max_retries": 3, - "network_timeout": 5, - "tls_client_auth_credentials": null, - "tls_opportunistic_encryption": null, - "tls_server_name_indication": "google.com", - "xmpp_to_hostname": null - }, - "scan_result": { - "certificate_info": { - "error_reason": null, - "error_trace": null, - "result": { - "certificate_deployments": [ - { - "leaf_certificate_has_must_staple_extension": false, - "leaf_certificate_is_ev": false, - "leaf_certificate_signed_certificate_timestamps_count": 2, - "leaf_certificate_subject_matches_hostname": true, - "ocsp_response": null, - "ocsp_response_is_trusted": null, - "path_validation_results": [ - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Android", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/google_aosp.pem", - "version": "12.0.0_r3" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIINsjCCDJqgAwIBAgIRAPq8ife/MxCUCgAAAAEl/TIwDQYJKoZIhvcNAQELBQAw\nRjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM\nTEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjExMTI5MDIyMjMzWhcNMjIwMjIx\nMDIyMjMyWjAXMRUwEwYDVQQDDAwqLmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggq\nhkjOPQMBBwNCAAShwtJ0zDJohmgYDI9a4Sxu+2c8JyYLtfnS/wdyRoIXUchfFuyr\nWO+bwp1BW6Fkauoqu0LeDXO8oysHN8gba4Vdo4ILkzCCC48wDgYDVR0PAQH/BAQD\nAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE\nFAQOcJ1gEZcBGw5+crGZ5Sj3KeByMB8GA1UdIwQYMBaAFIp0f6+Fze6VzT2c0OJG\nFPNxNR0nMGoGCCsGAQUFBwEBBF4wXDAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Au\ncGtpLmdvb2cvZ3RzMWMzMDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVw\nby9jZXJ0cy9ndHMxYzMuZGVyMIIJQgYDVR0RBIIJOTCCCTWCDCouZ29vZ2xlLmNv\nbYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYIJKi5iZG4uZGV2ghIqLmNsb3VkLmdv\nb2dsZS5jb22CGCouY3Jvd2Rzb3VyY2UuZ29vZ2xlLmNvbYIYKi5kYXRhY29tcHV0\nZS5nb29nbGUuY29tggsqLmdvb2dsZS5jYYILKi5nb29nbGUuY2yCDiouZ29vZ2xl\nLmNvLmlugg4qLmdvb2dsZS5jby5qcIIOKi5nb29nbGUuY28udWuCDyouZ29vZ2xl\nLmNvbS5hcoIPKi5nb29nbGUuY29tLmF1gg8qLmdvb2dsZS5jb20uYnKCDyouZ29v\nZ2xlLmNvbS5jb4IPKi5nb29nbGUuY29tLm14gg8qLmdvb2dsZS5jb20udHKCDyou\nZ29vZ2xlLmNvbS52boILKi5nb29nbGUuZGWCCyouZ29vZ2xlLmVzggsqLmdvb2ds\nZS5mcoILKi5nb29nbGUuaHWCCyouZ29vZ2xlLml0ggsqLmdvb2dsZS5ubIILKi5n\nb29nbGUucGyCCyouZ29vZ2xlLnB0ghIqLmdvb2dsZWFkYXBpcy5jb22CDyouZ29v\nZ2xlYXBpcy5jboIRKi5nb29nbGV2aWRlby5jb22CDCouZ3N0YXRpYy5jboIQKi5n\nc3RhdGljLWNuLmNvbYIPZ29vZ2xlY25hcHBzLmNughEqLmdvb2dsZWNuYXBwcy5j\nboIRZ29vZ2xlYXBwcy1jbi5jb22CEyouZ29vZ2xlYXBwcy1jbi5jb22CDGdrZWNu\nYXBwcy5jboIOKi5na2VjbmFwcHMuY26CEmdvb2dsZWRvd25sb2Fkcy5jboIUKi5n\nb29nbGVkb3dubG9hZHMuY26CEHJlY2FwdGNoYS5uZXQuY26CEioucmVjYXB0Y2hh\nLm5ldC5jboILd2lkZXZpbmUuY26CDSoud2lkZXZpbmUuY26CEWFtcHByb2plY3Qu\nb3JnLmNughMqLmFtcHByb2plY3Qub3JnLmNughFhbXBwcm9qZWN0Lm5ldC5jboIT\nKi5hbXBwcm9qZWN0Lm5ldC5jboIXZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CGSou\nZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CF2dvb2dsZWFkc2VydmljZXMtY24uY29t\nghkqLmdvb2dsZWFkc2VydmljZXMtY24uY29tghFnb29nbGV2YWRzLWNuLmNvbYIT\nKi5nb29nbGV2YWRzLWNuLmNvbYIRZ29vZ2xlYXBpcy1jbi5jb22CEyouZ29vZ2xl\nYXBpcy1jbi5jb22CFWdvb2dsZW9wdGltaXplLWNuLmNvbYIXKi5nb29nbGVvcHRp\nbWl6ZS1jbi5jb22CEmRvdWJsZWNsaWNrLWNuLm5ldIIUKi5kb3VibGVjbGljay1j\nbi5uZXSCGCouZmxzLmRvdWJsZWNsaWNrLWNuLm5ldIIWKi5nLmRvdWJsZWNsaWNr\nLWNuLm5ldIIOZG91YmxlY2xpY2suY26CECouZG91YmxlY2xpY2suY26CFCouZmxz\nLmRvdWJsZWNsaWNrLmNughIqLmcuZG91YmxlY2xpY2suY26CEWRhcnRzZWFyY2gt\nY24ubmV0ghMqLmRhcnRzZWFyY2gtY24ubmV0gh1nb29nbGV0cmF2ZWxhZHNlcnZp\nY2VzLWNuLmNvbYIfKi5nb29nbGV0cmF2ZWxhZHNlcnZpY2VzLWNuLmNvbYIYZ29v\nZ2xldGFnc2VydmljZXMtY24uY29tghoqLmdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNv\nbYIXZ29vZ2xldGFnbWFuYWdlci1jbi5jb22CGSouZ29vZ2xldGFnbWFuYWdlci1j\nbi5jb22CGGdvb2dsZXN5bmRpY2F0aW9uLWNuLmNvbYIaKi5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CJCouc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLWNuLmNv\nbYIWYXBwLW1lYXN1cmVtZW50LWNuLmNvbYIYKi5hcHAtbWVhc3VyZW1lbnQtY24u\nY29tggtndnQxLWNuLmNvbYINKi5ndnQxLWNuLmNvbYILZ3Z0Mi1jbi5jb22CDSou\nZ3Z0Mi1jbi5jb22CCzJtZG4tY24ubmV0gg0qLjJtZG4tY24ubmV0ghRnb29nbGVm\nbGlnaHRzLWNuLm5ldIIWKi5nb29nbGVmbGlnaHRzLWNuLm5ldIIMYWRtb2ItY24u\nY29tgg4qLmFkbW9iLWNuLmNvbYINKi5nc3RhdGljLmNvbYIUKi5tZXRyaWMuZ3N0\nYXRpYy5jb22CCiouZ3Z0MS5jb22CESouZ2NwY2RuLmd2dDEuY29tggoqLmd2dDIu\nY29tgg4qLmdjcC5ndnQyLmNvbYIQKi51cmwuZ29vZ2xlLmNvbYIWKi55b3V0dWJl\nLW5vY29va2llLmNvbYILKi55dGltZy5jb22CC2FuZHJvaWQuY29tgg0qLmFuZHJv\naWQuY29tghMqLmZsYXNoLmFuZHJvaWQuY29tggRnLmNuggYqLmcuY26CBGcuY2+C\nBiouZy5jb4IGZ29vLmdsggp3d3cuZ29vLmdsghRnb29nbGUtYW5hbHl0aWNzLmNv\nbYIWKi5nb29nbGUtYW5hbHl0aWNzLmNvbYIKZ29vZ2xlLmNvbYISZ29vZ2xlY29t\nbWVyY2UuY29tghQqLmdvb2dsZWNvbW1lcmNlLmNvbYIIZ2dwaHQuY26CCiouZ2dw\naHQuY26CCnVyY2hpbi5jb22CDCoudXJjaGluLmNvbYIIeW91dHUuYmWCC3lvdXR1\nYmUuY29tgg0qLnlvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbYIWKi55\nb3V0dWJlZWR1Y2F0aW9uLmNvbYIPeW91dHViZWtpZHMuY29tghEqLnlvdXR1YmVr\naWRzLmNvbYIFeXQuYmWCByoueXQuYmWCGmFuZHJvaWQuY2xpZW50cy5nb29nbGUu\nY29tghtkZXZlbG9wZXIuYW5kcm9pZC5nb29nbGUuY26CHGRldmVsb3BlcnMuYW5k\ncm9pZC5nb29nbGUuY26CGHNvdXJjZS5hbmRyb2lkLmdvb2dsZS5jbjAhBgNVHSAE\nGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAvoC2GK2h0\ndHA6Ly9jcmxzLnBraS5nb29nL2d0czFjMy9RcUZ4Ymk5TTQ4Yy5jcmwwggEFBgor\nBgEEAdZ5AgQCBIH2BIHzAPEAdwApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZc\nJV3HhAAAAX1pt0b0AAAEAwBIMEYCIQC1x9lAp2IZtthi0mxfjtSDXCR714tElKsl\nM61c4kJv/gIhAJPjgGFY5XBnQSaV/jHFfoRcbksMU+lruflT+sfvLLqcAHYAQcjK\nsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF9abdHmAAABAMARzBFAiEA\nhzUCqPYG77z0wZUE3y2DmZhTaStBB9BMVBfYSQmYTogCIHbA8hBzj6kjpaw57Zid\ntP5Dz5Zli2xOJQB+W4s15tI8MA0GCSqGSIb3DQEBCwUAA4IBAQB2aorYRKwUQJI2\n80q1y1Q2Z8c6pem1MWxRX/Ptapmsp1ucrsmu+VaC1YMCSlW1exVieyMhOIvcKDBy\n/8L0FUEAmsL8fCTroRQ4DnZVLelFk9vmVsiSQtfYHOf6rwEbOrv+94kk964iQCLQ\nFYN5klRqI0hWa3wYe6tnXm/2PvPbAwqsnAq3q+Iek+3pGm6YTshJyA7P9L176psd\ndm6slAYpHOryFcrvXzu1lHSylCAFNT/OYcH1GLTf0qJXuN7YnX9swoYu2oCDkIyA\nHss2DDp7f8qf0VgDNNxZB8drZ9ID85YA3qgeIbHHAB8UIj8qkKXkmybfMxVL0lz3\niY73asSm\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "vU56xz130U36VqWYgldabl+ckbo=", - "fingerprint_sha256": "Etq1XziM4dAVPJQLgqP+8Xo2sL06Jdsb3IQ6Y10L9eI=", - "hpkp_pin": "Z7iX8iPL/tb+En3S+O8dX8VWg/fn/BYJGWopTO3cNqU=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2022-02-21T02:22:32", - "not_valid_before": "2021-11-29T02:22:33", - "public_key": { - "algorithm": "_EllipticCurvePublicKey", - "ec_curve_name": "secp256r1", - "ec_x": 73166589468063978768506719647133910110540739867789316741176125650210060900177, - "ec_y": 90630578406819255037429180973183047516286263827387529370526503825550657422685, - "key_size": 256, - "rsa_e": null, - "rsa_n": null - }, - "serial_number": 333285949074278727503634643736840240434, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.google.com", - "value": "*.google.com" - } - ], - "rfc4514_string": "CN=*.google.com" - }, - "subject_alternative_name": { - "dns": [ - "*.google.com", - "*.appengine.google.com", - "*.bdn.dev", - "*.cloud.google.com", - "*.crowdsource.google.com", - "*.datacompute.google.com", - "*.google.ca", - "*.google.cl", - "*.google.co.in", - "*.google.co.jp", - "*.google.co.uk", - "*.google.com.ar", - "*.google.com.au", - "*.google.com.br", - "*.google.com.co", - "*.google.com.mx", - "*.google.com.tr", - "*.google.com.vn", - "*.google.de", - "*.google.es", - "*.google.fr", - "*.google.hu", - "*.google.it", - "*.google.nl", - "*.google.pl", - "*.google.pt", - "*.googleadapis.com", - "*.googleapis.cn", - "*.googlevideo.com", - "*.gstatic.cn", - "*.gstatic-cn.com", - "googlecnapps.cn", - "*.googlecnapps.cn", - "googleapps-cn.com", - "*.googleapps-cn.com", - "gkecnapps.cn", - "*.gkecnapps.cn", - "googledownloads.cn", - "*.googledownloads.cn", - "recaptcha.net.cn", - "*.recaptcha.net.cn", - "widevine.cn", - "*.widevine.cn", - "ampproject.org.cn", - "*.ampproject.org.cn", - "ampproject.net.cn", - "*.ampproject.net.cn", - "google-analytics-cn.com", - "*.google-analytics-cn.com", - "googleadservices-cn.com", - "*.googleadservices-cn.com", - "googlevads-cn.com", - "*.googlevads-cn.com", - "googleapis-cn.com", - "*.googleapis-cn.com", - "googleoptimize-cn.com", - "*.googleoptimize-cn.com", - "doubleclick-cn.net", - "*.doubleclick-cn.net", - "*.fls.doubleclick-cn.net", - "*.g.doubleclick-cn.net", - "doubleclick.cn", - "*.doubleclick.cn", - "*.fls.doubleclick.cn", - "*.g.doubleclick.cn", - "dartsearch-cn.net", - "*.dartsearch-cn.net", - "googletraveladservices-cn.com", - "*.googletraveladservices-cn.com", - "googletagservices-cn.com", - "*.googletagservices-cn.com", - "googletagmanager-cn.com", - "*.googletagmanager-cn.com", - "googlesyndication-cn.com", - "*.googlesyndication-cn.com", - "*.safeframe.googlesyndication-cn.com", - "app-measurement-cn.com", - "*.app-measurement-cn.com", - "gvt1-cn.com", - "*.gvt1-cn.com", - "gvt2-cn.com", - "*.gvt2-cn.com", - "2mdn-cn.net", - "*.2mdn-cn.net", - "googleflights-cn.net", - "*.googleflights-cn.net", - "admob-cn.com", - "*.admob-cn.com", - "*.gstatic.com", - "*.metric.gstatic.com", - "*.gvt1.com", - "*.gcpcdn.gvt1.com", - "*.gvt2.com", - "*.gcp.gvt2.com", - "*.url.google.com", - "*.youtube-nocookie.com", - "*.ytimg.com", - "android.com", - "*.android.com", - "*.flash.android.com", - "g.cn", - "*.g.cn", - "g.co", - "*.g.co", - "goo.gl", - "www.goo.gl", - "google-analytics.com", - "*.google-analytics.com", - "google.com", - "googlecommerce.com", - "*.googlecommerce.com", - "ggpht.cn", - "*.ggpht.cn", - "urchin.com", - "*.urchin.com", - "youtu.be", - "youtube.com", - "*.youtube.com", - "youtubeeducation.com", - "*.youtubeeducation.com", - "youtubekids.com", - "*.youtubekids.com", - "yt.be", - "*.yt.be", - "android.clients.google.com", - "developer.android.google.cn", - "developers.android.google.cn", - "source.android.google.cn" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", - "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", - "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2027-09-30T00:00:42", - "not_valid_before": "2020-08-13T00:00:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 - }, - "serial_number": 159612451717983579589660725350, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", - "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", - "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2036-06-22T00:00:00", - "not_valid_before": "2016-06-22T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 - }, - "serial_number": 146587175971765017618439757810265552097, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.12", - "name": "sha384WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 48, - "name": "sha384" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Apple", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/apple.pem", - "version": "iOS 15, iPadOS 15, macOS 12, tvOS 15, and watchOS 8" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIINsjCCDJqgAwIBAgIRAPq8ife/MxCUCgAAAAEl/TIwDQYJKoZIhvcNAQELBQAw\nRjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM\nTEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjExMTI5MDIyMjMzWhcNMjIwMjIx\nMDIyMjMyWjAXMRUwEwYDVQQDDAwqLmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggq\nhkjOPQMBBwNCAAShwtJ0zDJohmgYDI9a4Sxu+2c8JyYLtfnS/wdyRoIXUchfFuyr\nWO+bwp1BW6Fkauoqu0LeDXO8oysHN8gba4Vdo4ILkzCCC48wDgYDVR0PAQH/BAQD\nAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE\nFAQOcJ1gEZcBGw5+crGZ5Sj3KeByMB8GA1UdIwQYMBaAFIp0f6+Fze6VzT2c0OJG\nFPNxNR0nMGoGCCsGAQUFBwEBBF4wXDAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Au\ncGtpLmdvb2cvZ3RzMWMzMDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVw\nby9jZXJ0cy9ndHMxYzMuZGVyMIIJQgYDVR0RBIIJOTCCCTWCDCouZ29vZ2xlLmNv\nbYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYIJKi5iZG4uZGV2ghIqLmNsb3VkLmdv\nb2dsZS5jb22CGCouY3Jvd2Rzb3VyY2UuZ29vZ2xlLmNvbYIYKi5kYXRhY29tcHV0\nZS5nb29nbGUuY29tggsqLmdvb2dsZS5jYYILKi5nb29nbGUuY2yCDiouZ29vZ2xl\nLmNvLmlugg4qLmdvb2dsZS5jby5qcIIOKi5nb29nbGUuY28udWuCDyouZ29vZ2xl\nLmNvbS5hcoIPKi5nb29nbGUuY29tLmF1gg8qLmdvb2dsZS5jb20uYnKCDyouZ29v\nZ2xlLmNvbS5jb4IPKi5nb29nbGUuY29tLm14gg8qLmdvb2dsZS5jb20udHKCDyou\nZ29vZ2xlLmNvbS52boILKi5nb29nbGUuZGWCCyouZ29vZ2xlLmVzggsqLmdvb2ds\nZS5mcoILKi5nb29nbGUuaHWCCyouZ29vZ2xlLml0ggsqLmdvb2dsZS5ubIILKi5n\nb29nbGUucGyCCyouZ29vZ2xlLnB0ghIqLmdvb2dsZWFkYXBpcy5jb22CDyouZ29v\nZ2xlYXBpcy5jboIRKi5nb29nbGV2aWRlby5jb22CDCouZ3N0YXRpYy5jboIQKi5n\nc3RhdGljLWNuLmNvbYIPZ29vZ2xlY25hcHBzLmNughEqLmdvb2dsZWNuYXBwcy5j\nboIRZ29vZ2xlYXBwcy1jbi5jb22CEyouZ29vZ2xlYXBwcy1jbi5jb22CDGdrZWNu\nYXBwcy5jboIOKi5na2VjbmFwcHMuY26CEmdvb2dsZWRvd25sb2Fkcy5jboIUKi5n\nb29nbGVkb3dubG9hZHMuY26CEHJlY2FwdGNoYS5uZXQuY26CEioucmVjYXB0Y2hh\nLm5ldC5jboILd2lkZXZpbmUuY26CDSoud2lkZXZpbmUuY26CEWFtcHByb2plY3Qu\nb3JnLmNughMqLmFtcHByb2plY3Qub3JnLmNughFhbXBwcm9qZWN0Lm5ldC5jboIT\nKi5hbXBwcm9qZWN0Lm5ldC5jboIXZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CGSou\nZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CF2dvb2dsZWFkc2VydmljZXMtY24uY29t\nghkqLmdvb2dsZWFkc2VydmljZXMtY24uY29tghFnb29nbGV2YWRzLWNuLmNvbYIT\nKi5nb29nbGV2YWRzLWNuLmNvbYIRZ29vZ2xlYXBpcy1jbi5jb22CEyouZ29vZ2xl\nYXBpcy1jbi5jb22CFWdvb2dsZW9wdGltaXplLWNuLmNvbYIXKi5nb29nbGVvcHRp\nbWl6ZS1jbi5jb22CEmRvdWJsZWNsaWNrLWNuLm5ldIIUKi5kb3VibGVjbGljay1j\nbi5uZXSCGCouZmxzLmRvdWJsZWNsaWNrLWNuLm5ldIIWKi5nLmRvdWJsZWNsaWNr\nLWNuLm5ldIIOZG91YmxlY2xpY2suY26CECouZG91YmxlY2xpY2suY26CFCouZmxz\nLmRvdWJsZWNsaWNrLmNughIqLmcuZG91YmxlY2xpY2suY26CEWRhcnRzZWFyY2gt\nY24ubmV0ghMqLmRhcnRzZWFyY2gtY24ubmV0gh1nb29nbGV0cmF2ZWxhZHNlcnZp\nY2VzLWNuLmNvbYIfKi5nb29nbGV0cmF2ZWxhZHNlcnZpY2VzLWNuLmNvbYIYZ29v\nZ2xldGFnc2VydmljZXMtY24uY29tghoqLmdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNv\nbYIXZ29vZ2xldGFnbWFuYWdlci1jbi5jb22CGSouZ29vZ2xldGFnbWFuYWdlci1j\nbi5jb22CGGdvb2dsZXN5bmRpY2F0aW9uLWNuLmNvbYIaKi5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CJCouc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLWNuLmNv\nbYIWYXBwLW1lYXN1cmVtZW50LWNuLmNvbYIYKi5hcHAtbWVhc3VyZW1lbnQtY24u\nY29tggtndnQxLWNuLmNvbYINKi5ndnQxLWNuLmNvbYILZ3Z0Mi1jbi5jb22CDSou\nZ3Z0Mi1jbi5jb22CCzJtZG4tY24ubmV0gg0qLjJtZG4tY24ubmV0ghRnb29nbGVm\nbGlnaHRzLWNuLm5ldIIWKi5nb29nbGVmbGlnaHRzLWNuLm5ldIIMYWRtb2ItY24u\nY29tgg4qLmFkbW9iLWNuLmNvbYINKi5nc3RhdGljLmNvbYIUKi5tZXRyaWMuZ3N0\nYXRpYy5jb22CCiouZ3Z0MS5jb22CESouZ2NwY2RuLmd2dDEuY29tggoqLmd2dDIu\nY29tgg4qLmdjcC5ndnQyLmNvbYIQKi51cmwuZ29vZ2xlLmNvbYIWKi55b3V0dWJl\nLW5vY29va2llLmNvbYILKi55dGltZy5jb22CC2FuZHJvaWQuY29tgg0qLmFuZHJv\naWQuY29tghMqLmZsYXNoLmFuZHJvaWQuY29tggRnLmNuggYqLmcuY26CBGcuY2+C\nBiouZy5jb4IGZ29vLmdsggp3d3cuZ29vLmdsghRnb29nbGUtYW5hbHl0aWNzLmNv\nbYIWKi5nb29nbGUtYW5hbHl0aWNzLmNvbYIKZ29vZ2xlLmNvbYISZ29vZ2xlY29t\nbWVyY2UuY29tghQqLmdvb2dsZWNvbW1lcmNlLmNvbYIIZ2dwaHQuY26CCiouZ2dw\naHQuY26CCnVyY2hpbi5jb22CDCoudXJjaGluLmNvbYIIeW91dHUuYmWCC3lvdXR1\nYmUuY29tgg0qLnlvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbYIWKi55\nb3V0dWJlZWR1Y2F0aW9uLmNvbYIPeW91dHViZWtpZHMuY29tghEqLnlvdXR1YmVr\naWRzLmNvbYIFeXQuYmWCByoueXQuYmWCGmFuZHJvaWQuY2xpZW50cy5nb29nbGUu\nY29tghtkZXZlbG9wZXIuYW5kcm9pZC5nb29nbGUuY26CHGRldmVsb3BlcnMuYW5k\ncm9pZC5nb29nbGUuY26CGHNvdXJjZS5hbmRyb2lkLmdvb2dsZS5jbjAhBgNVHSAE\nGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAvoC2GK2h0\ndHA6Ly9jcmxzLnBraS5nb29nL2d0czFjMy9RcUZ4Ymk5TTQ4Yy5jcmwwggEFBgor\nBgEEAdZ5AgQCBIH2BIHzAPEAdwApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZc\nJV3HhAAAAX1pt0b0AAAEAwBIMEYCIQC1x9lAp2IZtthi0mxfjtSDXCR714tElKsl\nM61c4kJv/gIhAJPjgGFY5XBnQSaV/jHFfoRcbksMU+lruflT+sfvLLqcAHYAQcjK\nsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF9abdHmAAABAMARzBFAiEA\nhzUCqPYG77z0wZUE3y2DmZhTaStBB9BMVBfYSQmYTogCIHbA8hBzj6kjpaw57Zid\ntP5Dz5Zli2xOJQB+W4s15tI8MA0GCSqGSIb3DQEBCwUAA4IBAQB2aorYRKwUQJI2\n80q1y1Q2Z8c6pem1MWxRX/Ptapmsp1ucrsmu+VaC1YMCSlW1exVieyMhOIvcKDBy\n/8L0FUEAmsL8fCTroRQ4DnZVLelFk9vmVsiSQtfYHOf6rwEbOrv+94kk964iQCLQ\nFYN5klRqI0hWa3wYe6tnXm/2PvPbAwqsnAq3q+Iek+3pGm6YTshJyA7P9L176psd\ndm6slAYpHOryFcrvXzu1lHSylCAFNT/OYcH1GLTf0qJXuN7YnX9swoYu2oCDkIyA\nHss2DDp7f8qf0VgDNNxZB8drZ9ID85YA3qgeIbHHAB8UIj8qkKXkmybfMxVL0lz3\niY73asSm\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "vU56xz130U36VqWYgldabl+ckbo=", - "fingerprint_sha256": "Etq1XziM4dAVPJQLgqP+8Xo2sL06Jdsb3IQ6Y10L9eI=", - "hpkp_pin": "Z7iX8iPL/tb+En3S+O8dX8VWg/fn/BYJGWopTO3cNqU=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2022-02-21T02:22:32", - "not_valid_before": "2021-11-29T02:22:33", - "public_key": { - "algorithm": "_EllipticCurvePublicKey", - "ec_curve_name": "secp256r1", - "ec_x": 73166589468063978768506719647133910110540739867789316741176125650210060900177, - "ec_y": 90630578406819255037429180973183047516286263827387529370526503825550657422685, - "key_size": 256, - "rsa_e": null, - "rsa_n": null - }, - "serial_number": 333285949074278727503634643736840240434, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.google.com", - "value": "*.google.com" - } - ], - "rfc4514_string": "CN=*.google.com" - }, - "subject_alternative_name": { - "dns": [ - "*.google.com", - "*.appengine.google.com", - "*.bdn.dev", - "*.cloud.google.com", - "*.crowdsource.google.com", - "*.datacompute.google.com", - "*.google.ca", - "*.google.cl", - "*.google.co.in", - "*.google.co.jp", - "*.google.co.uk", - "*.google.com.ar", - "*.google.com.au", - "*.google.com.br", - "*.google.com.co", - "*.google.com.mx", - "*.google.com.tr", - "*.google.com.vn", - "*.google.de", - "*.google.es", - "*.google.fr", - "*.google.hu", - "*.google.it", - "*.google.nl", - "*.google.pl", - "*.google.pt", - "*.googleadapis.com", - "*.googleapis.cn", - "*.googlevideo.com", - "*.gstatic.cn", - "*.gstatic-cn.com", - "googlecnapps.cn", - "*.googlecnapps.cn", - "googleapps-cn.com", - "*.googleapps-cn.com", - "gkecnapps.cn", - "*.gkecnapps.cn", - "googledownloads.cn", - "*.googledownloads.cn", - "recaptcha.net.cn", - "*.recaptcha.net.cn", - "widevine.cn", - "*.widevine.cn", - "ampproject.org.cn", - "*.ampproject.org.cn", - "ampproject.net.cn", - "*.ampproject.net.cn", - "google-analytics-cn.com", - "*.google-analytics-cn.com", - "googleadservices-cn.com", - "*.googleadservices-cn.com", - "googlevads-cn.com", - "*.googlevads-cn.com", - "googleapis-cn.com", - "*.googleapis-cn.com", - "googleoptimize-cn.com", - "*.googleoptimize-cn.com", - "doubleclick-cn.net", - "*.doubleclick-cn.net", - "*.fls.doubleclick-cn.net", - "*.g.doubleclick-cn.net", - "doubleclick.cn", - "*.doubleclick.cn", - "*.fls.doubleclick.cn", - "*.g.doubleclick.cn", - "dartsearch-cn.net", - "*.dartsearch-cn.net", - "googletraveladservices-cn.com", - "*.googletraveladservices-cn.com", - "googletagservices-cn.com", - "*.googletagservices-cn.com", - "googletagmanager-cn.com", - "*.googletagmanager-cn.com", - "googlesyndication-cn.com", - "*.googlesyndication-cn.com", - "*.safeframe.googlesyndication-cn.com", - "app-measurement-cn.com", - "*.app-measurement-cn.com", - "gvt1-cn.com", - "*.gvt1-cn.com", - "gvt2-cn.com", - "*.gvt2-cn.com", - "2mdn-cn.net", - "*.2mdn-cn.net", - "googleflights-cn.net", - "*.googleflights-cn.net", - "admob-cn.com", - "*.admob-cn.com", - "*.gstatic.com", - "*.metric.gstatic.com", - "*.gvt1.com", - "*.gcpcdn.gvt1.com", - "*.gvt2.com", - "*.gcp.gvt2.com", - "*.url.google.com", - "*.youtube-nocookie.com", - "*.ytimg.com", - "android.com", - "*.android.com", - "*.flash.android.com", - "g.cn", - "*.g.cn", - "g.co", - "*.g.co", - "goo.gl", - "www.goo.gl", - "google-analytics.com", - "*.google-analytics.com", - "google.com", - "googlecommerce.com", - "*.googlecommerce.com", - "ggpht.cn", - "*.ggpht.cn", - "urchin.com", - "*.urchin.com", - "youtu.be", - "youtube.com", - "*.youtube.com", - "youtubeeducation.com", - "*.youtubeeducation.com", - "youtubekids.com", - "*.youtubekids.com", - "yt.be", - "*.yt.be", - "android.clients.google.com", - "developer.android.google.cn", - "developers.android.google.cn", - "source.android.google.cn" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", - "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", - "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2027-09-30T00:00:42", - "not_valid_before": "2020-08-13T00:00:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 - }, - "serial_number": 159612451717983579589660725350, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", - "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", - "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2036-06-22T00:00:00", - "not_valid_before": "2016-06-22T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 - }, - "serial_number": 146587175971765017618439757810265552097, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.12", - "name": "sha384WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 48, - "name": "sha384" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Java", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/oracle_java.pem", - "version": "jdk-13.0.2" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIINsjCCDJqgAwIBAgIRAPq8ife/MxCUCgAAAAEl/TIwDQYJKoZIhvcNAQELBQAw\nRjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM\nTEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjExMTI5MDIyMjMzWhcNMjIwMjIx\nMDIyMjMyWjAXMRUwEwYDVQQDDAwqLmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggq\nhkjOPQMBBwNCAAShwtJ0zDJohmgYDI9a4Sxu+2c8JyYLtfnS/wdyRoIXUchfFuyr\nWO+bwp1BW6Fkauoqu0LeDXO8oysHN8gba4Vdo4ILkzCCC48wDgYDVR0PAQH/BAQD\nAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE\nFAQOcJ1gEZcBGw5+crGZ5Sj3KeByMB8GA1UdIwQYMBaAFIp0f6+Fze6VzT2c0OJG\nFPNxNR0nMGoGCCsGAQUFBwEBBF4wXDAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Au\ncGtpLmdvb2cvZ3RzMWMzMDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVw\nby9jZXJ0cy9ndHMxYzMuZGVyMIIJQgYDVR0RBIIJOTCCCTWCDCouZ29vZ2xlLmNv\nbYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYIJKi5iZG4uZGV2ghIqLmNsb3VkLmdv\nb2dsZS5jb22CGCouY3Jvd2Rzb3VyY2UuZ29vZ2xlLmNvbYIYKi5kYXRhY29tcHV0\nZS5nb29nbGUuY29tggsqLmdvb2dsZS5jYYILKi5nb29nbGUuY2yCDiouZ29vZ2xl\nLmNvLmlugg4qLmdvb2dsZS5jby5qcIIOKi5nb29nbGUuY28udWuCDyouZ29vZ2xl\nLmNvbS5hcoIPKi5nb29nbGUuY29tLmF1gg8qLmdvb2dsZS5jb20uYnKCDyouZ29v\nZ2xlLmNvbS5jb4IPKi5nb29nbGUuY29tLm14gg8qLmdvb2dsZS5jb20udHKCDyou\nZ29vZ2xlLmNvbS52boILKi5nb29nbGUuZGWCCyouZ29vZ2xlLmVzggsqLmdvb2ds\nZS5mcoILKi5nb29nbGUuaHWCCyouZ29vZ2xlLml0ggsqLmdvb2dsZS5ubIILKi5n\nb29nbGUucGyCCyouZ29vZ2xlLnB0ghIqLmdvb2dsZWFkYXBpcy5jb22CDyouZ29v\nZ2xlYXBpcy5jboIRKi5nb29nbGV2aWRlby5jb22CDCouZ3N0YXRpYy5jboIQKi5n\nc3RhdGljLWNuLmNvbYIPZ29vZ2xlY25hcHBzLmNughEqLmdvb2dsZWNuYXBwcy5j\nboIRZ29vZ2xlYXBwcy1jbi5jb22CEyouZ29vZ2xlYXBwcy1jbi5jb22CDGdrZWNu\nYXBwcy5jboIOKi5na2VjbmFwcHMuY26CEmdvb2dsZWRvd25sb2Fkcy5jboIUKi5n\nb29nbGVkb3dubG9hZHMuY26CEHJlY2FwdGNoYS5uZXQuY26CEioucmVjYXB0Y2hh\nLm5ldC5jboILd2lkZXZpbmUuY26CDSoud2lkZXZpbmUuY26CEWFtcHByb2plY3Qu\nb3JnLmNughMqLmFtcHByb2plY3Qub3JnLmNughFhbXBwcm9qZWN0Lm5ldC5jboIT\nKi5hbXBwcm9qZWN0Lm5ldC5jboIXZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CGSou\nZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CF2dvb2dsZWFkc2VydmljZXMtY24uY29t\nghkqLmdvb2dsZWFkc2VydmljZXMtY24uY29tghFnb29nbGV2YWRzLWNuLmNvbYIT\nKi5nb29nbGV2YWRzLWNuLmNvbYIRZ29vZ2xlYXBpcy1jbi5jb22CEyouZ29vZ2xl\nYXBpcy1jbi5jb22CFWdvb2dsZW9wdGltaXplLWNuLmNvbYIXKi5nb29nbGVvcHRp\nbWl6ZS1jbi5jb22CEmRvdWJsZWNsaWNrLWNuLm5ldIIUKi5kb3VibGVjbGljay1j\nbi5uZXSCGCouZmxzLmRvdWJsZWNsaWNrLWNuLm5ldIIWKi5nLmRvdWJsZWNsaWNr\nLWNuLm5ldIIOZG91YmxlY2xpY2suY26CECouZG91YmxlY2xpY2suY26CFCouZmxz\nLmRvdWJsZWNsaWNrLmNughIqLmcuZG91YmxlY2xpY2suY26CEWRhcnRzZWFyY2gt\nY24ubmV0ghMqLmRhcnRzZWFyY2gtY24ubmV0gh1nb29nbGV0cmF2ZWxhZHNlcnZp\nY2VzLWNuLmNvbYIfKi5nb29nbGV0cmF2ZWxhZHNlcnZpY2VzLWNuLmNvbYIYZ29v\nZ2xldGFnc2VydmljZXMtY24uY29tghoqLmdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNv\nbYIXZ29vZ2xldGFnbWFuYWdlci1jbi5jb22CGSouZ29vZ2xldGFnbWFuYWdlci1j\nbi5jb22CGGdvb2dsZXN5bmRpY2F0aW9uLWNuLmNvbYIaKi5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CJCouc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLWNuLmNv\nbYIWYXBwLW1lYXN1cmVtZW50LWNuLmNvbYIYKi5hcHAtbWVhc3VyZW1lbnQtY24u\nY29tggtndnQxLWNuLmNvbYINKi5ndnQxLWNuLmNvbYILZ3Z0Mi1jbi5jb22CDSou\nZ3Z0Mi1jbi5jb22CCzJtZG4tY24ubmV0gg0qLjJtZG4tY24ubmV0ghRnb29nbGVm\nbGlnaHRzLWNuLm5ldIIWKi5nb29nbGVmbGlnaHRzLWNuLm5ldIIMYWRtb2ItY24u\nY29tgg4qLmFkbW9iLWNuLmNvbYINKi5nc3RhdGljLmNvbYIUKi5tZXRyaWMuZ3N0\nYXRpYy5jb22CCiouZ3Z0MS5jb22CESouZ2NwY2RuLmd2dDEuY29tggoqLmd2dDIu\nY29tgg4qLmdjcC5ndnQyLmNvbYIQKi51cmwuZ29vZ2xlLmNvbYIWKi55b3V0dWJl\nLW5vY29va2llLmNvbYILKi55dGltZy5jb22CC2FuZHJvaWQuY29tgg0qLmFuZHJv\naWQuY29tghMqLmZsYXNoLmFuZHJvaWQuY29tggRnLmNuggYqLmcuY26CBGcuY2+C\nBiouZy5jb4IGZ29vLmdsggp3d3cuZ29vLmdsghRnb29nbGUtYW5hbHl0aWNzLmNv\nbYIWKi5nb29nbGUtYW5hbHl0aWNzLmNvbYIKZ29vZ2xlLmNvbYISZ29vZ2xlY29t\nbWVyY2UuY29tghQqLmdvb2dsZWNvbW1lcmNlLmNvbYIIZ2dwaHQuY26CCiouZ2dw\naHQuY26CCnVyY2hpbi5jb22CDCoudXJjaGluLmNvbYIIeW91dHUuYmWCC3lvdXR1\nYmUuY29tgg0qLnlvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbYIWKi55\nb3V0dWJlZWR1Y2F0aW9uLmNvbYIPeW91dHViZWtpZHMuY29tghEqLnlvdXR1YmVr\naWRzLmNvbYIFeXQuYmWCByoueXQuYmWCGmFuZHJvaWQuY2xpZW50cy5nb29nbGUu\nY29tghtkZXZlbG9wZXIuYW5kcm9pZC5nb29nbGUuY26CHGRldmVsb3BlcnMuYW5k\ncm9pZC5nb29nbGUuY26CGHNvdXJjZS5hbmRyb2lkLmdvb2dsZS5jbjAhBgNVHSAE\nGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAvoC2GK2h0\ndHA6Ly9jcmxzLnBraS5nb29nL2d0czFjMy9RcUZ4Ymk5TTQ4Yy5jcmwwggEFBgor\nBgEEAdZ5AgQCBIH2BIHzAPEAdwApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZc\nJV3HhAAAAX1pt0b0AAAEAwBIMEYCIQC1x9lAp2IZtthi0mxfjtSDXCR714tElKsl\nM61c4kJv/gIhAJPjgGFY5XBnQSaV/jHFfoRcbksMU+lruflT+sfvLLqcAHYAQcjK\nsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF9abdHmAAABAMARzBFAiEA\nhzUCqPYG77z0wZUE3y2DmZhTaStBB9BMVBfYSQmYTogCIHbA8hBzj6kjpaw57Zid\ntP5Dz5Zli2xOJQB+W4s15tI8MA0GCSqGSIb3DQEBCwUAA4IBAQB2aorYRKwUQJI2\n80q1y1Q2Z8c6pem1MWxRX/Ptapmsp1ucrsmu+VaC1YMCSlW1exVieyMhOIvcKDBy\n/8L0FUEAmsL8fCTroRQ4DnZVLelFk9vmVsiSQtfYHOf6rwEbOrv+94kk964iQCLQ\nFYN5klRqI0hWa3wYe6tnXm/2PvPbAwqsnAq3q+Iek+3pGm6YTshJyA7P9L176psd\ndm6slAYpHOryFcrvXzu1lHSylCAFNT/OYcH1GLTf0qJXuN7YnX9swoYu2oCDkIyA\nHss2DDp7f8qf0VgDNNxZB8drZ9ID85YA3qgeIbHHAB8UIj8qkKXkmybfMxVL0lz3\niY73asSm\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "vU56xz130U36VqWYgldabl+ckbo=", - "fingerprint_sha256": "Etq1XziM4dAVPJQLgqP+8Xo2sL06Jdsb3IQ6Y10L9eI=", - "hpkp_pin": "Z7iX8iPL/tb+En3S+O8dX8VWg/fn/BYJGWopTO3cNqU=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2022-02-21T02:22:32", - "not_valid_before": "2021-11-29T02:22:33", - "public_key": { - "algorithm": "_EllipticCurvePublicKey", - "ec_curve_name": "secp256r1", - "ec_x": 73166589468063978768506719647133910110540739867789316741176125650210060900177, - "ec_y": 90630578406819255037429180973183047516286263827387529370526503825550657422685, - "key_size": 256, - "rsa_e": null, - "rsa_n": null - }, - "serial_number": 333285949074278727503634643736840240434, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.google.com", - "value": "*.google.com" - } - ], - "rfc4514_string": "CN=*.google.com" - }, - "subject_alternative_name": { - "dns": [ - "*.google.com", - "*.appengine.google.com", - "*.bdn.dev", - "*.cloud.google.com", - "*.crowdsource.google.com", - "*.datacompute.google.com", - "*.google.ca", - "*.google.cl", - "*.google.co.in", - "*.google.co.jp", - "*.google.co.uk", - "*.google.com.ar", - "*.google.com.au", - "*.google.com.br", - "*.google.com.co", - "*.google.com.mx", - "*.google.com.tr", - "*.google.com.vn", - "*.google.de", - "*.google.es", - "*.google.fr", - "*.google.hu", - "*.google.it", - "*.google.nl", - "*.google.pl", - "*.google.pt", - "*.googleadapis.com", - "*.googleapis.cn", - "*.googlevideo.com", - "*.gstatic.cn", - "*.gstatic-cn.com", - "googlecnapps.cn", - "*.googlecnapps.cn", - "googleapps-cn.com", - "*.googleapps-cn.com", - "gkecnapps.cn", - "*.gkecnapps.cn", - "googledownloads.cn", - "*.googledownloads.cn", - "recaptcha.net.cn", - "*.recaptcha.net.cn", - "widevine.cn", - "*.widevine.cn", - "ampproject.org.cn", - "*.ampproject.org.cn", - "ampproject.net.cn", - "*.ampproject.net.cn", - "google-analytics-cn.com", - "*.google-analytics-cn.com", - "googleadservices-cn.com", - "*.googleadservices-cn.com", - "googlevads-cn.com", - "*.googlevads-cn.com", - "googleapis-cn.com", - "*.googleapis-cn.com", - "googleoptimize-cn.com", - "*.googleoptimize-cn.com", - "doubleclick-cn.net", - "*.doubleclick-cn.net", - "*.fls.doubleclick-cn.net", - "*.g.doubleclick-cn.net", - "doubleclick.cn", - "*.doubleclick.cn", - "*.fls.doubleclick.cn", - "*.g.doubleclick.cn", - "dartsearch-cn.net", - "*.dartsearch-cn.net", - "googletraveladservices-cn.com", - "*.googletraveladservices-cn.com", - "googletagservices-cn.com", - "*.googletagservices-cn.com", - "googletagmanager-cn.com", - "*.googletagmanager-cn.com", - "googlesyndication-cn.com", - "*.googlesyndication-cn.com", - "*.safeframe.googlesyndication-cn.com", - "app-measurement-cn.com", - "*.app-measurement-cn.com", - "gvt1-cn.com", - "*.gvt1-cn.com", - "gvt2-cn.com", - "*.gvt2-cn.com", - "2mdn-cn.net", - "*.2mdn-cn.net", - "googleflights-cn.net", - "*.googleflights-cn.net", - "admob-cn.com", - "*.admob-cn.com", - "*.gstatic.com", - "*.metric.gstatic.com", - "*.gvt1.com", - "*.gcpcdn.gvt1.com", - "*.gvt2.com", - "*.gcp.gvt2.com", - "*.url.google.com", - "*.youtube-nocookie.com", - "*.ytimg.com", - "android.com", - "*.android.com", - "*.flash.android.com", - "g.cn", - "*.g.cn", - "g.co", - "*.g.co", - "goo.gl", - "www.goo.gl", - "google-analytics.com", - "*.google-analytics.com", - "google.com", - "googlecommerce.com", - "*.googlecommerce.com", - "ggpht.cn", - "*.ggpht.cn", - "urchin.com", - "*.urchin.com", - "youtu.be", - "youtube.com", - "*.youtube.com", - "youtubeeducation.com", - "*.youtubeeducation.com", - "youtubekids.com", - "*.youtubekids.com", - "yt.be", - "*.yt.be", - "android.clients.google.com", - "developer.android.google.cn", - "developers.android.google.cn", - "source.android.google.cn" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", - "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", - "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2027-09-30T00:00:42", - "not_valid_before": "2020-08-13T00:00:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 - }, - "serial_number": 159612451717983579589660725350, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFYjCCBEqgAwIBAgIQd70NbNs2+RrqIQ/E8FjTDTANBgkqhkiG9w0BAQsFADBX\nMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE\nCxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIwMDYx\nOTAwMDA0MloXDTI4MDEyODAwMDA0MlowRzELMAkGA1UEBhMCVVMxIjAgBgNVBAoT\nGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBMTEMxFDASBgNVBAMTC0dUUyBSb290IFIx\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAthECix7joXebO9y/lD63\nladAPKH9gvl9MgaCcfb2jH/76Nu8ai6Xl6OMS/kr9rH5zoQdsfnFl97vufKj6bwS\niV6nqlKr+CMny6SxnGPb15l+8Ape62im9MZaRw1NEDPjTrETo8gYbEvs/AmQ351k\nKSUjB6G00j0uYODP0gmHu81I8E3CwnqIiru6z1kZ1q+PsAewnjHxgsHA3y6mbWwZ\nDrXYfiYaRQM9sHmklCitD38m5agI/pboPGiUU+6DOogrFZYJsuB6jC511pzrp1Zk\nj5ZPaK49l8KEj8C8QMALXL32h7M1bKwYUH+E4EzNktMg6TO8UpmvMrUpsyUqtEj5\ncuHKZPfmghCN6J3Cioj6OGaK/GP5Afl4/Xtcd/p2h/rs37EOeZVXtL0m79YB0esW\nCruOC7XFxYpVq9Os6pFLKcwZpDIlTirxZUTQAs6qzkm06p98g7BAe+dDq6dso499\niYH6TKX/1Y7DzkvgtdizjkXPdsDtQCv9Uw+wp9U7DbGKogPeMa3Md+pvez7W35Ei\nEua++tgy/BBjFFFy3l3WFpO9KWgz7zpm7AeKJt8T11dleCfeXkkUAKIAf5qoIbap\nsZWwpbkNFhHax2xIPEDgfg1azVY80ZcFuctL7TlLnMQ/0lUTbiSw1nH69MG6zO0b\n9f6BQdgAmD06yK56mDcYBZUCAwEAAaOCATgwggE0MA4GA1UdDwEB/wQEAwIBhjAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTkrysmcRorSCeFL1JmLO/wiRNxPjAf\nBgNVHSMEGDAWgBRge2YaRQ2XyolQL30EzTSo//z9SzBgBggrBgEFBQcBAQRUMFIw\nJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnBraS5nb29nL2dzcjEwKQYIKwYBBQUH\nMAKGHWh0dHA6Ly9wa2kuZ29vZy9nc3IxL2dzcjEuY3J0MDIGA1UdHwQrMCkwJ6Al\noCOGIWh0dHA6Ly9jcmwucGtpLmdvb2cvZ3NyMS9nc3IxLmNybDA7BgNVHSAENDAy\nMAgGBmeBDAECATAIBgZngQwBAgIwDQYLKwYBBAHWeQIFAwIwDQYLKwYBBAHWeQIF\nAwMwDQYJKoZIhvcNAQELBQADggEBADSkHrEoo9C0dhemMXoh6dFSPsjbdBZBiLg9\nNR3t5P+T4Vxfq7vqfM/b5A3Ri1fyJm9bvhdGaJQ3b2t6yMAYN/olUazsaL+yyEn9\nWprKASOshIArAoyZl+tJaox118fessmXn1hIVw41oeQa1v1vg4Fv74zPl6/AhSrw\n9U5pCZEt4Wi4wStz6dTZ/CLANx8LZh1J7QJVj2fhMtfTJr9w4z30Z209fOU0iOMy\n+qduBmpvvYuR7hZL6Dupszfnw0Skfths18dG9ZKb59UhvmaSGZRVbNQpsg3BZlvi\nd0lIKO2d1xozclOzgjXPYovJJIultzkMu34qQb9Sz/yilrbCgj8=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "CHRUh+iRwZ4weMHyoH5FKVDvNvY=", - "fingerprint_sha256": "PuAnjfcfo8ElxM1IfwHXdGlOb8V+DNlMJO/XaRM5GOU=", - "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=BE", - "value": "BE" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=GlobalSign nv-sa", - "value": "GlobalSign nv-sa" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=Root CA", - "value": "Root CA" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GlobalSign Root CA", - "value": "GlobalSign Root CA" - } - ], - "rfc4514_string": "CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE" - }, - "not_valid_after": "2028-01-28T00:00:42", - "not_valid_before": "2020-06-19T00:00:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 - }, - "serial_number": 159159747900478145820483398898491642637, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG\nA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv\nb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw\nMDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i\nYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT\naWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ\njc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp\nxy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp\n1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG\nsnUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ\nU26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8\n9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E\nBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B\nAQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz\nyj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE\n38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP\nAbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad\nDKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME\nHMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "sbyWi9T0nWIqqJqB8hUBUqQdgpw=", - "fingerprint_sha256": "69QQQOS7PsdCyeOB0x7ypBpItmhclufO88HfbNQzHJk=", - "hpkp_pin": "K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=BE", - "value": "BE" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=GlobalSign nv-sa", - "value": "GlobalSign nv-sa" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=Root CA", - "value": "Root CA" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GlobalSign Root CA", - "value": "GlobalSign Root CA" - } - ], - "rfc4514_string": "CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE" - }, - "not_valid_after": "2028-01-28T12:00:00", - "not_valid_before": "1998-09-01T12:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27527298331346624659307815003393871405544020859223571253338520804765223430982458246098772321151941672961640627675186276205051526242643378100158885513217742058056466168392650055013100104849176312294167242041140310435772026717601763184706480259485212806902223894888566729634266984619221168862421838192203495151893762216777748330129909588210203299778581898175320882908371930984451809054509645379277309791084909705758372477320893336152882629891014286744815684371510751674825920204180490258122986862539585201934155220945732937830308834387108046657005363452071776396707181283143463213972159925612976006433949563180335468751 - }, - "serial_number": 4835703278459707669005204, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=BE", - "value": "BE" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=GlobalSign nv-sa", - "value": "GlobalSign nv-sa" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=Root CA", - "value": "Root CA" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GlobalSign Root CA", - "value": "GlobalSign Root CA" - } - ], - "rfc4514_string": "CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": [ - { - "dotted_string": "1.2.276.0.44.1.1.1.4", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.392.200091.100.721.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.40.0.17.1.22", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.616.1.113527.2.5.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.159.1.17.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.13177.10.1.3.10", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14370.1.6", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14777.6.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14777.6.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.14.2.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.14.2.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.8.12.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.8.12.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.22234.2.5.2.3.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.23223.1.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.29836.1.10", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.3", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.4", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.36305.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.40869.1.1.22.3", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.4146.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.4788.2.202.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.6334.1.100.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.6449.1.2.1.5.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.782.1.2.1.8.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.7879.13.24.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.8024.0.2.100.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.156.112554.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.528.1.1003.1.2.7", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.578.1.26.1.3.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.756.1.83.21.0", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.756.1.89.1.2.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.792.3.0.3.1.1.5", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.792.3.0.4.1.1.4", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.113733.1.7.23.6", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.113733.1.7.48.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114028.10.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114171.500.9", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114404.1.1.2.4.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114412.2.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114413.1.7.23.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114414.1.7.23.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114414.1.7.24.3", - "name": "Unknown OID" - } - ], - "name": "Mozilla", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/mozilla_nss.pem", - "version": "2021-09-25" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIINsjCCDJqgAwIBAgIRAPq8ife/MxCUCgAAAAEl/TIwDQYJKoZIhvcNAQELBQAw\nRjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM\nTEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjExMTI5MDIyMjMzWhcNMjIwMjIx\nMDIyMjMyWjAXMRUwEwYDVQQDDAwqLmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggq\nhkjOPQMBBwNCAAShwtJ0zDJohmgYDI9a4Sxu+2c8JyYLtfnS/wdyRoIXUchfFuyr\nWO+bwp1BW6Fkauoqu0LeDXO8oysHN8gba4Vdo4ILkzCCC48wDgYDVR0PAQH/BAQD\nAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE\nFAQOcJ1gEZcBGw5+crGZ5Sj3KeByMB8GA1UdIwQYMBaAFIp0f6+Fze6VzT2c0OJG\nFPNxNR0nMGoGCCsGAQUFBwEBBF4wXDAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Au\ncGtpLmdvb2cvZ3RzMWMzMDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVw\nby9jZXJ0cy9ndHMxYzMuZGVyMIIJQgYDVR0RBIIJOTCCCTWCDCouZ29vZ2xlLmNv\nbYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYIJKi5iZG4uZGV2ghIqLmNsb3VkLmdv\nb2dsZS5jb22CGCouY3Jvd2Rzb3VyY2UuZ29vZ2xlLmNvbYIYKi5kYXRhY29tcHV0\nZS5nb29nbGUuY29tggsqLmdvb2dsZS5jYYILKi5nb29nbGUuY2yCDiouZ29vZ2xl\nLmNvLmlugg4qLmdvb2dsZS5jby5qcIIOKi5nb29nbGUuY28udWuCDyouZ29vZ2xl\nLmNvbS5hcoIPKi5nb29nbGUuY29tLmF1gg8qLmdvb2dsZS5jb20uYnKCDyouZ29v\nZ2xlLmNvbS5jb4IPKi5nb29nbGUuY29tLm14gg8qLmdvb2dsZS5jb20udHKCDyou\nZ29vZ2xlLmNvbS52boILKi5nb29nbGUuZGWCCyouZ29vZ2xlLmVzggsqLmdvb2ds\nZS5mcoILKi5nb29nbGUuaHWCCyouZ29vZ2xlLml0ggsqLmdvb2dsZS5ubIILKi5n\nb29nbGUucGyCCyouZ29vZ2xlLnB0ghIqLmdvb2dsZWFkYXBpcy5jb22CDyouZ29v\nZ2xlYXBpcy5jboIRKi5nb29nbGV2aWRlby5jb22CDCouZ3N0YXRpYy5jboIQKi5n\nc3RhdGljLWNuLmNvbYIPZ29vZ2xlY25hcHBzLmNughEqLmdvb2dsZWNuYXBwcy5j\nboIRZ29vZ2xlYXBwcy1jbi5jb22CEyouZ29vZ2xlYXBwcy1jbi5jb22CDGdrZWNu\nYXBwcy5jboIOKi5na2VjbmFwcHMuY26CEmdvb2dsZWRvd25sb2Fkcy5jboIUKi5n\nb29nbGVkb3dubG9hZHMuY26CEHJlY2FwdGNoYS5uZXQuY26CEioucmVjYXB0Y2hh\nLm5ldC5jboILd2lkZXZpbmUuY26CDSoud2lkZXZpbmUuY26CEWFtcHByb2plY3Qu\nb3JnLmNughMqLmFtcHByb2plY3Qub3JnLmNughFhbXBwcm9qZWN0Lm5ldC5jboIT\nKi5hbXBwcm9qZWN0Lm5ldC5jboIXZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CGSou\nZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CF2dvb2dsZWFkc2VydmljZXMtY24uY29t\nghkqLmdvb2dsZWFkc2VydmljZXMtY24uY29tghFnb29nbGV2YWRzLWNuLmNvbYIT\nKi5nb29nbGV2YWRzLWNuLmNvbYIRZ29vZ2xlYXBpcy1jbi5jb22CEyouZ29vZ2xl\nYXBpcy1jbi5jb22CFWdvb2dsZW9wdGltaXplLWNuLmNvbYIXKi5nb29nbGVvcHRp\nbWl6ZS1jbi5jb22CEmRvdWJsZWNsaWNrLWNuLm5ldIIUKi5kb3VibGVjbGljay1j\nbi5uZXSCGCouZmxzLmRvdWJsZWNsaWNrLWNuLm5ldIIWKi5nLmRvdWJsZWNsaWNr\nLWNuLm5ldIIOZG91YmxlY2xpY2suY26CECouZG91YmxlY2xpY2suY26CFCouZmxz\nLmRvdWJsZWNsaWNrLmNughIqLmcuZG91YmxlY2xpY2suY26CEWRhcnRzZWFyY2gt\nY24ubmV0ghMqLmRhcnRzZWFyY2gtY24ubmV0gh1nb29nbGV0cmF2ZWxhZHNlcnZp\nY2VzLWNuLmNvbYIfKi5nb29nbGV0cmF2ZWxhZHNlcnZpY2VzLWNuLmNvbYIYZ29v\nZ2xldGFnc2VydmljZXMtY24uY29tghoqLmdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNv\nbYIXZ29vZ2xldGFnbWFuYWdlci1jbi5jb22CGSouZ29vZ2xldGFnbWFuYWdlci1j\nbi5jb22CGGdvb2dsZXN5bmRpY2F0aW9uLWNuLmNvbYIaKi5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CJCouc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLWNuLmNv\nbYIWYXBwLW1lYXN1cmVtZW50LWNuLmNvbYIYKi5hcHAtbWVhc3VyZW1lbnQtY24u\nY29tggtndnQxLWNuLmNvbYINKi5ndnQxLWNuLmNvbYILZ3Z0Mi1jbi5jb22CDSou\nZ3Z0Mi1jbi5jb22CCzJtZG4tY24ubmV0gg0qLjJtZG4tY24ubmV0ghRnb29nbGVm\nbGlnaHRzLWNuLm5ldIIWKi5nb29nbGVmbGlnaHRzLWNuLm5ldIIMYWRtb2ItY24u\nY29tgg4qLmFkbW9iLWNuLmNvbYINKi5nc3RhdGljLmNvbYIUKi5tZXRyaWMuZ3N0\nYXRpYy5jb22CCiouZ3Z0MS5jb22CESouZ2NwY2RuLmd2dDEuY29tggoqLmd2dDIu\nY29tgg4qLmdjcC5ndnQyLmNvbYIQKi51cmwuZ29vZ2xlLmNvbYIWKi55b3V0dWJl\nLW5vY29va2llLmNvbYILKi55dGltZy5jb22CC2FuZHJvaWQuY29tgg0qLmFuZHJv\naWQuY29tghMqLmZsYXNoLmFuZHJvaWQuY29tggRnLmNuggYqLmcuY26CBGcuY2+C\nBiouZy5jb4IGZ29vLmdsggp3d3cuZ29vLmdsghRnb29nbGUtYW5hbHl0aWNzLmNv\nbYIWKi5nb29nbGUtYW5hbHl0aWNzLmNvbYIKZ29vZ2xlLmNvbYISZ29vZ2xlY29t\nbWVyY2UuY29tghQqLmdvb2dsZWNvbW1lcmNlLmNvbYIIZ2dwaHQuY26CCiouZ2dw\naHQuY26CCnVyY2hpbi5jb22CDCoudXJjaGluLmNvbYIIeW91dHUuYmWCC3lvdXR1\nYmUuY29tgg0qLnlvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbYIWKi55\nb3V0dWJlZWR1Y2F0aW9uLmNvbYIPeW91dHViZWtpZHMuY29tghEqLnlvdXR1YmVr\naWRzLmNvbYIFeXQuYmWCByoueXQuYmWCGmFuZHJvaWQuY2xpZW50cy5nb29nbGUu\nY29tghtkZXZlbG9wZXIuYW5kcm9pZC5nb29nbGUuY26CHGRldmVsb3BlcnMuYW5k\ncm9pZC5nb29nbGUuY26CGHNvdXJjZS5hbmRyb2lkLmdvb2dsZS5jbjAhBgNVHSAE\nGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAvoC2GK2h0\ndHA6Ly9jcmxzLnBraS5nb29nL2d0czFjMy9RcUZ4Ymk5TTQ4Yy5jcmwwggEFBgor\nBgEEAdZ5AgQCBIH2BIHzAPEAdwApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZc\nJV3HhAAAAX1pt0b0AAAEAwBIMEYCIQC1x9lAp2IZtthi0mxfjtSDXCR714tElKsl\nM61c4kJv/gIhAJPjgGFY5XBnQSaV/jHFfoRcbksMU+lruflT+sfvLLqcAHYAQcjK\nsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF9abdHmAAABAMARzBFAiEA\nhzUCqPYG77z0wZUE3y2DmZhTaStBB9BMVBfYSQmYTogCIHbA8hBzj6kjpaw57Zid\ntP5Dz5Zli2xOJQB+W4s15tI8MA0GCSqGSIb3DQEBCwUAA4IBAQB2aorYRKwUQJI2\n80q1y1Q2Z8c6pem1MWxRX/Ptapmsp1ucrsmu+VaC1YMCSlW1exVieyMhOIvcKDBy\n/8L0FUEAmsL8fCTroRQ4DnZVLelFk9vmVsiSQtfYHOf6rwEbOrv+94kk964iQCLQ\nFYN5klRqI0hWa3wYe6tnXm/2PvPbAwqsnAq3q+Iek+3pGm6YTshJyA7P9L176psd\ndm6slAYpHOryFcrvXzu1lHSylCAFNT/OYcH1GLTf0qJXuN7YnX9swoYu2oCDkIyA\nHss2DDp7f8qf0VgDNNxZB8drZ9ID85YA3qgeIbHHAB8UIj8qkKXkmybfMxVL0lz3\niY73asSm\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "vU56xz130U36VqWYgldabl+ckbo=", - "fingerprint_sha256": "Etq1XziM4dAVPJQLgqP+8Xo2sL06Jdsb3IQ6Y10L9eI=", - "hpkp_pin": "Z7iX8iPL/tb+En3S+O8dX8VWg/fn/BYJGWopTO3cNqU=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2022-02-21T02:22:32", - "not_valid_before": "2021-11-29T02:22:33", - "public_key": { - "algorithm": "_EllipticCurvePublicKey", - "ec_curve_name": "secp256r1", - "ec_x": 73166589468063978768506719647133910110540739867789316741176125650210060900177, - "ec_y": 90630578406819255037429180973183047516286263827387529370526503825550657422685, - "key_size": 256, - "rsa_e": null, - "rsa_n": null - }, - "serial_number": 333285949074278727503634643736840240434, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.google.com", - "value": "*.google.com" - } - ], - "rfc4514_string": "CN=*.google.com" - }, - "subject_alternative_name": { - "dns": [ - "*.google.com", - "*.appengine.google.com", - "*.bdn.dev", - "*.cloud.google.com", - "*.crowdsource.google.com", - "*.datacompute.google.com", - "*.google.ca", - "*.google.cl", - "*.google.co.in", - "*.google.co.jp", - "*.google.co.uk", - "*.google.com.ar", - "*.google.com.au", - "*.google.com.br", - "*.google.com.co", - "*.google.com.mx", - "*.google.com.tr", - "*.google.com.vn", - "*.google.de", - "*.google.es", - "*.google.fr", - "*.google.hu", - "*.google.it", - "*.google.nl", - "*.google.pl", - "*.google.pt", - "*.googleadapis.com", - "*.googleapis.cn", - "*.googlevideo.com", - "*.gstatic.cn", - "*.gstatic-cn.com", - "googlecnapps.cn", - "*.googlecnapps.cn", - "googleapps-cn.com", - "*.googleapps-cn.com", - "gkecnapps.cn", - "*.gkecnapps.cn", - "googledownloads.cn", - "*.googledownloads.cn", - "recaptcha.net.cn", - "*.recaptcha.net.cn", - "widevine.cn", - "*.widevine.cn", - "ampproject.org.cn", - "*.ampproject.org.cn", - "ampproject.net.cn", - "*.ampproject.net.cn", - "google-analytics-cn.com", - "*.google-analytics-cn.com", - "googleadservices-cn.com", - "*.googleadservices-cn.com", - "googlevads-cn.com", - "*.googlevads-cn.com", - "googleapis-cn.com", - "*.googleapis-cn.com", - "googleoptimize-cn.com", - "*.googleoptimize-cn.com", - "doubleclick-cn.net", - "*.doubleclick-cn.net", - "*.fls.doubleclick-cn.net", - "*.g.doubleclick-cn.net", - "doubleclick.cn", - "*.doubleclick.cn", - "*.fls.doubleclick.cn", - "*.g.doubleclick.cn", - "dartsearch-cn.net", - "*.dartsearch-cn.net", - "googletraveladservices-cn.com", - "*.googletraveladservices-cn.com", - "googletagservices-cn.com", - "*.googletagservices-cn.com", - "googletagmanager-cn.com", - "*.googletagmanager-cn.com", - "googlesyndication-cn.com", - "*.googlesyndication-cn.com", - "*.safeframe.googlesyndication-cn.com", - "app-measurement-cn.com", - "*.app-measurement-cn.com", - "gvt1-cn.com", - "*.gvt1-cn.com", - "gvt2-cn.com", - "*.gvt2-cn.com", - "2mdn-cn.net", - "*.2mdn-cn.net", - "googleflights-cn.net", - "*.googleflights-cn.net", - "admob-cn.com", - "*.admob-cn.com", - "*.gstatic.com", - "*.metric.gstatic.com", - "*.gvt1.com", - "*.gcpcdn.gvt1.com", - "*.gvt2.com", - "*.gcp.gvt2.com", - "*.url.google.com", - "*.youtube-nocookie.com", - "*.ytimg.com", - "android.com", - "*.android.com", - "*.flash.android.com", - "g.cn", - "*.g.cn", - "g.co", - "*.g.co", - "goo.gl", - "www.goo.gl", - "google-analytics.com", - "*.google-analytics.com", - "google.com", - "googlecommerce.com", - "*.googlecommerce.com", - "ggpht.cn", - "*.ggpht.cn", - "urchin.com", - "*.urchin.com", - "youtu.be", - "youtube.com", - "*.youtube.com", - "youtubeeducation.com", - "*.youtubeeducation.com", - "youtubekids.com", - "*.youtubekids.com", - "yt.be", - "*.yt.be", - "android.clients.google.com", - "developer.android.google.cn", - "developers.android.google.cn", - "source.android.google.cn" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", - "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", - "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2027-09-30T00:00:42", - "not_valid_before": "2020-08-13T00:00:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 - }, - "serial_number": 159612451717983579589660725350, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", - "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", - "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2036-06-22T00:00:00", - "not_valid_before": "2016-06-22T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 - }, - "serial_number": 146587175971765017618439757810265552097, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.12", - "name": "sha384WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 48, - "name": "sha384" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Windows", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/microsoft_windows.pem", - "version": "2021-09-25" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIINsjCCDJqgAwIBAgIRAPq8ife/MxCUCgAAAAEl/TIwDQYJKoZIhvcNAQELBQAw\nRjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM\nTEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjExMTI5MDIyMjMzWhcNMjIwMjIx\nMDIyMjMyWjAXMRUwEwYDVQQDDAwqLmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggq\nhkjOPQMBBwNCAAShwtJ0zDJohmgYDI9a4Sxu+2c8JyYLtfnS/wdyRoIXUchfFuyr\nWO+bwp1BW6Fkauoqu0LeDXO8oysHN8gba4Vdo4ILkzCCC48wDgYDVR0PAQH/BAQD\nAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE\nFAQOcJ1gEZcBGw5+crGZ5Sj3KeByMB8GA1UdIwQYMBaAFIp0f6+Fze6VzT2c0OJG\nFPNxNR0nMGoGCCsGAQUFBwEBBF4wXDAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Au\ncGtpLmdvb2cvZ3RzMWMzMDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVw\nby9jZXJ0cy9ndHMxYzMuZGVyMIIJQgYDVR0RBIIJOTCCCTWCDCouZ29vZ2xlLmNv\nbYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYIJKi5iZG4uZGV2ghIqLmNsb3VkLmdv\nb2dsZS5jb22CGCouY3Jvd2Rzb3VyY2UuZ29vZ2xlLmNvbYIYKi5kYXRhY29tcHV0\nZS5nb29nbGUuY29tggsqLmdvb2dsZS5jYYILKi5nb29nbGUuY2yCDiouZ29vZ2xl\nLmNvLmlugg4qLmdvb2dsZS5jby5qcIIOKi5nb29nbGUuY28udWuCDyouZ29vZ2xl\nLmNvbS5hcoIPKi5nb29nbGUuY29tLmF1gg8qLmdvb2dsZS5jb20uYnKCDyouZ29v\nZ2xlLmNvbS5jb4IPKi5nb29nbGUuY29tLm14gg8qLmdvb2dsZS5jb20udHKCDyou\nZ29vZ2xlLmNvbS52boILKi5nb29nbGUuZGWCCyouZ29vZ2xlLmVzggsqLmdvb2ds\nZS5mcoILKi5nb29nbGUuaHWCCyouZ29vZ2xlLml0ggsqLmdvb2dsZS5ubIILKi5n\nb29nbGUucGyCCyouZ29vZ2xlLnB0ghIqLmdvb2dsZWFkYXBpcy5jb22CDyouZ29v\nZ2xlYXBpcy5jboIRKi5nb29nbGV2aWRlby5jb22CDCouZ3N0YXRpYy5jboIQKi5n\nc3RhdGljLWNuLmNvbYIPZ29vZ2xlY25hcHBzLmNughEqLmdvb2dsZWNuYXBwcy5j\nboIRZ29vZ2xlYXBwcy1jbi5jb22CEyouZ29vZ2xlYXBwcy1jbi5jb22CDGdrZWNu\nYXBwcy5jboIOKi5na2VjbmFwcHMuY26CEmdvb2dsZWRvd25sb2Fkcy5jboIUKi5n\nb29nbGVkb3dubG9hZHMuY26CEHJlY2FwdGNoYS5uZXQuY26CEioucmVjYXB0Y2hh\nLm5ldC5jboILd2lkZXZpbmUuY26CDSoud2lkZXZpbmUuY26CEWFtcHByb2plY3Qu\nb3JnLmNughMqLmFtcHByb2plY3Qub3JnLmNughFhbXBwcm9qZWN0Lm5ldC5jboIT\nKi5hbXBwcm9qZWN0Lm5ldC5jboIXZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CGSou\nZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CF2dvb2dsZWFkc2VydmljZXMtY24uY29t\nghkqLmdvb2dsZWFkc2VydmljZXMtY24uY29tghFnb29nbGV2YWRzLWNuLmNvbYIT\nKi5nb29nbGV2YWRzLWNuLmNvbYIRZ29vZ2xlYXBpcy1jbi5jb22CEyouZ29vZ2xl\nYXBpcy1jbi5jb22CFWdvb2dsZW9wdGltaXplLWNuLmNvbYIXKi5nb29nbGVvcHRp\nbWl6ZS1jbi5jb22CEmRvdWJsZWNsaWNrLWNuLm5ldIIUKi5kb3VibGVjbGljay1j\nbi5uZXSCGCouZmxzLmRvdWJsZWNsaWNrLWNuLm5ldIIWKi5nLmRvdWJsZWNsaWNr\nLWNuLm5ldIIOZG91YmxlY2xpY2suY26CECouZG91YmxlY2xpY2suY26CFCouZmxz\nLmRvdWJsZWNsaWNrLmNughIqLmcuZG91YmxlY2xpY2suY26CEWRhcnRzZWFyY2gt\nY24ubmV0ghMqLmRhcnRzZWFyY2gtY24ubmV0gh1nb29nbGV0cmF2ZWxhZHNlcnZp\nY2VzLWNuLmNvbYIfKi5nb29nbGV0cmF2ZWxhZHNlcnZpY2VzLWNuLmNvbYIYZ29v\nZ2xldGFnc2VydmljZXMtY24uY29tghoqLmdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNv\nbYIXZ29vZ2xldGFnbWFuYWdlci1jbi5jb22CGSouZ29vZ2xldGFnbWFuYWdlci1j\nbi5jb22CGGdvb2dsZXN5bmRpY2F0aW9uLWNuLmNvbYIaKi5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CJCouc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLWNuLmNv\nbYIWYXBwLW1lYXN1cmVtZW50LWNuLmNvbYIYKi5hcHAtbWVhc3VyZW1lbnQtY24u\nY29tggtndnQxLWNuLmNvbYINKi5ndnQxLWNuLmNvbYILZ3Z0Mi1jbi5jb22CDSou\nZ3Z0Mi1jbi5jb22CCzJtZG4tY24ubmV0gg0qLjJtZG4tY24ubmV0ghRnb29nbGVm\nbGlnaHRzLWNuLm5ldIIWKi5nb29nbGVmbGlnaHRzLWNuLm5ldIIMYWRtb2ItY24u\nY29tgg4qLmFkbW9iLWNuLmNvbYINKi5nc3RhdGljLmNvbYIUKi5tZXRyaWMuZ3N0\nYXRpYy5jb22CCiouZ3Z0MS5jb22CESouZ2NwY2RuLmd2dDEuY29tggoqLmd2dDIu\nY29tgg4qLmdjcC5ndnQyLmNvbYIQKi51cmwuZ29vZ2xlLmNvbYIWKi55b3V0dWJl\nLW5vY29va2llLmNvbYILKi55dGltZy5jb22CC2FuZHJvaWQuY29tgg0qLmFuZHJv\naWQuY29tghMqLmZsYXNoLmFuZHJvaWQuY29tggRnLmNuggYqLmcuY26CBGcuY2+C\nBiouZy5jb4IGZ29vLmdsggp3d3cuZ29vLmdsghRnb29nbGUtYW5hbHl0aWNzLmNv\nbYIWKi5nb29nbGUtYW5hbHl0aWNzLmNvbYIKZ29vZ2xlLmNvbYISZ29vZ2xlY29t\nbWVyY2UuY29tghQqLmdvb2dsZWNvbW1lcmNlLmNvbYIIZ2dwaHQuY26CCiouZ2dw\naHQuY26CCnVyY2hpbi5jb22CDCoudXJjaGluLmNvbYIIeW91dHUuYmWCC3lvdXR1\nYmUuY29tgg0qLnlvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbYIWKi55\nb3V0dWJlZWR1Y2F0aW9uLmNvbYIPeW91dHViZWtpZHMuY29tghEqLnlvdXR1YmVr\naWRzLmNvbYIFeXQuYmWCByoueXQuYmWCGmFuZHJvaWQuY2xpZW50cy5nb29nbGUu\nY29tghtkZXZlbG9wZXIuYW5kcm9pZC5nb29nbGUuY26CHGRldmVsb3BlcnMuYW5k\ncm9pZC5nb29nbGUuY26CGHNvdXJjZS5hbmRyb2lkLmdvb2dsZS5jbjAhBgNVHSAE\nGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAvoC2GK2h0\ndHA6Ly9jcmxzLnBraS5nb29nL2d0czFjMy9RcUZ4Ymk5TTQ4Yy5jcmwwggEFBgor\nBgEEAdZ5AgQCBIH2BIHzAPEAdwApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZc\nJV3HhAAAAX1pt0b0AAAEAwBIMEYCIQC1x9lAp2IZtthi0mxfjtSDXCR714tElKsl\nM61c4kJv/gIhAJPjgGFY5XBnQSaV/jHFfoRcbksMU+lruflT+sfvLLqcAHYAQcjK\nsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF9abdHmAAABAMARzBFAiEA\nhzUCqPYG77z0wZUE3y2DmZhTaStBB9BMVBfYSQmYTogCIHbA8hBzj6kjpaw57Zid\ntP5Dz5Zli2xOJQB+W4s15tI8MA0GCSqGSIb3DQEBCwUAA4IBAQB2aorYRKwUQJI2\n80q1y1Q2Z8c6pem1MWxRX/Ptapmsp1ucrsmu+VaC1YMCSlW1exVieyMhOIvcKDBy\n/8L0FUEAmsL8fCTroRQ4DnZVLelFk9vmVsiSQtfYHOf6rwEbOrv+94kk964iQCLQ\nFYN5klRqI0hWa3wYe6tnXm/2PvPbAwqsnAq3q+Iek+3pGm6YTshJyA7P9L176psd\ndm6slAYpHOryFcrvXzu1lHSylCAFNT/OYcH1GLTf0qJXuN7YnX9swoYu2oCDkIyA\nHss2DDp7f8qf0VgDNNxZB8drZ9ID85YA3qgeIbHHAB8UIj8qkKXkmybfMxVL0lz3\niY73asSm\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "vU56xz130U36VqWYgldabl+ckbo=", - "fingerprint_sha256": "Etq1XziM4dAVPJQLgqP+8Xo2sL06Jdsb3IQ6Y10L9eI=", - "hpkp_pin": "Z7iX8iPL/tb+En3S+O8dX8VWg/fn/BYJGWopTO3cNqU=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2022-02-21T02:22:32", - "not_valid_before": "2021-11-29T02:22:33", - "public_key": { - "algorithm": "_EllipticCurvePublicKey", - "ec_curve_name": "secp256r1", - "ec_x": 73166589468063978768506719647133910110540739867789316741176125650210060900177, - "ec_y": 90630578406819255037429180973183047516286263827387529370526503825550657422685, - "key_size": 256, - "rsa_e": null, - "rsa_n": null - }, - "serial_number": 333285949074278727503634643736840240434, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.google.com", - "value": "*.google.com" - } - ], - "rfc4514_string": "CN=*.google.com" - }, - "subject_alternative_name": { - "dns": [ - "*.google.com", - "*.appengine.google.com", - "*.bdn.dev", - "*.cloud.google.com", - "*.crowdsource.google.com", - "*.datacompute.google.com", - "*.google.ca", - "*.google.cl", - "*.google.co.in", - "*.google.co.jp", - "*.google.co.uk", - "*.google.com.ar", - "*.google.com.au", - "*.google.com.br", - "*.google.com.co", - "*.google.com.mx", - "*.google.com.tr", - "*.google.com.vn", - "*.google.de", - "*.google.es", - "*.google.fr", - "*.google.hu", - "*.google.it", - "*.google.nl", - "*.google.pl", - "*.google.pt", - "*.googleadapis.com", - "*.googleapis.cn", - "*.googlevideo.com", - "*.gstatic.cn", - "*.gstatic-cn.com", - "googlecnapps.cn", - "*.googlecnapps.cn", - "googleapps-cn.com", - "*.googleapps-cn.com", - "gkecnapps.cn", - "*.gkecnapps.cn", - "googledownloads.cn", - "*.googledownloads.cn", - "recaptcha.net.cn", - "*.recaptcha.net.cn", - "widevine.cn", - "*.widevine.cn", - "ampproject.org.cn", - "*.ampproject.org.cn", - "ampproject.net.cn", - "*.ampproject.net.cn", - "google-analytics-cn.com", - "*.google-analytics-cn.com", - "googleadservices-cn.com", - "*.googleadservices-cn.com", - "googlevads-cn.com", - "*.googlevads-cn.com", - "googleapis-cn.com", - "*.googleapis-cn.com", - "googleoptimize-cn.com", - "*.googleoptimize-cn.com", - "doubleclick-cn.net", - "*.doubleclick-cn.net", - "*.fls.doubleclick-cn.net", - "*.g.doubleclick-cn.net", - "doubleclick.cn", - "*.doubleclick.cn", - "*.fls.doubleclick.cn", - "*.g.doubleclick.cn", - "dartsearch-cn.net", - "*.dartsearch-cn.net", - "googletraveladservices-cn.com", - "*.googletraveladservices-cn.com", - "googletagservices-cn.com", - "*.googletagservices-cn.com", - "googletagmanager-cn.com", - "*.googletagmanager-cn.com", - "googlesyndication-cn.com", - "*.googlesyndication-cn.com", - "*.safeframe.googlesyndication-cn.com", - "app-measurement-cn.com", - "*.app-measurement-cn.com", - "gvt1-cn.com", - "*.gvt1-cn.com", - "gvt2-cn.com", - "*.gvt2-cn.com", - "2mdn-cn.net", - "*.2mdn-cn.net", - "googleflights-cn.net", - "*.googleflights-cn.net", - "admob-cn.com", - "*.admob-cn.com", - "*.gstatic.com", - "*.metric.gstatic.com", - "*.gvt1.com", - "*.gcpcdn.gvt1.com", - "*.gvt2.com", - "*.gcp.gvt2.com", - "*.url.google.com", - "*.youtube-nocookie.com", - "*.ytimg.com", - "android.com", - "*.android.com", - "*.flash.android.com", - "g.cn", - "*.g.cn", - "g.co", - "*.g.co", - "goo.gl", - "www.goo.gl", - "google-analytics.com", - "*.google-analytics.com", - "google.com", - "googlecommerce.com", - "*.googlecommerce.com", - "ggpht.cn", - "*.ggpht.cn", - "urchin.com", - "*.urchin.com", - "youtu.be", - "youtube.com", - "*.youtube.com", - "youtubeeducation.com", - "*.youtubeeducation.com", - "youtubekids.com", - "*.youtubekids.com", - "yt.be", - "*.yt.be", - "android.clients.google.com", - "developer.android.google.cn", - "developers.android.google.cn", - "source.android.google.cn" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", - "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", - "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2027-09-30T00:00:42", - "not_valid_before": "2020-08-13T00:00:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 - }, - "serial_number": 159612451717983579589660725350, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", - "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", - "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2036-06-22T00:00:00", - "not_valid_before": "2016-06-22T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 - }, - "serial_number": 146587175971765017618439757810265552097, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.12", - "name": "sha384WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 48, - "name": "sha384" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - } - ], - "received_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIINsjCCDJqgAwIBAgIRAPq8ife/MxCUCgAAAAEl/TIwDQYJKoZIhvcNAQELBQAw\nRjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM\nTEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjExMTI5MDIyMjMzWhcNMjIwMjIx\nMDIyMjMyWjAXMRUwEwYDVQQDDAwqLmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggq\nhkjOPQMBBwNCAAShwtJ0zDJohmgYDI9a4Sxu+2c8JyYLtfnS/wdyRoIXUchfFuyr\nWO+bwp1BW6Fkauoqu0LeDXO8oysHN8gba4Vdo4ILkzCCC48wDgYDVR0PAQH/BAQD\nAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE\nFAQOcJ1gEZcBGw5+crGZ5Sj3KeByMB8GA1UdIwQYMBaAFIp0f6+Fze6VzT2c0OJG\nFPNxNR0nMGoGCCsGAQUFBwEBBF4wXDAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Au\ncGtpLmdvb2cvZ3RzMWMzMDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVw\nby9jZXJ0cy9ndHMxYzMuZGVyMIIJQgYDVR0RBIIJOTCCCTWCDCouZ29vZ2xlLmNv\nbYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYIJKi5iZG4uZGV2ghIqLmNsb3VkLmdv\nb2dsZS5jb22CGCouY3Jvd2Rzb3VyY2UuZ29vZ2xlLmNvbYIYKi5kYXRhY29tcHV0\nZS5nb29nbGUuY29tggsqLmdvb2dsZS5jYYILKi5nb29nbGUuY2yCDiouZ29vZ2xl\nLmNvLmlugg4qLmdvb2dsZS5jby5qcIIOKi5nb29nbGUuY28udWuCDyouZ29vZ2xl\nLmNvbS5hcoIPKi5nb29nbGUuY29tLmF1gg8qLmdvb2dsZS5jb20uYnKCDyouZ29v\nZ2xlLmNvbS5jb4IPKi5nb29nbGUuY29tLm14gg8qLmdvb2dsZS5jb20udHKCDyou\nZ29vZ2xlLmNvbS52boILKi5nb29nbGUuZGWCCyouZ29vZ2xlLmVzggsqLmdvb2ds\nZS5mcoILKi5nb29nbGUuaHWCCyouZ29vZ2xlLml0ggsqLmdvb2dsZS5ubIILKi5n\nb29nbGUucGyCCyouZ29vZ2xlLnB0ghIqLmdvb2dsZWFkYXBpcy5jb22CDyouZ29v\nZ2xlYXBpcy5jboIRKi5nb29nbGV2aWRlby5jb22CDCouZ3N0YXRpYy5jboIQKi5n\nc3RhdGljLWNuLmNvbYIPZ29vZ2xlY25hcHBzLmNughEqLmdvb2dsZWNuYXBwcy5j\nboIRZ29vZ2xlYXBwcy1jbi5jb22CEyouZ29vZ2xlYXBwcy1jbi5jb22CDGdrZWNu\nYXBwcy5jboIOKi5na2VjbmFwcHMuY26CEmdvb2dsZWRvd25sb2Fkcy5jboIUKi5n\nb29nbGVkb3dubG9hZHMuY26CEHJlY2FwdGNoYS5uZXQuY26CEioucmVjYXB0Y2hh\nLm5ldC5jboILd2lkZXZpbmUuY26CDSoud2lkZXZpbmUuY26CEWFtcHByb2plY3Qu\nb3JnLmNughMqLmFtcHByb2plY3Qub3JnLmNughFhbXBwcm9qZWN0Lm5ldC5jboIT\nKi5hbXBwcm9qZWN0Lm5ldC5jboIXZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CGSou\nZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CF2dvb2dsZWFkc2VydmljZXMtY24uY29t\nghkqLmdvb2dsZWFkc2VydmljZXMtY24uY29tghFnb29nbGV2YWRzLWNuLmNvbYIT\nKi5nb29nbGV2YWRzLWNuLmNvbYIRZ29vZ2xlYXBpcy1jbi5jb22CEyouZ29vZ2xl\nYXBpcy1jbi5jb22CFWdvb2dsZW9wdGltaXplLWNuLmNvbYIXKi5nb29nbGVvcHRp\nbWl6ZS1jbi5jb22CEmRvdWJsZWNsaWNrLWNuLm5ldIIUKi5kb3VibGVjbGljay1j\nbi5uZXSCGCouZmxzLmRvdWJsZWNsaWNrLWNuLm5ldIIWKi5nLmRvdWJsZWNsaWNr\nLWNuLm5ldIIOZG91YmxlY2xpY2suY26CECouZG91YmxlY2xpY2suY26CFCouZmxz\nLmRvdWJsZWNsaWNrLmNughIqLmcuZG91YmxlY2xpY2suY26CEWRhcnRzZWFyY2gt\nY24ubmV0ghMqLmRhcnRzZWFyY2gtY24ubmV0gh1nb29nbGV0cmF2ZWxhZHNlcnZp\nY2VzLWNuLmNvbYIfKi5nb29nbGV0cmF2ZWxhZHNlcnZpY2VzLWNuLmNvbYIYZ29v\nZ2xldGFnc2VydmljZXMtY24uY29tghoqLmdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNv\nbYIXZ29vZ2xldGFnbWFuYWdlci1jbi5jb22CGSouZ29vZ2xldGFnbWFuYWdlci1j\nbi5jb22CGGdvb2dsZXN5bmRpY2F0aW9uLWNuLmNvbYIaKi5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CJCouc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLWNuLmNv\nbYIWYXBwLW1lYXN1cmVtZW50LWNuLmNvbYIYKi5hcHAtbWVhc3VyZW1lbnQtY24u\nY29tggtndnQxLWNuLmNvbYINKi5ndnQxLWNuLmNvbYILZ3Z0Mi1jbi5jb22CDSou\nZ3Z0Mi1jbi5jb22CCzJtZG4tY24ubmV0gg0qLjJtZG4tY24ubmV0ghRnb29nbGVm\nbGlnaHRzLWNuLm5ldIIWKi5nb29nbGVmbGlnaHRzLWNuLm5ldIIMYWRtb2ItY24u\nY29tgg4qLmFkbW9iLWNuLmNvbYINKi5nc3RhdGljLmNvbYIUKi5tZXRyaWMuZ3N0\nYXRpYy5jb22CCiouZ3Z0MS5jb22CESouZ2NwY2RuLmd2dDEuY29tggoqLmd2dDIu\nY29tgg4qLmdjcC5ndnQyLmNvbYIQKi51cmwuZ29vZ2xlLmNvbYIWKi55b3V0dWJl\nLW5vY29va2llLmNvbYILKi55dGltZy5jb22CC2FuZHJvaWQuY29tgg0qLmFuZHJv\naWQuY29tghMqLmZsYXNoLmFuZHJvaWQuY29tggRnLmNuggYqLmcuY26CBGcuY2+C\nBiouZy5jb4IGZ29vLmdsggp3d3cuZ29vLmdsghRnb29nbGUtYW5hbHl0aWNzLmNv\nbYIWKi5nb29nbGUtYW5hbHl0aWNzLmNvbYIKZ29vZ2xlLmNvbYISZ29vZ2xlY29t\nbWVyY2UuY29tghQqLmdvb2dsZWNvbW1lcmNlLmNvbYIIZ2dwaHQuY26CCiouZ2dw\naHQuY26CCnVyY2hpbi5jb22CDCoudXJjaGluLmNvbYIIeW91dHUuYmWCC3lvdXR1\nYmUuY29tgg0qLnlvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbYIWKi55\nb3V0dWJlZWR1Y2F0aW9uLmNvbYIPeW91dHViZWtpZHMuY29tghEqLnlvdXR1YmVr\naWRzLmNvbYIFeXQuYmWCByoueXQuYmWCGmFuZHJvaWQuY2xpZW50cy5nb29nbGUu\nY29tghtkZXZlbG9wZXIuYW5kcm9pZC5nb29nbGUuY26CHGRldmVsb3BlcnMuYW5k\ncm9pZC5nb29nbGUuY26CGHNvdXJjZS5hbmRyb2lkLmdvb2dsZS5jbjAhBgNVHSAE\nGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAvoC2GK2h0\ndHA6Ly9jcmxzLnBraS5nb29nL2d0czFjMy9RcUZ4Ymk5TTQ4Yy5jcmwwggEFBgor\nBgEEAdZ5AgQCBIH2BIHzAPEAdwApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZc\nJV3HhAAAAX1pt0b0AAAEAwBIMEYCIQC1x9lAp2IZtthi0mxfjtSDXCR714tElKsl\nM61c4kJv/gIhAJPjgGFY5XBnQSaV/jHFfoRcbksMU+lruflT+sfvLLqcAHYAQcjK\nsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF9abdHmAAABAMARzBFAiEA\nhzUCqPYG77z0wZUE3y2DmZhTaStBB9BMVBfYSQmYTogCIHbA8hBzj6kjpaw57Zid\ntP5Dz5Zli2xOJQB+W4s15tI8MA0GCSqGSIb3DQEBCwUAA4IBAQB2aorYRKwUQJI2\n80q1y1Q2Z8c6pem1MWxRX/Ptapmsp1ucrsmu+VaC1YMCSlW1exVieyMhOIvcKDBy\n/8L0FUEAmsL8fCTroRQ4DnZVLelFk9vmVsiSQtfYHOf6rwEbOrv+94kk964iQCLQ\nFYN5klRqI0hWa3wYe6tnXm/2PvPbAwqsnAq3q+Iek+3pGm6YTshJyA7P9L176psd\ndm6slAYpHOryFcrvXzu1lHSylCAFNT/OYcH1GLTf0qJXuN7YnX9swoYu2oCDkIyA\nHss2DDp7f8qf0VgDNNxZB8drZ9ID85YA3qgeIbHHAB8UIj8qkKXkmybfMxVL0lz3\niY73asSm\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "vU56xz130U36VqWYgldabl+ckbo=", - "fingerprint_sha256": "Etq1XziM4dAVPJQLgqP+8Xo2sL06Jdsb3IQ6Y10L9eI=", - "hpkp_pin": "Z7iX8iPL/tb+En3S+O8dX8VWg/fn/BYJGWopTO3cNqU=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2022-02-21T02:22:32", - "not_valid_before": "2021-11-29T02:22:33", - "public_key": { - "algorithm": "_EllipticCurvePublicKey", - "ec_curve_name": "secp256r1", - "ec_x": 73166589468063978768506719647133910110540739867789316741176125650210060900177, - "ec_y": 90630578406819255037429180973183047516286263827387529370526503825550657422685, - "key_size": 256, - "rsa_e": null, - "rsa_n": null - }, - "serial_number": 333285949074278727503634643736840240434, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.google.com", - "value": "*.google.com" - } - ], - "rfc4514_string": "CN=*.google.com" - }, - "subject_alternative_name": { - "dns": [ - "*.google.com", - "*.appengine.google.com", - "*.bdn.dev", - "*.cloud.google.com", - "*.crowdsource.google.com", - "*.datacompute.google.com", - "*.google.ca", - "*.google.cl", - "*.google.co.in", - "*.google.co.jp", - "*.google.co.uk", - "*.google.com.ar", - "*.google.com.au", - "*.google.com.br", - "*.google.com.co", - "*.google.com.mx", - "*.google.com.tr", - "*.google.com.vn", - "*.google.de", - "*.google.es", - "*.google.fr", - "*.google.hu", - "*.google.it", - "*.google.nl", - "*.google.pl", - "*.google.pt", - "*.googleadapis.com", - "*.googleapis.cn", - "*.googlevideo.com", - "*.gstatic.cn", - "*.gstatic-cn.com", - "googlecnapps.cn", - "*.googlecnapps.cn", - "googleapps-cn.com", - "*.googleapps-cn.com", - "gkecnapps.cn", - "*.gkecnapps.cn", - "googledownloads.cn", - "*.googledownloads.cn", - "recaptcha.net.cn", - "*.recaptcha.net.cn", - "widevine.cn", - "*.widevine.cn", - "ampproject.org.cn", - "*.ampproject.org.cn", - "ampproject.net.cn", - "*.ampproject.net.cn", - "google-analytics-cn.com", - "*.google-analytics-cn.com", - "googleadservices-cn.com", - "*.googleadservices-cn.com", - "googlevads-cn.com", - "*.googlevads-cn.com", - "googleapis-cn.com", - "*.googleapis-cn.com", - "googleoptimize-cn.com", - "*.googleoptimize-cn.com", - "doubleclick-cn.net", - "*.doubleclick-cn.net", - "*.fls.doubleclick-cn.net", - "*.g.doubleclick-cn.net", - "doubleclick.cn", - "*.doubleclick.cn", - "*.fls.doubleclick.cn", - "*.g.doubleclick.cn", - "dartsearch-cn.net", - "*.dartsearch-cn.net", - "googletraveladservices-cn.com", - "*.googletraveladservices-cn.com", - "googletagservices-cn.com", - "*.googletagservices-cn.com", - "googletagmanager-cn.com", - "*.googletagmanager-cn.com", - "googlesyndication-cn.com", - "*.googlesyndication-cn.com", - "*.safeframe.googlesyndication-cn.com", - "app-measurement-cn.com", - "*.app-measurement-cn.com", - "gvt1-cn.com", - "*.gvt1-cn.com", - "gvt2-cn.com", - "*.gvt2-cn.com", - "2mdn-cn.net", - "*.2mdn-cn.net", - "googleflights-cn.net", - "*.googleflights-cn.net", - "admob-cn.com", - "*.admob-cn.com", - "*.gstatic.com", - "*.metric.gstatic.com", - "*.gvt1.com", - "*.gcpcdn.gvt1.com", - "*.gvt2.com", - "*.gcp.gvt2.com", - "*.url.google.com", - "*.youtube-nocookie.com", - "*.ytimg.com", - "android.com", - "*.android.com", - "*.flash.android.com", - "g.cn", - "*.g.cn", - "g.co", - "*.g.co", - "goo.gl", - "www.goo.gl", - "google-analytics.com", - "*.google-analytics.com", - "google.com", - "googlecommerce.com", - "*.googlecommerce.com", - "ggpht.cn", - "*.ggpht.cn", - "urchin.com", - "*.urchin.com", - "youtu.be", - "youtube.com", - "*.youtube.com", - "youtubeeducation.com", - "*.youtubeeducation.com", - "youtubekids.com", - "*.youtubekids.com", - "yt.be", - "*.yt.be", - "android.clients.google.com", - "developer.android.google.cn", - "developers.android.google.cn", - "source.android.google.cn" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", - "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", - "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2027-09-30T00:00:42", - "not_valid_before": "2020-08-13T00:00:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 - }, - "serial_number": 159612451717983579589660725350, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFYjCCBEqgAwIBAgIQd70NbNs2+RrqIQ/E8FjTDTANBgkqhkiG9w0BAQsFADBX\nMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE\nCxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIwMDYx\nOTAwMDA0MloXDTI4MDEyODAwMDA0MlowRzELMAkGA1UEBhMCVVMxIjAgBgNVBAoT\nGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBMTEMxFDASBgNVBAMTC0dUUyBSb290IFIx\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAthECix7joXebO9y/lD63\nladAPKH9gvl9MgaCcfb2jH/76Nu8ai6Xl6OMS/kr9rH5zoQdsfnFl97vufKj6bwS\niV6nqlKr+CMny6SxnGPb15l+8Ape62im9MZaRw1NEDPjTrETo8gYbEvs/AmQ351k\nKSUjB6G00j0uYODP0gmHu81I8E3CwnqIiru6z1kZ1q+PsAewnjHxgsHA3y6mbWwZ\nDrXYfiYaRQM9sHmklCitD38m5agI/pboPGiUU+6DOogrFZYJsuB6jC511pzrp1Zk\nj5ZPaK49l8KEj8C8QMALXL32h7M1bKwYUH+E4EzNktMg6TO8UpmvMrUpsyUqtEj5\ncuHKZPfmghCN6J3Cioj6OGaK/GP5Afl4/Xtcd/p2h/rs37EOeZVXtL0m79YB0esW\nCruOC7XFxYpVq9Os6pFLKcwZpDIlTirxZUTQAs6qzkm06p98g7BAe+dDq6dso499\niYH6TKX/1Y7DzkvgtdizjkXPdsDtQCv9Uw+wp9U7DbGKogPeMa3Md+pvez7W35Ei\nEua++tgy/BBjFFFy3l3WFpO9KWgz7zpm7AeKJt8T11dleCfeXkkUAKIAf5qoIbap\nsZWwpbkNFhHax2xIPEDgfg1azVY80ZcFuctL7TlLnMQ/0lUTbiSw1nH69MG6zO0b\n9f6BQdgAmD06yK56mDcYBZUCAwEAAaOCATgwggE0MA4GA1UdDwEB/wQEAwIBhjAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTkrysmcRorSCeFL1JmLO/wiRNxPjAf\nBgNVHSMEGDAWgBRge2YaRQ2XyolQL30EzTSo//z9SzBgBggrBgEFBQcBAQRUMFIw\nJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnBraS5nb29nL2dzcjEwKQYIKwYBBQUH\nMAKGHWh0dHA6Ly9wa2kuZ29vZy9nc3IxL2dzcjEuY3J0MDIGA1UdHwQrMCkwJ6Al\noCOGIWh0dHA6Ly9jcmwucGtpLmdvb2cvZ3NyMS9nc3IxLmNybDA7BgNVHSAENDAy\nMAgGBmeBDAECATAIBgZngQwBAgIwDQYLKwYBBAHWeQIFAwIwDQYLKwYBBAHWeQIF\nAwMwDQYJKoZIhvcNAQELBQADggEBADSkHrEoo9C0dhemMXoh6dFSPsjbdBZBiLg9\nNR3t5P+T4Vxfq7vqfM/b5A3Ri1fyJm9bvhdGaJQ3b2t6yMAYN/olUazsaL+yyEn9\nWprKASOshIArAoyZl+tJaox118fessmXn1hIVw41oeQa1v1vg4Fv74zPl6/AhSrw\n9U5pCZEt4Wi4wStz6dTZ/CLANx8LZh1J7QJVj2fhMtfTJr9w4z30Z209fOU0iOMy\n+qduBmpvvYuR7hZL6Dupszfnw0Skfths18dG9ZKb59UhvmaSGZRVbNQpsg3BZlvi\nd0lIKO2d1xozclOzgjXPYovJJIultzkMu34qQb9Sz/yilrbCgj8=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "CHRUh+iRwZ4weMHyoH5FKVDvNvY=", - "fingerprint_sha256": "PuAnjfcfo8ElxM1IfwHXdGlOb8V+DNlMJO/XaRM5GOU=", - "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=BE", - "value": "BE" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=GlobalSign nv-sa", - "value": "GlobalSign nv-sa" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=Root CA", - "value": "Root CA" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GlobalSign Root CA", - "value": "GlobalSign Root CA" - } - ], - "rfc4514_string": "CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE" - }, - "not_valid_after": "2028-01-28T00:00:42", - "not_valid_before": "2020-06-19T00:00:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 - }, - "serial_number": 159159747900478145820483398898491642637, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "received_chain_contains_anchor_certificate": false, - "received_chain_has_valid_order": true, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIINsjCCDJqgAwIBAgIRAPq8ife/MxCUCgAAAAEl/TIwDQYJKoZIhvcNAQELBQAw\nRjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM\nTEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjExMTI5MDIyMjMzWhcNMjIwMjIx\nMDIyMjMyWjAXMRUwEwYDVQQDDAwqLmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggq\nhkjOPQMBBwNCAAShwtJ0zDJohmgYDI9a4Sxu+2c8JyYLtfnS/wdyRoIXUchfFuyr\nWO+bwp1BW6Fkauoqu0LeDXO8oysHN8gba4Vdo4ILkzCCC48wDgYDVR0PAQH/BAQD\nAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE\nFAQOcJ1gEZcBGw5+crGZ5Sj3KeByMB8GA1UdIwQYMBaAFIp0f6+Fze6VzT2c0OJG\nFPNxNR0nMGoGCCsGAQUFBwEBBF4wXDAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Au\ncGtpLmdvb2cvZ3RzMWMzMDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVw\nby9jZXJ0cy9ndHMxYzMuZGVyMIIJQgYDVR0RBIIJOTCCCTWCDCouZ29vZ2xlLmNv\nbYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYIJKi5iZG4uZGV2ghIqLmNsb3VkLmdv\nb2dsZS5jb22CGCouY3Jvd2Rzb3VyY2UuZ29vZ2xlLmNvbYIYKi5kYXRhY29tcHV0\nZS5nb29nbGUuY29tggsqLmdvb2dsZS5jYYILKi5nb29nbGUuY2yCDiouZ29vZ2xl\nLmNvLmlugg4qLmdvb2dsZS5jby5qcIIOKi5nb29nbGUuY28udWuCDyouZ29vZ2xl\nLmNvbS5hcoIPKi5nb29nbGUuY29tLmF1gg8qLmdvb2dsZS5jb20uYnKCDyouZ29v\nZ2xlLmNvbS5jb4IPKi5nb29nbGUuY29tLm14gg8qLmdvb2dsZS5jb20udHKCDyou\nZ29vZ2xlLmNvbS52boILKi5nb29nbGUuZGWCCyouZ29vZ2xlLmVzggsqLmdvb2ds\nZS5mcoILKi5nb29nbGUuaHWCCyouZ29vZ2xlLml0ggsqLmdvb2dsZS5ubIILKi5n\nb29nbGUucGyCCyouZ29vZ2xlLnB0ghIqLmdvb2dsZWFkYXBpcy5jb22CDyouZ29v\nZ2xlYXBpcy5jboIRKi5nb29nbGV2aWRlby5jb22CDCouZ3N0YXRpYy5jboIQKi5n\nc3RhdGljLWNuLmNvbYIPZ29vZ2xlY25hcHBzLmNughEqLmdvb2dsZWNuYXBwcy5j\nboIRZ29vZ2xlYXBwcy1jbi5jb22CEyouZ29vZ2xlYXBwcy1jbi5jb22CDGdrZWNu\nYXBwcy5jboIOKi5na2VjbmFwcHMuY26CEmdvb2dsZWRvd25sb2Fkcy5jboIUKi5n\nb29nbGVkb3dubG9hZHMuY26CEHJlY2FwdGNoYS5uZXQuY26CEioucmVjYXB0Y2hh\nLm5ldC5jboILd2lkZXZpbmUuY26CDSoud2lkZXZpbmUuY26CEWFtcHByb2plY3Qu\nb3JnLmNughMqLmFtcHByb2plY3Qub3JnLmNughFhbXBwcm9qZWN0Lm5ldC5jboIT\nKi5hbXBwcm9qZWN0Lm5ldC5jboIXZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CGSou\nZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CF2dvb2dsZWFkc2VydmljZXMtY24uY29t\nghkqLmdvb2dsZWFkc2VydmljZXMtY24uY29tghFnb29nbGV2YWRzLWNuLmNvbYIT\nKi5nb29nbGV2YWRzLWNuLmNvbYIRZ29vZ2xlYXBpcy1jbi5jb22CEyouZ29vZ2xl\nYXBpcy1jbi5jb22CFWdvb2dsZW9wdGltaXplLWNuLmNvbYIXKi5nb29nbGVvcHRp\nbWl6ZS1jbi5jb22CEmRvdWJsZWNsaWNrLWNuLm5ldIIUKi5kb3VibGVjbGljay1j\nbi5uZXSCGCouZmxzLmRvdWJsZWNsaWNrLWNuLm5ldIIWKi5nLmRvdWJsZWNsaWNr\nLWNuLm5ldIIOZG91YmxlY2xpY2suY26CECouZG91YmxlY2xpY2suY26CFCouZmxz\nLmRvdWJsZWNsaWNrLmNughIqLmcuZG91YmxlY2xpY2suY26CEWRhcnRzZWFyY2gt\nY24ubmV0ghMqLmRhcnRzZWFyY2gtY24ubmV0gh1nb29nbGV0cmF2ZWxhZHNlcnZp\nY2VzLWNuLmNvbYIfKi5nb29nbGV0cmF2ZWxhZHNlcnZpY2VzLWNuLmNvbYIYZ29v\nZ2xldGFnc2VydmljZXMtY24uY29tghoqLmdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNv\nbYIXZ29vZ2xldGFnbWFuYWdlci1jbi5jb22CGSouZ29vZ2xldGFnbWFuYWdlci1j\nbi5jb22CGGdvb2dsZXN5bmRpY2F0aW9uLWNuLmNvbYIaKi5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CJCouc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLWNuLmNv\nbYIWYXBwLW1lYXN1cmVtZW50LWNuLmNvbYIYKi5hcHAtbWVhc3VyZW1lbnQtY24u\nY29tggtndnQxLWNuLmNvbYINKi5ndnQxLWNuLmNvbYILZ3Z0Mi1jbi5jb22CDSou\nZ3Z0Mi1jbi5jb22CCzJtZG4tY24ubmV0gg0qLjJtZG4tY24ubmV0ghRnb29nbGVm\nbGlnaHRzLWNuLm5ldIIWKi5nb29nbGVmbGlnaHRzLWNuLm5ldIIMYWRtb2ItY24u\nY29tgg4qLmFkbW9iLWNuLmNvbYINKi5nc3RhdGljLmNvbYIUKi5tZXRyaWMuZ3N0\nYXRpYy5jb22CCiouZ3Z0MS5jb22CESouZ2NwY2RuLmd2dDEuY29tggoqLmd2dDIu\nY29tgg4qLmdjcC5ndnQyLmNvbYIQKi51cmwuZ29vZ2xlLmNvbYIWKi55b3V0dWJl\nLW5vY29va2llLmNvbYILKi55dGltZy5jb22CC2FuZHJvaWQuY29tgg0qLmFuZHJv\naWQuY29tghMqLmZsYXNoLmFuZHJvaWQuY29tggRnLmNuggYqLmcuY26CBGcuY2+C\nBiouZy5jb4IGZ29vLmdsggp3d3cuZ29vLmdsghRnb29nbGUtYW5hbHl0aWNzLmNv\nbYIWKi5nb29nbGUtYW5hbHl0aWNzLmNvbYIKZ29vZ2xlLmNvbYISZ29vZ2xlY29t\nbWVyY2UuY29tghQqLmdvb2dsZWNvbW1lcmNlLmNvbYIIZ2dwaHQuY26CCiouZ2dw\naHQuY26CCnVyY2hpbi5jb22CDCoudXJjaGluLmNvbYIIeW91dHUuYmWCC3lvdXR1\nYmUuY29tgg0qLnlvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbYIWKi55\nb3V0dWJlZWR1Y2F0aW9uLmNvbYIPeW91dHViZWtpZHMuY29tghEqLnlvdXR1YmVr\naWRzLmNvbYIFeXQuYmWCByoueXQuYmWCGmFuZHJvaWQuY2xpZW50cy5nb29nbGUu\nY29tghtkZXZlbG9wZXIuYW5kcm9pZC5nb29nbGUuY26CHGRldmVsb3BlcnMuYW5k\ncm9pZC5nb29nbGUuY26CGHNvdXJjZS5hbmRyb2lkLmdvb2dsZS5jbjAhBgNVHSAE\nGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAvoC2GK2h0\ndHA6Ly9jcmxzLnBraS5nb29nL2d0czFjMy9RcUZ4Ymk5TTQ4Yy5jcmwwggEFBgor\nBgEEAdZ5AgQCBIH2BIHzAPEAdwApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZc\nJV3HhAAAAX1pt0b0AAAEAwBIMEYCIQC1x9lAp2IZtthi0mxfjtSDXCR714tElKsl\nM61c4kJv/gIhAJPjgGFY5XBnQSaV/jHFfoRcbksMU+lruflT+sfvLLqcAHYAQcjK\nsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF9abdHmAAABAMARzBFAiEA\nhzUCqPYG77z0wZUE3y2DmZhTaStBB9BMVBfYSQmYTogCIHbA8hBzj6kjpaw57Zid\ntP5Dz5Zli2xOJQB+W4s15tI8MA0GCSqGSIb3DQEBCwUAA4IBAQB2aorYRKwUQJI2\n80q1y1Q2Z8c6pem1MWxRX/Ptapmsp1ucrsmu+VaC1YMCSlW1exVieyMhOIvcKDBy\n/8L0FUEAmsL8fCTroRQ4DnZVLelFk9vmVsiSQtfYHOf6rwEbOrv+94kk964iQCLQ\nFYN5klRqI0hWa3wYe6tnXm/2PvPbAwqsnAq3q+Iek+3pGm6YTshJyA7P9L176psd\ndm6slAYpHOryFcrvXzu1lHSylCAFNT/OYcH1GLTf0qJXuN7YnX9swoYu2oCDkIyA\nHss2DDp7f8qf0VgDNNxZB8drZ9ID85YA3qgeIbHHAB8UIj8qkKXkmybfMxVL0lz3\niY73asSm\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "vU56xz130U36VqWYgldabl+ckbo=", - "fingerprint_sha256": "Etq1XziM4dAVPJQLgqP+8Xo2sL06Jdsb3IQ6Y10L9eI=", - "hpkp_pin": "Z7iX8iPL/tb+En3S+O8dX8VWg/fn/BYJGWopTO3cNqU=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2022-02-21T02:22:32", - "not_valid_before": "2021-11-29T02:22:33", - "public_key": { - "algorithm": "_EllipticCurvePublicKey", - "ec_curve_name": "secp256r1", - "ec_x": 73166589468063978768506719647133910110540739867789316741176125650210060900177, - "ec_y": 90630578406819255037429180973183047516286263827387529370526503825550657422685, - "key_size": 256, - "rsa_e": null, - "rsa_n": null - }, - "serial_number": 333285949074278727503634643736840240434, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.google.com", - "value": "*.google.com" - } - ], - "rfc4514_string": "CN=*.google.com" - }, - "subject_alternative_name": { - "dns": [ - "*.google.com", - "*.appengine.google.com", - "*.bdn.dev", - "*.cloud.google.com", - "*.crowdsource.google.com", - "*.datacompute.google.com", - "*.google.ca", - "*.google.cl", - "*.google.co.in", - "*.google.co.jp", - "*.google.co.uk", - "*.google.com.ar", - "*.google.com.au", - "*.google.com.br", - "*.google.com.co", - "*.google.com.mx", - "*.google.com.tr", - "*.google.com.vn", - "*.google.de", - "*.google.es", - "*.google.fr", - "*.google.hu", - "*.google.it", - "*.google.nl", - "*.google.pl", - "*.google.pt", - "*.googleadapis.com", - "*.googleapis.cn", - "*.googlevideo.com", - "*.gstatic.cn", - "*.gstatic-cn.com", - "googlecnapps.cn", - "*.googlecnapps.cn", - "googleapps-cn.com", - "*.googleapps-cn.com", - "gkecnapps.cn", - "*.gkecnapps.cn", - "googledownloads.cn", - "*.googledownloads.cn", - "recaptcha.net.cn", - "*.recaptcha.net.cn", - "widevine.cn", - "*.widevine.cn", - "ampproject.org.cn", - "*.ampproject.org.cn", - "ampproject.net.cn", - "*.ampproject.net.cn", - "google-analytics-cn.com", - "*.google-analytics-cn.com", - "googleadservices-cn.com", - "*.googleadservices-cn.com", - "googlevads-cn.com", - "*.googlevads-cn.com", - "googleapis-cn.com", - "*.googleapis-cn.com", - "googleoptimize-cn.com", - "*.googleoptimize-cn.com", - "doubleclick-cn.net", - "*.doubleclick-cn.net", - "*.fls.doubleclick-cn.net", - "*.g.doubleclick-cn.net", - "doubleclick.cn", - "*.doubleclick.cn", - "*.fls.doubleclick.cn", - "*.g.doubleclick.cn", - "dartsearch-cn.net", - "*.dartsearch-cn.net", - "googletraveladservices-cn.com", - "*.googletraveladservices-cn.com", - "googletagservices-cn.com", - "*.googletagservices-cn.com", - "googletagmanager-cn.com", - "*.googletagmanager-cn.com", - "googlesyndication-cn.com", - "*.googlesyndication-cn.com", - "*.safeframe.googlesyndication-cn.com", - "app-measurement-cn.com", - "*.app-measurement-cn.com", - "gvt1-cn.com", - "*.gvt1-cn.com", - "gvt2-cn.com", - "*.gvt2-cn.com", - "2mdn-cn.net", - "*.2mdn-cn.net", - "googleflights-cn.net", - "*.googleflights-cn.net", - "admob-cn.com", - "*.admob-cn.com", - "*.gstatic.com", - "*.metric.gstatic.com", - "*.gvt1.com", - "*.gcpcdn.gvt1.com", - "*.gvt2.com", - "*.gcp.gvt2.com", - "*.url.google.com", - "*.youtube-nocookie.com", - "*.ytimg.com", - "android.com", - "*.android.com", - "*.flash.android.com", - "g.cn", - "*.g.cn", - "g.co", - "*.g.co", - "goo.gl", - "www.goo.gl", - "google-analytics.com", - "*.google-analytics.com", - "google.com", - "googlecommerce.com", - "*.googlecommerce.com", - "ggpht.cn", - "*.ggpht.cn", - "urchin.com", - "*.urchin.com", - "youtu.be", - "youtube.com", - "*.youtube.com", - "youtubeeducation.com", - "*.youtubeeducation.com", - "youtubekids.com", - "*.youtubekids.com", - "yt.be", - "*.yt.be", - "android.clients.google.com", - "developer.android.google.cn", - "developers.android.google.cn", - "source.android.google.cn" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", - "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", - "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2027-09-30T00:00:42", - "not_valid_before": "2020-08-13T00:00:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 - }, - "serial_number": 159612451717983579589660725350, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", - "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", - "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2036-06-22T00:00:00", - "not_valid_before": "2016-06-22T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 - }, - "serial_number": 146587175971765017618439757810265552097, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.12", - "name": "sha384WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 48, - "name": "sha384" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "verified_chain_has_legacy_symantec_anchor": false, - "verified_chain_has_sha1_signature": false - }, - { - "leaf_certificate_has_must_staple_extension": false, - "leaf_certificate_is_ev": false, - "leaf_certificate_signed_certificate_timestamps_count": 2, - "leaf_certificate_subject_matches_hostname": true, - "ocsp_response": null, - "ocsp_response_is_trusted": null, - "path_validation_results": [ - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Android", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/google_aosp.pem", - "version": "12.0.0_r3" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIOfTCCDWWgAwIBAgIQd+2aBfss7EsKAAAAASX9FTANBgkqhkiG9w0BAQsFADBG\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzETMBEGA1UEAxMKR1RTIENBIDFDMzAeFw0yMTExMjkwMjIxNDBaFw0yMjAyMjEw\nMjIxMzlaMBcxFTATBgNVBAMMDCouZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAK1kyHzdiamF+Vh9PQCWLDW0Vp2ANmwZqiacEv/eFnfR\n2UcU9aZ7Hpd8hxfUYTnXsOL5nNW/NO1go/7c3gOxHTysGFHL5ABwzX94qpXpBaGQ\nkGg5IW9s0PDeZWJIIcgxcNAmT6C3WZh8ZC++EksniGezcpPIx2jlj2//K/GVPrUH\n2H8AruFnkJo7S4ab4+noxyu3RGhqc9w8Spyrl9lO4ZKdwRJDf1+Ad/g+Z03KxuTl\nllN87aXdog05WbEIwroMJPXXr2b1BiTiTW0RUrweT2OU5jsMjt88obokCi4xpdR2\nCLKgKIOcXV2YCqptVHK1K48NpLtMefFBiwuLCzMzFEECAwEAAaOCC5QwgguQMA4G\nA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRkbVrunXMAhh6SIpqkw571PmHaxDAfBgNVHSMEGDAWgBSKdH+v\nhc3ulc09nNDiRhTzcTUdJzBqBggrBgEFBQcBAQReMFwwJwYIKwYBBQUHMAGGG2h0\ndHA6Ly9vY3NwLnBraS5nb29nL2d0czFjMzAxBggrBgEFBQcwAoYlaHR0cDovL3Br\naS5nb29nL3JlcG8vY2VydHMvZ3RzMWMzLmRlcjCCCUIGA1UdEQSCCTkwggk1ggwq\nLmdvb2dsZS5jb22CFiouYXBwZW5naW5lLmdvb2dsZS5jb22CCSouYmRuLmRldoIS\nKi5jbG91ZC5nb29nbGUuY29tghgqLmNyb3dkc291cmNlLmdvb2dsZS5jb22CGCou\nZGF0YWNvbXB1dGUuZ29vZ2xlLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNs\ngg4qLmdvb2dsZS5jby5pboIOKi5nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVr\ngg8qLmdvb2dsZS5jb20uYXKCDyouZ29vZ2xlLmNvbS5hdYIPKi5nb29nbGUuY29t\nLmJygg8qLmdvb2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIPKi5nb29nbGUu\nY29tLnRygg8qLmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5l\nc4ILKi5nb29nbGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29n\nbGUubmyCCyouZ29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMu\nY29tgg8qLmdvb2dsZWFwaXMuY26CESouZ29vZ2xldmlkZW8uY29tggwqLmdzdGF0\naWMuY26CECouZ3N0YXRpYy1jbi5jb22CD2dvb2dsZWNuYXBwcy5jboIRKi5nb29n\nbGVjbmFwcHMuY26CEWdvb2dsZWFwcHMtY24uY29tghMqLmdvb2dsZWFwcHMtY24u\nY29tggxna2VjbmFwcHMuY26CDiouZ2tlY25hcHBzLmNughJnb29nbGVkb3dubG9h\nZHMuY26CFCouZ29vZ2xlZG93bmxvYWRzLmNughByZWNhcHRjaGEubmV0LmNughIq\nLnJlY2FwdGNoYS5uZXQuY26CC3dpZGV2aW5lLmNugg0qLndpZGV2aW5lLmNughFh\nbXBwcm9qZWN0Lm9yZy5jboITKi5hbXBwcm9qZWN0Lm9yZy5jboIRYW1wcHJvamVj\ndC5uZXQuY26CEyouYW1wcHJvamVjdC5uZXQuY26CF2dvb2dsZS1hbmFseXRpY3Mt\nY24uY29tghkqLmdvb2dsZS1hbmFseXRpY3MtY24uY29tghdnb29nbGVhZHNlcnZp\nY2VzLWNuLmNvbYIZKi5nb29nbGVhZHNlcnZpY2VzLWNuLmNvbYIRZ29vZ2xldmFk\ncy1jbi5jb22CEyouZ29vZ2xldmFkcy1jbi5jb22CEWdvb2dsZWFwaXMtY24uY29t\nghMqLmdvb2dsZWFwaXMtY24uY29tghVnb29nbGVvcHRpbWl6ZS1jbi5jb22CFyou\nZ29vZ2xlb3B0aW1pemUtY24uY29tghJkb3VibGVjbGljay1jbi5uZXSCFCouZG91\nYmxlY2xpY2stY24ubmV0ghgqLmZscy5kb3VibGVjbGljay1jbi5uZXSCFiouZy5k\nb3VibGVjbGljay1jbi5uZXSCDmRvdWJsZWNsaWNrLmNughAqLmRvdWJsZWNsaWNr\nLmNughQqLmZscy5kb3VibGVjbGljay5jboISKi5nLmRvdWJsZWNsaWNrLmNughFk\nYXJ0c2VhcmNoLWNuLm5ldIITKi5kYXJ0c2VhcmNoLWNuLm5ldIIdZ29vZ2xldHJh\ndmVsYWRzZXJ2aWNlcy1jbi5jb22CHyouZ29vZ2xldHJhdmVsYWRzZXJ2aWNlcy1j\nbi5jb22CGGdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNvbYIaKi5nb29nbGV0YWdzZXJ2\naWNlcy1jbi5jb22CF2dvb2dsZXRhZ21hbmFnZXItY24uY29tghkqLmdvb2dsZXRh\nZ21hbmFnZXItY24uY29tghhnb29nbGVzeW5kaWNhdGlvbi1jbi5jb22CGiouZ29v\nZ2xlc3luZGljYXRpb24tY24uY29tgiQqLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CFmFwcC1tZWFzdXJlbWVudC1jbi5jb22CGCouYXBwLW1lYXN1\ncmVtZW50LWNuLmNvbYILZ3Z0MS1jbi5jb22CDSouZ3Z0MS1jbi5jb22CC2d2dDIt\nY24uY29tgg0qLmd2dDItY24uY29tggsybWRuLWNuLm5ldIINKi4ybWRuLWNuLm5l\ndIIUZ29vZ2xlZmxpZ2h0cy1jbi5uZXSCFiouZ29vZ2xlZmxpZ2h0cy1jbi5uZXSC\nDGFkbW9iLWNuLmNvbYIOKi5hZG1vYi1jbi5jb22CDSouZ3N0YXRpYy5jb22CFCou\nbWV0cmljLmdzdGF0aWMuY29tggoqLmd2dDEuY29tghEqLmdjcGNkbi5ndnQxLmNv\nbYIKKi5ndnQyLmNvbYIOKi5nY3AuZ3Z0Mi5jb22CECoudXJsLmdvb2dsZS5jb22C\nFioueW91dHViZS1ub2Nvb2tpZS5jb22CCyoueXRpbWcuY29tggthbmRyb2lkLmNv\nbYINKi5hbmRyb2lkLmNvbYITKi5mbGFzaC5hbmRyb2lkLmNvbYIEZy5jboIGKi5n\nLmNuggRnLmNvggYqLmcuY2+CBmdvby5nbIIKd3d3Lmdvby5nbIIUZ29vZ2xlLWFu\nYWx5dGljcy5jb22CFiouZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5jb22C\nEmdvb2dsZWNvbW1lcmNlLmNvbYIUKi5nb29nbGVjb21tZXJjZS5jb22CCGdncGh0\nLmNuggoqLmdncGh0LmNuggp1cmNoaW4uY29tggwqLnVyY2hpbi5jb22CCHlvdXR1\nLmJlggt5b3V0dWJlLmNvbYINKi55b3V0dWJlLmNvbYIUeW91dHViZWVkdWNhdGlv\nbi5jb22CFioueW91dHViZWVkdWNhdGlvbi5jb22CD3lvdXR1YmVraWRzLmNvbYIR\nKi55b3V0dWJla2lkcy5jb22CBXl0LmJlggcqLnl0LmJlghphbmRyb2lkLmNsaWVu\ndHMuZ29vZ2xlLmNvbYIbZGV2ZWxvcGVyLmFuZHJvaWQuZ29vZ2xlLmNughxkZXZl\nbG9wZXJzLmFuZHJvaWQuZ29vZ2xlLmNughhzb3VyY2UuYW5kcm9pZC5nb29nbGUu\nY24wIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxYzMvemRBVHQwRXhfRmsu\nY3JsMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAKXm+8J45OSHwVnOfY6V35b5X\nfZxgCvj5TV0mXCVdx4QAAAF9abZ3FwAABAMASDBGAiEAzaVx7NE+ZVGOQ8o4xW2e\ndtM5xk0oOOA0T4Bx9a7GR34CIQCF7CLZ0JTrK5WHwYx/rWQ+fnvp/XADSAbosa5q\nb/Bv/AB3AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfWm2dywA\nAAQDAEgwRgIhAPALzEmjaCwQG4GBR0cM5D8p3NlEqWPJmqCDrcptclYdAiEAq9JX\nqm37pB/R/OHPGC7AjpKKCCJ1qpvwNZogH85ruS4wDQYJKoZIhvcNAQELBQADggEB\nAIxs/oH+o0mVzI1lnZZbGZP6YjtOX4x7PVC5sTnUPXma/gdwzIefnrSU4QF+cKv6\n+JsFSzvQhcDFkqq/C3K2xj3dikINauIqEFJWcbHVqv43a0Gkhqhqa1RvuYGJTaNk\n3PCqn2qpGxuwzYCBdGzu33G48XiLKqvThFmjcHyfgB7WTbOgLcjQEAA9buzLNjpS\n8ePPP8avbl3AsiVQko4VD7Rdf4RTEoY7QbVGQovmljr3zcSZoTtkh6Jj5h36sTtk\nqN3j5ES7RyC6hnh0eWrvFGt//yTFil/mEU7DYYTRA9U+1nrSppbSlWM3HGVN8po5\nx4JAV8fxdrUjFsDDGX3pa8Q=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "5t51VWELQYVRHE/2eiSYya+8G5A=", - "fingerprint_sha256": "wFJnEP8g/2R25wwFr2NDSJ9YvsCu8OnJ+fkLCkobWTY=", - "hpkp_pin": "bhmwkLYwGyUDDhzos11UGJYAKGwR9wyxC/knLZzlkSs=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2022-02-21T02:21:39", - "not_valid_before": "2021-11-29T02:21:40", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 21888924785274671114212116798050489332058235941353934902816769603495162665725679579497244893212144953326782028588961935836208966504939320851802356955522834236195422537512627825798044971454314657647167856689142212031986940520202670028347541469889913737417086406535223731863751331155005571533908422639151265622861795192396361132263839721684170695529639757796817496945872409990350759925660522031382698065998695811983379259440878375311544679808296292938648598818902795405337007199137231174780159959136437972758527521905452372035990081824985079550831699188850043309540405746993861062800363226186126946878862482768494007361 - }, - "serial_number": 159411829818832564016018738286296431893, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.google.com", - "value": "*.google.com" - } - ], - "rfc4514_string": "CN=*.google.com" - }, - "subject_alternative_name": { - "dns": [ - "*.google.com", - "*.appengine.google.com", - "*.bdn.dev", - "*.cloud.google.com", - "*.crowdsource.google.com", - "*.datacompute.google.com", - "*.google.ca", - "*.google.cl", - "*.google.co.in", - "*.google.co.jp", - "*.google.co.uk", - "*.google.com.ar", - "*.google.com.au", - "*.google.com.br", - "*.google.com.co", - "*.google.com.mx", - "*.google.com.tr", - "*.google.com.vn", - "*.google.de", - "*.google.es", - "*.google.fr", - "*.google.hu", - "*.google.it", - "*.google.nl", - "*.google.pl", - "*.google.pt", - "*.googleadapis.com", - "*.googleapis.cn", - "*.googlevideo.com", - "*.gstatic.cn", - "*.gstatic-cn.com", - "googlecnapps.cn", - "*.googlecnapps.cn", - "googleapps-cn.com", - "*.googleapps-cn.com", - "gkecnapps.cn", - "*.gkecnapps.cn", - "googledownloads.cn", - "*.googledownloads.cn", - "recaptcha.net.cn", - "*.recaptcha.net.cn", - "widevine.cn", - "*.widevine.cn", - "ampproject.org.cn", - "*.ampproject.org.cn", - "ampproject.net.cn", - "*.ampproject.net.cn", - "google-analytics-cn.com", - "*.google-analytics-cn.com", - "googleadservices-cn.com", - "*.googleadservices-cn.com", - "googlevads-cn.com", - "*.googlevads-cn.com", - "googleapis-cn.com", - "*.googleapis-cn.com", - "googleoptimize-cn.com", - "*.googleoptimize-cn.com", - "doubleclick-cn.net", - "*.doubleclick-cn.net", - "*.fls.doubleclick-cn.net", - "*.g.doubleclick-cn.net", - "doubleclick.cn", - "*.doubleclick.cn", - "*.fls.doubleclick.cn", - "*.g.doubleclick.cn", - "dartsearch-cn.net", - "*.dartsearch-cn.net", - "googletraveladservices-cn.com", - "*.googletraveladservices-cn.com", - "googletagservices-cn.com", - "*.googletagservices-cn.com", - "googletagmanager-cn.com", - "*.googletagmanager-cn.com", - "googlesyndication-cn.com", - "*.googlesyndication-cn.com", - "*.safeframe.googlesyndication-cn.com", - "app-measurement-cn.com", - "*.app-measurement-cn.com", - "gvt1-cn.com", - "*.gvt1-cn.com", - "gvt2-cn.com", - "*.gvt2-cn.com", - "2mdn-cn.net", - "*.2mdn-cn.net", - "googleflights-cn.net", - "*.googleflights-cn.net", - "admob-cn.com", - "*.admob-cn.com", - "*.gstatic.com", - "*.metric.gstatic.com", - "*.gvt1.com", - "*.gcpcdn.gvt1.com", - "*.gvt2.com", - "*.gcp.gvt2.com", - "*.url.google.com", - "*.youtube-nocookie.com", - "*.ytimg.com", - "android.com", - "*.android.com", - "*.flash.android.com", - "g.cn", - "*.g.cn", - "g.co", - "*.g.co", - "goo.gl", - "www.goo.gl", - "google-analytics.com", - "*.google-analytics.com", - "google.com", - "googlecommerce.com", - "*.googlecommerce.com", - "ggpht.cn", - "*.ggpht.cn", - "urchin.com", - "*.urchin.com", - "youtu.be", - "youtube.com", - "*.youtube.com", - "youtubeeducation.com", - "*.youtubeeducation.com", - "youtubekids.com", - "*.youtubekids.com", - "yt.be", - "*.yt.be", - "android.clients.google.com", - "developer.android.google.cn", - "developers.android.google.cn", - "source.android.google.cn" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", - "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", - "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2027-09-30T00:00:42", - "not_valid_before": "2020-08-13T00:00:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 - }, - "serial_number": 159612451717983579589660725350, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", - "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", - "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2036-06-22T00:00:00", - "not_valid_before": "2016-06-22T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 - }, - "serial_number": 146587175971765017618439757810265552097, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.12", - "name": "sha384WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 48, - "name": "sha384" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Apple", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/apple.pem", - "version": "iOS 15, iPadOS 15, macOS 12, tvOS 15, and watchOS 8" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIOfTCCDWWgAwIBAgIQd+2aBfss7EsKAAAAASX9FTANBgkqhkiG9w0BAQsFADBG\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzETMBEGA1UEAxMKR1RTIENBIDFDMzAeFw0yMTExMjkwMjIxNDBaFw0yMjAyMjEw\nMjIxMzlaMBcxFTATBgNVBAMMDCouZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAK1kyHzdiamF+Vh9PQCWLDW0Vp2ANmwZqiacEv/eFnfR\n2UcU9aZ7Hpd8hxfUYTnXsOL5nNW/NO1go/7c3gOxHTysGFHL5ABwzX94qpXpBaGQ\nkGg5IW9s0PDeZWJIIcgxcNAmT6C3WZh8ZC++EksniGezcpPIx2jlj2//K/GVPrUH\n2H8AruFnkJo7S4ab4+noxyu3RGhqc9w8Spyrl9lO4ZKdwRJDf1+Ad/g+Z03KxuTl\nllN87aXdog05WbEIwroMJPXXr2b1BiTiTW0RUrweT2OU5jsMjt88obokCi4xpdR2\nCLKgKIOcXV2YCqptVHK1K48NpLtMefFBiwuLCzMzFEECAwEAAaOCC5QwgguQMA4G\nA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRkbVrunXMAhh6SIpqkw571PmHaxDAfBgNVHSMEGDAWgBSKdH+v\nhc3ulc09nNDiRhTzcTUdJzBqBggrBgEFBQcBAQReMFwwJwYIKwYBBQUHMAGGG2h0\ndHA6Ly9vY3NwLnBraS5nb29nL2d0czFjMzAxBggrBgEFBQcwAoYlaHR0cDovL3Br\naS5nb29nL3JlcG8vY2VydHMvZ3RzMWMzLmRlcjCCCUIGA1UdEQSCCTkwggk1ggwq\nLmdvb2dsZS5jb22CFiouYXBwZW5naW5lLmdvb2dsZS5jb22CCSouYmRuLmRldoIS\nKi5jbG91ZC5nb29nbGUuY29tghgqLmNyb3dkc291cmNlLmdvb2dsZS5jb22CGCou\nZGF0YWNvbXB1dGUuZ29vZ2xlLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNs\ngg4qLmdvb2dsZS5jby5pboIOKi5nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVr\ngg8qLmdvb2dsZS5jb20uYXKCDyouZ29vZ2xlLmNvbS5hdYIPKi5nb29nbGUuY29t\nLmJygg8qLmdvb2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIPKi5nb29nbGUu\nY29tLnRygg8qLmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5l\nc4ILKi5nb29nbGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29n\nbGUubmyCCyouZ29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMu\nY29tgg8qLmdvb2dsZWFwaXMuY26CESouZ29vZ2xldmlkZW8uY29tggwqLmdzdGF0\naWMuY26CECouZ3N0YXRpYy1jbi5jb22CD2dvb2dsZWNuYXBwcy5jboIRKi5nb29n\nbGVjbmFwcHMuY26CEWdvb2dsZWFwcHMtY24uY29tghMqLmdvb2dsZWFwcHMtY24u\nY29tggxna2VjbmFwcHMuY26CDiouZ2tlY25hcHBzLmNughJnb29nbGVkb3dubG9h\nZHMuY26CFCouZ29vZ2xlZG93bmxvYWRzLmNughByZWNhcHRjaGEubmV0LmNughIq\nLnJlY2FwdGNoYS5uZXQuY26CC3dpZGV2aW5lLmNugg0qLndpZGV2aW5lLmNughFh\nbXBwcm9qZWN0Lm9yZy5jboITKi5hbXBwcm9qZWN0Lm9yZy5jboIRYW1wcHJvamVj\ndC5uZXQuY26CEyouYW1wcHJvamVjdC5uZXQuY26CF2dvb2dsZS1hbmFseXRpY3Mt\nY24uY29tghkqLmdvb2dsZS1hbmFseXRpY3MtY24uY29tghdnb29nbGVhZHNlcnZp\nY2VzLWNuLmNvbYIZKi5nb29nbGVhZHNlcnZpY2VzLWNuLmNvbYIRZ29vZ2xldmFk\ncy1jbi5jb22CEyouZ29vZ2xldmFkcy1jbi5jb22CEWdvb2dsZWFwaXMtY24uY29t\nghMqLmdvb2dsZWFwaXMtY24uY29tghVnb29nbGVvcHRpbWl6ZS1jbi5jb22CFyou\nZ29vZ2xlb3B0aW1pemUtY24uY29tghJkb3VibGVjbGljay1jbi5uZXSCFCouZG91\nYmxlY2xpY2stY24ubmV0ghgqLmZscy5kb3VibGVjbGljay1jbi5uZXSCFiouZy5k\nb3VibGVjbGljay1jbi5uZXSCDmRvdWJsZWNsaWNrLmNughAqLmRvdWJsZWNsaWNr\nLmNughQqLmZscy5kb3VibGVjbGljay5jboISKi5nLmRvdWJsZWNsaWNrLmNughFk\nYXJ0c2VhcmNoLWNuLm5ldIITKi5kYXJ0c2VhcmNoLWNuLm5ldIIdZ29vZ2xldHJh\ndmVsYWRzZXJ2aWNlcy1jbi5jb22CHyouZ29vZ2xldHJhdmVsYWRzZXJ2aWNlcy1j\nbi5jb22CGGdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNvbYIaKi5nb29nbGV0YWdzZXJ2\naWNlcy1jbi5jb22CF2dvb2dsZXRhZ21hbmFnZXItY24uY29tghkqLmdvb2dsZXRh\nZ21hbmFnZXItY24uY29tghhnb29nbGVzeW5kaWNhdGlvbi1jbi5jb22CGiouZ29v\nZ2xlc3luZGljYXRpb24tY24uY29tgiQqLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CFmFwcC1tZWFzdXJlbWVudC1jbi5jb22CGCouYXBwLW1lYXN1\ncmVtZW50LWNuLmNvbYILZ3Z0MS1jbi5jb22CDSouZ3Z0MS1jbi5jb22CC2d2dDIt\nY24uY29tgg0qLmd2dDItY24uY29tggsybWRuLWNuLm5ldIINKi4ybWRuLWNuLm5l\ndIIUZ29vZ2xlZmxpZ2h0cy1jbi5uZXSCFiouZ29vZ2xlZmxpZ2h0cy1jbi5uZXSC\nDGFkbW9iLWNuLmNvbYIOKi5hZG1vYi1jbi5jb22CDSouZ3N0YXRpYy5jb22CFCou\nbWV0cmljLmdzdGF0aWMuY29tggoqLmd2dDEuY29tghEqLmdjcGNkbi5ndnQxLmNv\nbYIKKi5ndnQyLmNvbYIOKi5nY3AuZ3Z0Mi5jb22CECoudXJsLmdvb2dsZS5jb22C\nFioueW91dHViZS1ub2Nvb2tpZS5jb22CCyoueXRpbWcuY29tggthbmRyb2lkLmNv\nbYINKi5hbmRyb2lkLmNvbYITKi5mbGFzaC5hbmRyb2lkLmNvbYIEZy5jboIGKi5n\nLmNuggRnLmNvggYqLmcuY2+CBmdvby5nbIIKd3d3Lmdvby5nbIIUZ29vZ2xlLWFu\nYWx5dGljcy5jb22CFiouZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5jb22C\nEmdvb2dsZWNvbW1lcmNlLmNvbYIUKi5nb29nbGVjb21tZXJjZS5jb22CCGdncGh0\nLmNuggoqLmdncGh0LmNuggp1cmNoaW4uY29tggwqLnVyY2hpbi5jb22CCHlvdXR1\nLmJlggt5b3V0dWJlLmNvbYINKi55b3V0dWJlLmNvbYIUeW91dHViZWVkdWNhdGlv\nbi5jb22CFioueW91dHViZWVkdWNhdGlvbi5jb22CD3lvdXR1YmVraWRzLmNvbYIR\nKi55b3V0dWJla2lkcy5jb22CBXl0LmJlggcqLnl0LmJlghphbmRyb2lkLmNsaWVu\ndHMuZ29vZ2xlLmNvbYIbZGV2ZWxvcGVyLmFuZHJvaWQuZ29vZ2xlLmNughxkZXZl\nbG9wZXJzLmFuZHJvaWQuZ29vZ2xlLmNughhzb3VyY2UuYW5kcm9pZC5nb29nbGUu\nY24wIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxYzMvemRBVHQwRXhfRmsu\nY3JsMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAKXm+8J45OSHwVnOfY6V35b5X\nfZxgCvj5TV0mXCVdx4QAAAF9abZ3FwAABAMASDBGAiEAzaVx7NE+ZVGOQ8o4xW2e\ndtM5xk0oOOA0T4Bx9a7GR34CIQCF7CLZ0JTrK5WHwYx/rWQ+fnvp/XADSAbosa5q\nb/Bv/AB3AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfWm2dywA\nAAQDAEgwRgIhAPALzEmjaCwQG4GBR0cM5D8p3NlEqWPJmqCDrcptclYdAiEAq9JX\nqm37pB/R/OHPGC7AjpKKCCJ1qpvwNZogH85ruS4wDQYJKoZIhvcNAQELBQADggEB\nAIxs/oH+o0mVzI1lnZZbGZP6YjtOX4x7PVC5sTnUPXma/gdwzIefnrSU4QF+cKv6\n+JsFSzvQhcDFkqq/C3K2xj3dikINauIqEFJWcbHVqv43a0Gkhqhqa1RvuYGJTaNk\n3PCqn2qpGxuwzYCBdGzu33G48XiLKqvThFmjcHyfgB7WTbOgLcjQEAA9buzLNjpS\n8ePPP8avbl3AsiVQko4VD7Rdf4RTEoY7QbVGQovmljr3zcSZoTtkh6Jj5h36sTtk\nqN3j5ES7RyC6hnh0eWrvFGt//yTFil/mEU7DYYTRA9U+1nrSppbSlWM3HGVN8po5\nx4JAV8fxdrUjFsDDGX3pa8Q=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "5t51VWELQYVRHE/2eiSYya+8G5A=", - "fingerprint_sha256": "wFJnEP8g/2R25wwFr2NDSJ9YvsCu8OnJ+fkLCkobWTY=", - "hpkp_pin": "bhmwkLYwGyUDDhzos11UGJYAKGwR9wyxC/knLZzlkSs=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2022-02-21T02:21:39", - "not_valid_before": "2021-11-29T02:21:40", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 21888924785274671114212116798050489332058235941353934902816769603495162665725679579497244893212144953326782028588961935836208966504939320851802356955522834236195422537512627825798044971454314657647167856689142212031986940520202670028347541469889913737417086406535223731863751331155005571533908422639151265622861795192396361132263839721684170695529639757796817496945872409990350759925660522031382698065998695811983379259440878375311544679808296292938648598818902795405337007199137231174780159959136437972758527521905452372035990081824985079550831699188850043309540405746993861062800363226186126946878862482768494007361 - }, - "serial_number": 159411829818832564016018738286296431893, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.google.com", - "value": "*.google.com" - } - ], - "rfc4514_string": "CN=*.google.com" - }, - "subject_alternative_name": { - "dns": [ - "*.google.com", - "*.appengine.google.com", - "*.bdn.dev", - "*.cloud.google.com", - "*.crowdsource.google.com", - "*.datacompute.google.com", - "*.google.ca", - "*.google.cl", - "*.google.co.in", - "*.google.co.jp", - "*.google.co.uk", - "*.google.com.ar", - "*.google.com.au", - "*.google.com.br", - "*.google.com.co", - "*.google.com.mx", - "*.google.com.tr", - "*.google.com.vn", - "*.google.de", - "*.google.es", - "*.google.fr", - "*.google.hu", - "*.google.it", - "*.google.nl", - "*.google.pl", - "*.google.pt", - "*.googleadapis.com", - "*.googleapis.cn", - "*.googlevideo.com", - "*.gstatic.cn", - "*.gstatic-cn.com", - "googlecnapps.cn", - "*.googlecnapps.cn", - "googleapps-cn.com", - "*.googleapps-cn.com", - "gkecnapps.cn", - "*.gkecnapps.cn", - "googledownloads.cn", - "*.googledownloads.cn", - "recaptcha.net.cn", - "*.recaptcha.net.cn", - "widevine.cn", - "*.widevine.cn", - "ampproject.org.cn", - "*.ampproject.org.cn", - "ampproject.net.cn", - "*.ampproject.net.cn", - "google-analytics-cn.com", - "*.google-analytics-cn.com", - "googleadservices-cn.com", - "*.googleadservices-cn.com", - "googlevads-cn.com", - "*.googlevads-cn.com", - "googleapis-cn.com", - "*.googleapis-cn.com", - "googleoptimize-cn.com", - "*.googleoptimize-cn.com", - "doubleclick-cn.net", - "*.doubleclick-cn.net", - "*.fls.doubleclick-cn.net", - "*.g.doubleclick-cn.net", - "doubleclick.cn", - "*.doubleclick.cn", - "*.fls.doubleclick.cn", - "*.g.doubleclick.cn", - "dartsearch-cn.net", - "*.dartsearch-cn.net", - "googletraveladservices-cn.com", - "*.googletraveladservices-cn.com", - "googletagservices-cn.com", - "*.googletagservices-cn.com", - "googletagmanager-cn.com", - "*.googletagmanager-cn.com", - "googlesyndication-cn.com", - "*.googlesyndication-cn.com", - "*.safeframe.googlesyndication-cn.com", - "app-measurement-cn.com", - "*.app-measurement-cn.com", - "gvt1-cn.com", - "*.gvt1-cn.com", - "gvt2-cn.com", - "*.gvt2-cn.com", - "2mdn-cn.net", - "*.2mdn-cn.net", - "googleflights-cn.net", - "*.googleflights-cn.net", - "admob-cn.com", - "*.admob-cn.com", - "*.gstatic.com", - "*.metric.gstatic.com", - "*.gvt1.com", - "*.gcpcdn.gvt1.com", - "*.gvt2.com", - "*.gcp.gvt2.com", - "*.url.google.com", - "*.youtube-nocookie.com", - "*.ytimg.com", - "android.com", - "*.android.com", - "*.flash.android.com", - "g.cn", - "*.g.cn", - "g.co", - "*.g.co", - "goo.gl", - "www.goo.gl", - "google-analytics.com", - "*.google-analytics.com", - "google.com", - "googlecommerce.com", - "*.googlecommerce.com", - "ggpht.cn", - "*.ggpht.cn", - "urchin.com", - "*.urchin.com", - "youtu.be", - "youtube.com", - "*.youtube.com", - "youtubeeducation.com", - "*.youtubeeducation.com", - "youtubekids.com", - "*.youtubekids.com", - "yt.be", - "*.yt.be", - "android.clients.google.com", - "developer.android.google.cn", - "developers.android.google.cn", - "source.android.google.cn" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", - "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", - "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2027-09-30T00:00:42", - "not_valid_before": "2020-08-13T00:00:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 - }, - "serial_number": 159612451717983579589660725350, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", - "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", - "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2036-06-22T00:00:00", - "not_valid_before": "2016-06-22T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 - }, - "serial_number": 146587175971765017618439757810265552097, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.12", - "name": "sha384WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 48, - "name": "sha384" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Java", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/oracle_java.pem", - "version": "jdk-13.0.2" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIOfTCCDWWgAwIBAgIQd+2aBfss7EsKAAAAASX9FTANBgkqhkiG9w0BAQsFADBG\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzETMBEGA1UEAxMKR1RTIENBIDFDMzAeFw0yMTExMjkwMjIxNDBaFw0yMjAyMjEw\nMjIxMzlaMBcxFTATBgNVBAMMDCouZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAK1kyHzdiamF+Vh9PQCWLDW0Vp2ANmwZqiacEv/eFnfR\n2UcU9aZ7Hpd8hxfUYTnXsOL5nNW/NO1go/7c3gOxHTysGFHL5ABwzX94qpXpBaGQ\nkGg5IW9s0PDeZWJIIcgxcNAmT6C3WZh8ZC++EksniGezcpPIx2jlj2//K/GVPrUH\n2H8AruFnkJo7S4ab4+noxyu3RGhqc9w8Spyrl9lO4ZKdwRJDf1+Ad/g+Z03KxuTl\nllN87aXdog05WbEIwroMJPXXr2b1BiTiTW0RUrweT2OU5jsMjt88obokCi4xpdR2\nCLKgKIOcXV2YCqptVHK1K48NpLtMefFBiwuLCzMzFEECAwEAAaOCC5QwgguQMA4G\nA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRkbVrunXMAhh6SIpqkw571PmHaxDAfBgNVHSMEGDAWgBSKdH+v\nhc3ulc09nNDiRhTzcTUdJzBqBggrBgEFBQcBAQReMFwwJwYIKwYBBQUHMAGGG2h0\ndHA6Ly9vY3NwLnBraS5nb29nL2d0czFjMzAxBggrBgEFBQcwAoYlaHR0cDovL3Br\naS5nb29nL3JlcG8vY2VydHMvZ3RzMWMzLmRlcjCCCUIGA1UdEQSCCTkwggk1ggwq\nLmdvb2dsZS5jb22CFiouYXBwZW5naW5lLmdvb2dsZS5jb22CCSouYmRuLmRldoIS\nKi5jbG91ZC5nb29nbGUuY29tghgqLmNyb3dkc291cmNlLmdvb2dsZS5jb22CGCou\nZGF0YWNvbXB1dGUuZ29vZ2xlLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNs\ngg4qLmdvb2dsZS5jby5pboIOKi5nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVr\ngg8qLmdvb2dsZS5jb20uYXKCDyouZ29vZ2xlLmNvbS5hdYIPKi5nb29nbGUuY29t\nLmJygg8qLmdvb2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIPKi5nb29nbGUu\nY29tLnRygg8qLmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5l\nc4ILKi5nb29nbGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29n\nbGUubmyCCyouZ29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMu\nY29tgg8qLmdvb2dsZWFwaXMuY26CESouZ29vZ2xldmlkZW8uY29tggwqLmdzdGF0\naWMuY26CECouZ3N0YXRpYy1jbi5jb22CD2dvb2dsZWNuYXBwcy5jboIRKi5nb29n\nbGVjbmFwcHMuY26CEWdvb2dsZWFwcHMtY24uY29tghMqLmdvb2dsZWFwcHMtY24u\nY29tggxna2VjbmFwcHMuY26CDiouZ2tlY25hcHBzLmNughJnb29nbGVkb3dubG9h\nZHMuY26CFCouZ29vZ2xlZG93bmxvYWRzLmNughByZWNhcHRjaGEubmV0LmNughIq\nLnJlY2FwdGNoYS5uZXQuY26CC3dpZGV2aW5lLmNugg0qLndpZGV2aW5lLmNughFh\nbXBwcm9qZWN0Lm9yZy5jboITKi5hbXBwcm9qZWN0Lm9yZy5jboIRYW1wcHJvamVj\ndC5uZXQuY26CEyouYW1wcHJvamVjdC5uZXQuY26CF2dvb2dsZS1hbmFseXRpY3Mt\nY24uY29tghkqLmdvb2dsZS1hbmFseXRpY3MtY24uY29tghdnb29nbGVhZHNlcnZp\nY2VzLWNuLmNvbYIZKi5nb29nbGVhZHNlcnZpY2VzLWNuLmNvbYIRZ29vZ2xldmFk\ncy1jbi5jb22CEyouZ29vZ2xldmFkcy1jbi5jb22CEWdvb2dsZWFwaXMtY24uY29t\nghMqLmdvb2dsZWFwaXMtY24uY29tghVnb29nbGVvcHRpbWl6ZS1jbi5jb22CFyou\nZ29vZ2xlb3B0aW1pemUtY24uY29tghJkb3VibGVjbGljay1jbi5uZXSCFCouZG91\nYmxlY2xpY2stY24ubmV0ghgqLmZscy5kb3VibGVjbGljay1jbi5uZXSCFiouZy5k\nb3VibGVjbGljay1jbi5uZXSCDmRvdWJsZWNsaWNrLmNughAqLmRvdWJsZWNsaWNr\nLmNughQqLmZscy5kb3VibGVjbGljay5jboISKi5nLmRvdWJsZWNsaWNrLmNughFk\nYXJ0c2VhcmNoLWNuLm5ldIITKi5kYXJ0c2VhcmNoLWNuLm5ldIIdZ29vZ2xldHJh\ndmVsYWRzZXJ2aWNlcy1jbi5jb22CHyouZ29vZ2xldHJhdmVsYWRzZXJ2aWNlcy1j\nbi5jb22CGGdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNvbYIaKi5nb29nbGV0YWdzZXJ2\naWNlcy1jbi5jb22CF2dvb2dsZXRhZ21hbmFnZXItY24uY29tghkqLmdvb2dsZXRh\nZ21hbmFnZXItY24uY29tghhnb29nbGVzeW5kaWNhdGlvbi1jbi5jb22CGiouZ29v\nZ2xlc3luZGljYXRpb24tY24uY29tgiQqLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CFmFwcC1tZWFzdXJlbWVudC1jbi5jb22CGCouYXBwLW1lYXN1\ncmVtZW50LWNuLmNvbYILZ3Z0MS1jbi5jb22CDSouZ3Z0MS1jbi5jb22CC2d2dDIt\nY24uY29tgg0qLmd2dDItY24uY29tggsybWRuLWNuLm5ldIINKi4ybWRuLWNuLm5l\ndIIUZ29vZ2xlZmxpZ2h0cy1jbi5uZXSCFiouZ29vZ2xlZmxpZ2h0cy1jbi5uZXSC\nDGFkbW9iLWNuLmNvbYIOKi5hZG1vYi1jbi5jb22CDSouZ3N0YXRpYy5jb22CFCou\nbWV0cmljLmdzdGF0aWMuY29tggoqLmd2dDEuY29tghEqLmdjcGNkbi5ndnQxLmNv\nbYIKKi5ndnQyLmNvbYIOKi5nY3AuZ3Z0Mi5jb22CECoudXJsLmdvb2dsZS5jb22C\nFioueW91dHViZS1ub2Nvb2tpZS5jb22CCyoueXRpbWcuY29tggthbmRyb2lkLmNv\nbYINKi5hbmRyb2lkLmNvbYITKi5mbGFzaC5hbmRyb2lkLmNvbYIEZy5jboIGKi5n\nLmNuggRnLmNvggYqLmcuY2+CBmdvby5nbIIKd3d3Lmdvby5nbIIUZ29vZ2xlLWFu\nYWx5dGljcy5jb22CFiouZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5jb22C\nEmdvb2dsZWNvbW1lcmNlLmNvbYIUKi5nb29nbGVjb21tZXJjZS5jb22CCGdncGh0\nLmNuggoqLmdncGh0LmNuggp1cmNoaW4uY29tggwqLnVyY2hpbi5jb22CCHlvdXR1\nLmJlggt5b3V0dWJlLmNvbYINKi55b3V0dWJlLmNvbYIUeW91dHViZWVkdWNhdGlv\nbi5jb22CFioueW91dHViZWVkdWNhdGlvbi5jb22CD3lvdXR1YmVraWRzLmNvbYIR\nKi55b3V0dWJla2lkcy5jb22CBXl0LmJlggcqLnl0LmJlghphbmRyb2lkLmNsaWVu\ndHMuZ29vZ2xlLmNvbYIbZGV2ZWxvcGVyLmFuZHJvaWQuZ29vZ2xlLmNughxkZXZl\nbG9wZXJzLmFuZHJvaWQuZ29vZ2xlLmNughhzb3VyY2UuYW5kcm9pZC5nb29nbGUu\nY24wIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxYzMvemRBVHQwRXhfRmsu\nY3JsMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAKXm+8J45OSHwVnOfY6V35b5X\nfZxgCvj5TV0mXCVdx4QAAAF9abZ3FwAABAMASDBGAiEAzaVx7NE+ZVGOQ8o4xW2e\ndtM5xk0oOOA0T4Bx9a7GR34CIQCF7CLZ0JTrK5WHwYx/rWQ+fnvp/XADSAbosa5q\nb/Bv/AB3AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfWm2dywA\nAAQDAEgwRgIhAPALzEmjaCwQG4GBR0cM5D8p3NlEqWPJmqCDrcptclYdAiEAq9JX\nqm37pB/R/OHPGC7AjpKKCCJ1qpvwNZogH85ruS4wDQYJKoZIhvcNAQELBQADggEB\nAIxs/oH+o0mVzI1lnZZbGZP6YjtOX4x7PVC5sTnUPXma/gdwzIefnrSU4QF+cKv6\n+JsFSzvQhcDFkqq/C3K2xj3dikINauIqEFJWcbHVqv43a0Gkhqhqa1RvuYGJTaNk\n3PCqn2qpGxuwzYCBdGzu33G48XiLKqvThFmjcHyfgB7WTbOgLcjQEAA9buzLNjpS\n8ePPP8avbl3AsiVQko4VD7Rdf4RTEoY7QbVGQovmljr3zcSZoTtkh6Jj5h36sTtk\nqN3j5ES7RyC6hnh0eWrvFGt//yTFil/mEU7DYYTRA9U+1nrSppbSlWM3HGVN8po5\nx4JAV8fxdrUjFsDDGX3pa8Q=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "5t51VWELQYVRHE/2eiSYya+8G5A=", - "fingerprint_sha256": "wFJnEP8g/2R25wwFr2NDSJ9YvsCu8OnJ+fkLCkobWTY=", - "hpkp_pin": "bhmwkLYwGyUDDhzos11UGJYAKGwR9wyxC/knLZzlkSs=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2022-02-21T02:21:39", - "not_valid_before": "2021-11-29T02:21:40", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 21888924785274671114212116798050489332058235941353934902816769603495162665725679579497244893212144953326782028588961935836208966504939320851802356955522834236195422537512627825798044971454314657647167856689142212031986940520202670028347541469889913737417086406535223731863751331155005571533908422639151265622861795192396361132263839721684170695529639757796817496945872409990350759925660522031382698065998695811983379259440878375311544679808296292938648598818902795405337007199137231174780159959136437972758527521905452372035990081824985079550831699188850043309540405746993861062800363226186126946878862482768494007361 - }, - "serial_number": 159411829818832564016018738286296431893, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.google.com", - "value": "*.google.com" - } - ], - "rfc4514_string": "CN=*.google.com" - }, - "subject_alternative_name": { - "dns": [ - "*.google.com", - "*.appengine.google.com", - "*.bdn.dev", - "*.cloud.google.com", - "*.crowdsource.google.com", - "*.datacompute.google.com", - "*.google.ca", - "*.google.cl", - "*.google.co.in", - "*.google.co.jp", - "*.google.co.uk", - "*.google.com.ar", - "*.google.com.au", - "*.google.com.br", - "*.google.com.co", - "*.google.com.mx", - "*.google.com.tr", - "*.google.com.vn", - "*.google.de", - "*.google.es", - "*.google.fr", - "*.google.hu", - "*.google.it", - "*.google.nl", - "*.google.pl", - "*.google.pt", - "*.googleadapis.com", - "*.googleapis.cn", - "*.googlevideo.com", - "*.gstatic.cn", - "*.gstatic-cn.com", - "googlecnapps.cn", - "*.googlecnapps.cn", - "googleapps-cn.com", - "*.googleapps-cn.com", - "gkecnapps.cn", - "*.gkecnapps.cn", - "googledownloads.cn", - "*.googledownloads.cn", - "recaptcha.net.cn", - "*.recaptcha.net.cn", - "widevine.cn", - "*.widevine.cn", - "ampproject.org.cn", - "*.ampproject.org.cn", - "ampproject.net.cn", - "*.ampproject.net.cn", - "google-analytics-cn.com", - "*.google-analytics-cn.com", - "googleadservices-cn.com", - "*.googleadservices-cn.com", - "googlevads-cn.com", - "*.googlevads-cn.com", - "googleapis-cn.com", - "*.googleapis-cn.com", - "googleoptimize-cn.com", - "*.googleoptimize-cn.com", - "doubleclick-cn.net", - "*.doubleclick-cn.net", - "*.fls.doubleclick-cn.net", - "*.g.doubleclick-cn.net", - "doubleclick.cn", - "*.doubleclick.cn", - "*.fls.doubleclick.cn", - "*.g.doubleclick.cn", - "dartsearch-cn.net", - "*.dartsearch-cn.net", - "googletraveladservices-cn.com", - "*.googletraveladservices-cn.com", - "googletagservices-cn.com", - "*.googletagservices-cn.com", - "googletagmanager-cn.com", - "*.googletagmanager-cn.com", - "googlesyndication-cn.com", - "*.googlesyndication-cn.com", - "*.safeframe.googlesyndication-cn.com", - "app-measurement-cn.com", - "*.app-measurement-cn.com", - "gvt1-cn.com", - "*.gvt1-cn.com", - "gvt2-cn.com", - "*.gvt2-cn.com", - "2mdn-cn.net", - "*.2mdn-cn.net", - "googleflights-cn.net", - "*.googleflights-cn.net", - "admob-cn.com", - "*.admob-cn.com", - "*.gstatic.com", - "*.metric.gstatic.com", - "*.gvt1.com", - "*.gcpcdn.gvt1.com", - "*.gvt2.com", - "*.gcp.gvt2.com", - "*.url.google.com", - "*.youtube-nocookie.com", - "*.ytimg.com", - "android.com", - "*.android.com", - "*.flash.android.com", - "g.cn", - "*.g.cn", - "g.co", - "*.g.co", - "goo.gl", - "www.goo.gl", - "google-analytics.com", - "*.google-analytics.com", - "google.com", - "googlecommerce.com", - "*.googlecommerce.com", - "ggpht.cn", - "*.ggpht.cn", - "urchin.com", - "*.urchin.com", - "youtu.be", - "youtube.com", - "*.youtube.com", - "youtubeeducation.com", - "*.youtubeeducation.com", - "youtubekids.com", - "*.youtubekids.com", - "yt.be", - "*.yt.be", - "android.clients.google.com", - "developer.android.google.cn", - "developers.android.google.cn", - "source.android.google.cn" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", - "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", - "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2027-09-30T00:00:42", - "not_valid_before": "2020-08-13T00:00:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 - }, - "serial_number": 159612451717983579589660725350, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFYjCCBEqgAwIBAgIQd70NbNs2+RrqIQ/E8FjTDTANBgkqhkiG9w0BAQsFADBX\nMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE\nCxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIwMDYx\nOTAwMDA0MloXDTI4MDEyODAwMDA0MlowRzELMAkGA1UEBhMCVVMxIjAgBgNVBAoT\nGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBMTEMxFDASBgNVBAMTC0dUUyBSb290IFIx\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAthECix7joXebO9y/lD63\nladAPKH9gvl9MgaCcfb2jH/76Nu8ai6Xl6OMS/kr9rH5zoQdsfnFl97vufKj6bwS\niV6nqlKr+CMny6SxnGPb15l+8Ape62im9MZaRw1NEDPjTrETo8gYbEvs/AmQ351k\nKSUjB6G00j0uYODP0gmHu81I8E3CwnqIiru6z1kZ1q+PsAewnjHxgsHA3y6mbWwZ\nDrXYfiYaRQM9sHmklCitD38m5agI/pboPGiUU+6DOogrFZYJsuB6jC511pzrp1Zk\nj5ZPaK49l8KEj8C8QMALXL32h7M1bKwYUH+E4EzNktMg6TO8UpmvMrUpsyUqtEj5\ncuHKZPfmghCN6J3Cioj6OGaK/GP5Afl4/Xtcd/p2h/rs37EOeZVXtL0m79YB0esW\nCruOC7XFxYpVq9Os6pFLKcwZpDIlTirxZUTQAs6qzkm06p98g7BAe+dDq6dso499\niYH6TKX/1Y7DzkvgtdizjkXPdsDtQCv9Uw+wp9U7DbGKogPeMa3Md+pvez7W35Ei\nEua++tgy/BBjFFFy3l3WFpO9KWgz7zpm7AeKJt8T11dleCfeXkkUAKIAf5qoIbap\nsZWwpbkNFhHax2xIPEDgfg1azVY80ZcFuctL7TlLnMQ/0lUTbiSw1nH69MG6zO0b\n9f6BQdgAmD06yK56mDcYBZUCAwEAAaOCATgwggE0MA4GA1UdDwEB/wQEAwIBhjAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTkrysmcRorSCeFL1JmLO/wiRNxPjAf\nBgNVHSMEGDAWgBRge2YaRQ2XyolQL30EzTSo//z9SzBgBggrBgEFBQcBAQRUMFIw\nJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnBraS5nb29nL2dzcjEwKQYIKwYBBQUH\nMAKGHWh0dHA6Ly9wa2kuZ29vZy9nc3IxL2dzcjEuY3J0MDIGA1UdHwQrMCkwJ6Al\noCOGIWh0dHA6Ly9jcmwucGtpLmdvb2cvZ3NyMS9nc3IxLmNybDA7BgNVHSAENDAy\nMAgGBmeBDAECATAIBgZngQwBAgIwDQYLKwYBBAHWeQIFAwIwDQYLKwYBBAHWeQIF\nAwMwDQYJKoZIhvcNAQELBQADggEBADSkHrEoo9C0dhemMXoh6dFSPsjbdBZBiLg9\nNR3t5P+T4Vxfq7vqfM/b5A3Ri1fyJm9bvhdGaJQ3b2t6yMAYN/olUazsaL+yyEn9\nWprKASOshIArAoyZl+tJaox118fessmXn1hIVw41oeQa1v1vg4Fv74zPl6/AhSrw\n9U5pCZEt4Wi4wStz6dTZ/CLANx8LZh1J7QJVj2fhMtfTJr9w4z30Z209fOU0iOMy\n+qduBmpvvYuR7hZL6Dupszfnw0Skfths18dG9ZKb59UhvmaSGZRVbNQpsg3BZlvi\nd0lIKO2d1xozclOzgjXPYovJJIultzkMu34qQb9Sz/yilrbCgj8=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "CHRUh+iRwZ4weMHyoH5FKVDvNvY=", - "fingerprint_sha256": "PuAnjfcfo8ElxM1IfwHXdGlOb8V+DNlMJO/XaRM5GOU=", - "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=BE", - "value": "BE" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=GlobalSign nv-sa", - "value": "GlobalSign nv-sa" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=Root CA", - "value": "Root CA" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GlobalSign Root CA", - "value": "GlobalSign Root CA" - } - ], - "rfc4514_string": "CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE" - }, - "not_valid_after": "2028-01-28T00:00:42", - "not_valid_before": "2020-06-19T00:00:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 - }, - "serial_number": 159159747900478145820483398898491642637, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG\nA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv\nb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw\nMDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i\nYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT\naWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ\njc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp\nxy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp\n1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG\nsnUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ\nU26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8\n9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E\nBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B\nAQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz\nyj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE\n38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP\nAbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad\nDKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME\nHMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "sbyWi9T0nWIqqJqB8hUBUqQdgpw=", - "fingerprint_sha256": "69QQQOS7PsdCyeOB0x7ypBpItmhclufO88HfbNQzHJk=", - "hpkp_pin": "K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=BE", - "value": "BE" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=GlobalSign nv-sa", - "value": "GlobalSign nv-sa" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=Root CA", - "value": "Root CA" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GlobalSign Root CA", - "value": "GlobalSign Root CA" - } - ], - "rfc4514_string": "CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE" - }, - "not_valid_after": "2028-01-28T12:00:00", - "not_valid_before": "1998-09-01T12:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27527298331346624659307815003393871405544020859223571253338520804765223430982458246098772321151941672961640627675186276205051526242643378100158885513217742058056466168392650055013100104849176312294167242041140310435772026717601763184706480259485212806902223894888566729634266984619221168862421838192203495151893762216777748330129909588210203299778581898175320882908371930984451809054509645379277309791084909705758372477320893336152882629891014286744815684371510751674825920204180490258122986862539585201934155220945732937830308834387108046657005363452071776396707181283143463213972159925612976006433949563180335468751 - }, - "serial_number": 4835703278459707669005204, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=BE", - "value": "BE" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=GlobalSign nv-sa", - "value": "GlobalSign nv-sa" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=Root CA", - "value": "Root CA" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GlobalSign Root CA", - "value": "GlobalSign Root CA" - } - ], - "rfc4514_string": "CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": [ - { - "dotted_string": "1.2.276.0.44.1.1.1.4", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.392.200091.100.721.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.40.0.17.1.22", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.616.1.113527.2.5.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.159.1.17.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.13177.10.1.3.10", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14370.1.6", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14777.6.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14777.6.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.14.2.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.14.2.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.8.12.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.8.12.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.22234.2.5.2.3.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.23223.1.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.29836.1.10", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.3", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.4", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.36305.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.40869.1.1.22.3", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.4146.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.4788.2.202.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.6334.1.100.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.6449.1.2.1.5.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.782.1.2.1.8.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.7879.13.24.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.8024.0.2.100.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.156.112554.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.528.1.1003.1.2.7", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.578.1.26.1.3.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.756.1.83.21.0", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.756.1.89.1.2.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.792.3.0.3.1.1.5", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.792.3.0.4.1.1.4", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.113733.1.7.23.6", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.113733.1.7.48.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114028.10.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114171.500.9", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114404.1.1.2.4.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114412.2.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114413.1.7.23.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114414.1.7.23.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114414.1.7.24.3", - "name": "Unknown OID" - } - ], - "name": "Mozilla", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/mozilla_nss.pem", - "version": "2021-09-25" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIOfTCCDWWgAwIBAgIQd+2aBfss7EsKAAAAASX9FTANBgkqhkiG9w0BAQsFADBG\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzETMBEGA1UEAxMKR1RTIENBIDFDMzAeFw0yMTExMjkwMjIxNDBaFw0yMjAyMjEw\nMjIxMzlaMBcxFTATBgNVBAMMDCouZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAK1kyHzdiamF+Vh9PQCWLDW0Vp2ANmwZqiacEv/eFnfR\n2UcU9aZ7Hpd8hxfUYTnXsOL5nNW/NO1go/7c3gOxHTysGFHL5ABwzX94qpXpBaGQ\nkGg5IW9s0PDeZWJIIcgxcNAmT6C3WZh8ZC++EksniGezcpPIx2jlj2//K/GVPrUH\n2H8AruFnkJo7S4ab4+noxyu3RGhqc9w8Spyrl9lO4ZKdwRJDf1+Ad/g+Z03KxuTl\nllN87aXdog05WbEIwroMJPXXr2b1BiTiTW0RUrweT2OU5jsMjt88obokCi4xpdR2\nCLKgKIOcXV2YCqptVHK1K48NpLtMefFBiwuLCzMzFEECAwEAAaOCC5QwgguQMA4G\nA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRkbVrunXMAhh6SIpqkw571PmHaxDAfBgNVHSMEGDAWgBSKdH+v\nhc3ulc09nNDiRhTzcTUdJzBqBggrBgEFBQcBAQReMFwwJwYIKwYBBQUHMAGGG2h0\ndHA6Ly9vY3NwLnBraS5nb29nL2d0czFjMzAxBggrBgEFBQcwAoYlaHR0cDovL3Br\naS5nb29nL3JlcG8vY2VydHMvZ3RzMWMzLmRlcjCCCUIGA1UdEQSCCTkwggk1ggwq\nLmdvb2dsZS5jb22CFiouYXBwZW5naW5lLmdvb2dsZS5jb22CCSouYmRuLmRldoIS\nKi5jbG91ZC5nb29nbGUuY29tghgqLmNyb3dkc291cmNlLmdvb2dsZS5jb22CGCou\nZGF0YWNvbXB1dGUuZ29vZ2xlLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNs\ngg4qLmdvb2dsZS5jby5pboIOKi5nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVr\ngg8qLmdvb2dsZS5jb20uYXKCDyouZ29vZ2xlLmNvbS5hdYIPKi5nb29nbGUuY29t\nLmJygg8qLmdvb2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIPKi5nb29nbGUu\nY29tLnRygg8qLmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5l\nc4ILKi5nb29nbGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29n\nbGUubmyCCyouZ29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMu\nY29tgg8qLmdvb2dsZWFwaXMuY26CESouZ29vZ2xldmlkZW8uY29tggwqLmdzdGF0\naWMuY26CECouZ3N0YXRpYy1jbi5jb22CD2dvb2dsZWNuYXBwcy5jboIRKi5nb29n\nbGVjbmFwcHMuY26CEWdvb2dsZWFwcHMtY24uY29tghMqLmdvb2dsZWFwcHMtY24u\nY29tggxna2VjbmFwcHMuY26CDiouZ2tlY25hcHBzLmNughJnb29nbGVkb3dubG9h\nZHMuY26CFCouZ29vZ2xlZG93bmxvYWRzLmNughByZWNhcHRjaGEubmV0LmNughIq\nLnJlY2FwdGNoYS5uZXQuY26CC3dpZGV2aW5lLmNugg0qLndpZGV2aW5lLmNughFh\nbXBwcm9qZWN0Lm9yZy5jboITKi5hbXBwcm9qZWN0Lm9yZy5jboIRYW1wcHJvamVj\ndC5uZXQuY26CEyouYW1wcHJvamVjdC5uZXQuY26CF2dvb2dsZS1hbmFseXRpY3Mt\nY24uY29tghkqLmdvb2dsZS1hbmFseXRpY3MtY24uY29tghdnb29nbGVhZHNlcnZp\nY2VzLWNuLmNvbYIZKi5nb29nbGVhZHNlcnZpY2VzLWNuLmNvbYIRZ29vZ2xldmFk\ncy1jbi5jb22CEyouZ29vZ2xldmFkcy1jbi5jb22CEWdvb2dsZWFwaXMtY24uY29t\nghMqLmdvb2dsZWFwaXMtY24uY29tghVnb29nbGVvcHRpbWl6ZS1jbi5jb22CFyou\nZ29vZ2xlb3B0aW1pemUtY24uY29tghJkb3VibGVjbGljay1jbi5uZXSCFCouZG91\nYmxlY2xpY2stY24ubmV0ghgqLmZscy5kb3VibGVjbGljay1jbi5uZXSCFiouZy5k\nb3VibGVjbGljay1jbi5uZXSCDmRvdWJsZWNsaWNrLmNughAqLmRvdWJsZWNsaWNr\nLmNughQqLmZscy5kb3VibGVjbGljay5jboISKi5nLmRvdWJsZWNsaWNrLmNughFk\nYXJ0c2VhcmNoLWNuLm5ldIITKi5kYXJ0c2VhcmNoLWNuLm5ldIIdZ29vZ2xldHJh\ndmVsYWRzZXJ2aWNlcy1jbi5jb22CHyouZ29vZ2xldHJhdmVsYWRzZXJ2aWNlcy1j\nbi5jb22CGGdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNvbYIaKi5nb29nbGV0YWdzZXJ2\naWNlcy1jbi5jb22CF2dvb2dsZXRhZ21hbmFnZXItY24uY29tghkqLmdvb2dsZXRh\nZ21hbmFnZXItY24uY29tghhnb29nbGVzeW5kaWNhdGlvbi1jbi5jb22CGiouZ29v\nZ2xlc3luZGljYXRpb24tY24uY29tgiQqLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CFmFwcC1tZWFzdXJlbWVudC1jbi5jb22CGCouYXBwLW1lYXN1\ncmVtZW50LWNuLmNvbYILZ3Z0MS1jbi5jb22CDSouZ3Z0MS1jbi5jb22CC2d2dDIt\nY24uY29tgg0qLmd2dDItY24uY29tggsybWRuLWNuLm5ldIINKi4ybWRuLWNuLm5l\ndIIUZ29vZ2xlZmxpZ2h0cy1jbi5uZXSCFiouZ29vZ2xlZmxpZ2h0cy1jbi5uZXSC\nDGFkbW9iLWNuLmNvbYIOKi5hZG1vYi1jbi5jb22CDSouZ3N0YXRpYy5jb22CFCou\nbWV0cmljLmdzdGF0aWMuY29tggoqLmd2dDEuY29tghEqLmdjcGNkbi5ndnQxLmNv\nbYIKKi5ndnQyLmNvbYIOKi5nY3AuZ3Z0Mi5jb22CECoudXJsLmdvb2dsZS5jb22C\nFioueW91dHViZS1ub2Nvb2tpZS5jb22CCyoueXRpbWcuY29tggthbmRyb2lkLmNv\nbYINKi5hbmRyb2lkLmNvbYITKi5mbGFzaC5hbmRyb2lkLmNvbYIEZy5jboIGKi5n\nLmNuggRnLmNvggYqLmcuY2+CBmdvby5nbIIKd3d3Lmdvby5nbIIUZ29vZ2xlLWFu\nYWx5dGljcy5jb22CFiouZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5jb22C\nEmdvb2dsZWNvbW1lcmNlLmNvbYIUKi5nb29nbGVjb21tZXJjZS5jb22CCGdncGh0\nLmNuggoqLmdncGh0LmNuggp1cmNoaW4uY29tggwqLnVyY2hpbi5jb22CCHlvdXR1\nLmJlggt5b3V0dWJlLmNvbYINKi55b3V0dWJlLmNvbYIUeW91dHViZWVkdWNhdGlv\nbi5jb22CFioueW91dHViZWVkdWNhdGlvbi5jb22CD3lvdXR1YmVraWRzLmNvbYIR\nKi55b3V0dWJla2lkcy5jb22CBXl0LmJlggcqLnl0LmJlghphbmRyb2lkLmNsaWVu\ndHMuZ29vZ2xlLmNvbYIbZGV2ZWxvcGVyLmFuZHJvaWQuZ29vZ2xlLmNughxkZXZl\nbG9wZXJzLmFuZHJvaWQuZ29vZ2xlLmNughhzb3VyY2UuYW5kcm9pZC5nb29nbGUu\nY24wIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxYzMvemRBVHQwRXhfRmsu\nY3JsMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAKXm+8J45OSHwVnOfY6V35b5X\nfZxgCvj5TV0mXCVdx4QAAAF9abZ3FwAABAMASDBGAiEAzaVx7NE+ZVGOQ8o4xW2e\ndtM5xk0oOOA0T4Bx9a7GR34CIQCF7CLZ0JTrK5WHwYx/rWQ+fnvp/XADSAbosa5q\nb/Bv/AB3AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfWm2dywA\nAAQDAEgwRgIhAPALzEmjaCwQG4GBR0cM5D8p3NlEqWPJmqCDrcptclYdAiEAq9JX\nqm37pB/R/OHPGC7AjpKKCCJ1qpvwNZogH85ruS4wDQYJKoZIhvcNAQELBQADggEB\nAIxs/oH+o0mVzI1lnZZbGZP6YjtOX4x7PVC5sTnUPXma/gdwzIefnrSU4QF+cKv6\n+JsFSzvQhcDFkqq/C3K2xj3dikINauIqEFJWcbHVqv43a0Gkhqhqa1RvuYGJTaNk\n3PCqn2qpGxuwzYCBdGzu33G48XiLKqvThFmjcHyfgB7WTbOgLcjQEAA9buzLNjpS\n8ePPP8avbl3AsiVQko4VD7Rdf4RTEoY7QbVGQovmljr3zcSZoTtkh6Jj5h36sTtk\nqN3j5ES7RyC6hnh0eWrvFGt//yTFil/mEU7DYYTRA9U+1nrSppbSlWM3HGVN8po5\nx4JAV8fxdrUjFsDDGX3pa8Q=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "5t51VWELQYVRHE/2eiSYya+8G5A=", - "fingerprint_sha256": "wFJnEP8g/2R25wwFr2NDSJ9YvsCu8OnJ+fkLCkobWTY=", - "hpkp_pin": "bhmwkLYwGyUDDhzos11UGJYAKGwR9wyxC/knLZzlkSs=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2022-02-21T02:21:39", - "not_valid_before": "2021-11-29T02:21:40", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 21888924785274671114212116798050489332058235941353934902816769603495162665725679579497244893212144953326782028588961935836208966504939320851802356955522834236195422537512627825798044971454314657647167856689142212031986940520202670028347541469889913737417086406535223731863751331155005571533908422639151265622861795192396361132263839721684170695529639757796817496945872409990350759925660522031382698065998695811983379259440878375311544679808296292938648598818902795405337007199137231174780159959136437972758527521905452372035990081824985079550831699188850043309540405746993861062800363226186126946878862482768494007361 - }, - "serial_number": 159411829818832564016018738286296431893, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.google.com", - "value": "*.google.com" - } - ], - "rfc4514_string": "CN=*.google.com" - }, - "subject_alternative_name": { - "dns": [ - "*.google.com", - "*.appengine.google.com", - "*.bdn.dev", - "*.cloud.google.com", - "*.crowdsource.google.com", - "*.datacompute.google.com", - "*.google.ca", - "*.google.cl", - "*.google.co.in", - "*.google.co.jp", - "*.google.co.uk", - "*.google.com.ar", - "*.google.com.au", - "*.google.com.br", - "*.google.com.co", - "*.google.com.mx", - "*.google.com.tr", - "*.google.com.vn", - "*.google.de", - "*.google.es", - "*.google.fr", - "*.google.hu", - "*.google.it", - "*.google.nl", - "*.google.pl", - "*.google.pt", - "*.googleadapis.com", - "*.googleapis.cn", - "*.googlevideo.com", - "*.gstatic.cn", - "*.gstatic-cn.com", - "googlecnapps.cn", - "*.googlecnapps.cn", - "googleapps-cn.com", - "*.googleapps-cn.com", - "gkecnapps.cn", - "*.gkecnapps.cn", - "googledownloads.cn", - "*.googledownloads.cn", - "recaptcha.net.cn", - "*.recaptcha.net.cn", - "widevine.cn", - "*.widevine.cn", - "ampproject.org.cn", - "*.ampproject.org.cn", - "ampproject.net.cn", - "*.ampproject.net.cn", - "google-analytics-cn.com", - "*.google-analytics-cn.com", - "googleadservices-cn.com", - "*.googleadservices-cn.com", - "googlevads-cn.com", - "*.googlevads-cn.com", - "googleapis-cn.com", - "*.googleapis-cn.com", - "googleoptimize-cn.com", - "*.googleoptimize-cn.com", - "doubleclick-cn.net", - "*.doubleclick-cn.net", - "*.fls.doubleclick-cn.net", - "*.g.doubleclick-cn.net", - "doubleclick.cn", - "*.doubleclick.cn", - "*.fls.doubleclick.cn", - "*.g.doubleclick.cn", - "dartsearch-cn.net", - "*.dartsearch-cn.net", - "googletraveladservices-cn.com", - "*.googletraveladservices-cn.com", - "googletagservices-cn.com", - "*.googletagservices-cn.com", - "googletagmanager-cn.com", - "*.googletagmanager-cn.com", - "googlesyndication-cn.com", - "*.googlesyndication-cn.com", - "*.safeframe.googlesyndication-cn.com", - "app-measurement-cn.com", - "*.app-measurement-cn.com", - "gvt1-cn.com", - "*.gvt1-cn.com", - "gvt2-cn.com", - "*.gvt2-cn.com", - "2mdn-cn.net", - "*.2mdn-cn.net", - "googleflights-cn.net", - "*.googleflights-cn.net", - "admob-cn.com", - "*.admob-cn.com", - "*.gstatic.com", - "*.metric.gstatic.com", - "*.gvt1.com", - "*.gcpcdn.gvt1.com", - "*.gvt2.com", - "*.gcp.gvt2.com", - "*.url.google.com", - "*.youtube-nocookie.com", - "*.ytimg.com", - "android.com", - "*.android.com", - "*.flash.android.com", - "g.cn", - "*.g.cn", - "g.co", - "*.g.co", - "goo.gl", - "www.goo.gl", - "google-analytics.com", - "*.google-analytics.com", - "google.com", - "googlecommerce.com", - "*.googlecommerce.com", - "ggpht.cn", - "*.ggpht.cn", - "urchin.com", - "*.urchin.com", - "youtu.be", - "youtube.com", - "*.youtube.com", - "youtubeeducation.com", - "*.youtubeeducation.com", - "youtubekids.com", - "*.youtubekids.com", - "yt.be", - "*.yt.be", - "android.clients.google.com", - "developer.android.google.cn", - "developers.android.google.cn", - "source.android.google.cn" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", - "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", - "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2027-09-30T00:00:42", - "not_valid_before": "2020-08-13T00:00:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 - }, - "serial_number": 159612451717983579589660725350, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", - "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", - "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2036-06-22T00:00:00", - "not_valid_before": "2016-06-22T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 - }, - "serial_number": 146587175971765017618439757810265552097, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.12", - "name": "sha384WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 48, - "name": "sha384" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Windows", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/microsoft_windows.pem", - "version": "2021-09-25" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIOfTCCDWWgAwIBAgIQd+2aBfss7EsKAAAAASX9FTANBgkqhkiG9w0BAQsFADBG\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzETMBEGA1UEAxMKR1RTIENBIDFDMzAeFw0yMTExMjkwMjIxNDBaFw0yMjAyMjEw\nMjIxMzlaMBcxFTATBgNVBAMMDCouZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAK1kyHzdiamF+Vh9PQCWLDW0Vp2ANmwZqiacEv/eFnfR\n2UcU9aZ7Hpd8hxfUYTnXsOL5nNW/NO1go/7c3gOxHTysGFHL5ABwzX94qpXpBaGQ\nkGg5IW9s0PDeZWJIIcgxcNAmT6C3WZh8ZC++EksniGezcpPIx2jlj2//K/GVPrUH\n2H8AruFnkJo7S4ab4+noxyu3RGhqc9w8Spyrl9lO4ZKdwRJDf1+Ad/g+Z03KxuTl\nllN87aXdog05WbEIwroMJPXXr2b1BiTiTW0RUrweT2OU5jsMjt88obokCi4xpdR2\nCLKgKIOcXV2YCqptVHK1K48NpLtMefFBiwuLCzMzFEECAwEAAaOCC5QwgguQMA4G\nA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRkbVrunXMAhh6SIpqkw571PmHaxDAfBgNVHSMEGDAWgBSKdH+v\nhc3ulc09nNDiRhTzcTUdJzBqBggrBgEFBQcBAQReMFwwJwYIKwYBBQUHMAGGG2h0\ndHA6Ly9vY3NwLnBraS5nb29nL2d0czFjMzAxBggrBgEFBQcwAoYlaHR0cDovL3Br\naS5nb29nL3JlcG8vY2VydHMvZ3RzMWMzLmRlcjCCCUIGA1UdEQSCCTkwggk1ggwq\nLmdvb2dsZS5jb22CFiouYXBwZW5naW5lLmdvb2dsZS5jb22CCSouYmRuLmRldoIS\nKi5jbG91ZC5nb29nbGUuY29tghgqLmNyb3dkc291cmNlLmdvb2dsZS5jb22CGCou\nZGF0YWNvbXB1dGUuZ29vZ2xlLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNs\ngg4qLmdvb2dsZS5jby5pboIOKi5nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVr\ngg8qLmdvb2dsZS5jb20uYXKCDyouZ29vZ2xlLmNvbS5hdYIPKi5nb29nbGUuY29t\nLmJygg8qLmdvb2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIPKi5nb29nbGUu\nY29tLnRygg8qLmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5l\nc4ILKi5nb29nbGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29n\nbGUubmyCCyouZ29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMu\nY29tgg8qLmdvb2dsZWFwaXMuY26CESouZ29vZ2xldmlkZW8uY29tggwqLmdzdGF0\naWMuY26CECouZ3N0YXRpYy1jbi5jb22CD2dvb2dsZWNuYXBwcy5jboIRKi5nb29n\nbGVjbmFwcHMuY26CEWdvb2dsZWFwcHMtY24uY29tghMqLmdvb2dsZWFwcHMtY24u\nY29tggxna2VjbmFwcHMuY26CDiouZ2tlY25hcHBzLmNughJnb29nbGVkb3dubG9h\nZHMuY26CFCouZ29vZ2xlZG93bmxvYWRzLmNughByZWNhcHRjaGEubmV0LmNughIq\nLnJlY2FwdGNoYS5uZXQuY26CC3dpZGV2aW5lLmNugg0qLndpZGV2aW5lLmNughFh\nbXBwcm9qZWN0Lm9yZy5jboITKi5hbXBwcm9qZWN0Lm9yZy5jboIRYW1wcHJvamVj\ndC5uZXQuY26CEyouYW1wcHJvamVjdC5uZXQuY26CF2dvb2dsZS1hbmFseXRpY3Mt\nY24uY29tghkqLmdvb2dsZS1hbmFseXRpY3MtY24uY29tghdnb29nbGVhZHNlcnZp\nY2VzLWNuLmNvbYIZKi5nb29nbGVhZHNlcnZpY2VzLWNuLmNvbYIRZ29vZ2xldmFk\ncy1jbi5jb22CEyouZ29vZ2xldmFkcy1jbi5jb22CEWdvb2dsZWFwaXMtY24uY29t\nghMqLmdvb2dsZWFwaXMtY24uY29tghVnb29nbGVvcHRpbWl6ZS1jbi5jb22CFyou\nZ29vZ2xlb3B0aW1pemUtY24uY29tghJkb3VibGVjbGljay1jbi5uZXSCFCouZG91\nYmxlY2xpY2stY24ubmV0ghgqLmZscy5kb3VibGVjbGljay1jbi5uZXSCFiouZy5k\nb3VibGVjbGljay1jbi5uZXSCDmRvdWJsZWNsaWNrLmNughAqLmRvdWJsZWNsaWNr\nLmNughQqLmZscy5kb3VibGVjbGljay5jboISKi5nLmRvdWJsZWNsaWNrLmNughFk\nYXJ0c2VhcmNoLWNuLm5ldIITKi5kYXJ0c2VhcmNoLWNuLm5ldIIdZ29vZ2xldHJh\ndmVsYWRzZXJ2aWNlcy1jbi5jb22CHyouZ29vZ2xldHJhdmVsYWRzZXJ2aWNlcy1j\nbi5jb22CGGdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNvbYIaKi5nb29nbGV0YWdzZXJ2\naWNlcy1jbi5jb22CF2dvb2dsZXRhZ21hbmFnZXItY24uY29tghkqLmdvb2dsZXRh\nZ21hbmFnZXItY24uY29tghhnb29nbGVzeW5kaWNhdGlvbi1jbi5jb22CGiouZ29v\nZ2xlc3luZGljYXRpb24tY24uY29tgiQqLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CFmFwcC1tZWFzdXJlbWVudC1jbi5jb22CGCouYXBwLW1lYXN1\ncmVtZW50LWNuLmNvbYILZ3Z0MS1jbi5jb22CDSouZ3Z0MS1jbi5jb22CC2d2dDIt\nY24uY29tgg0qLmd2dDItY24uY29tggsybWRuLWNuLm5ldIINKi4ybWRuLWNuLm5l\ndIIUZ29vZ2xlZmxpZ2h0cy1jbi5uZXSCFiouZ29vZ2xlZmxpZ2h0cy1jbi5uZXSC\nDGFkbW9iLWNuLmNvbYIOKi5hZG1vYi1jbi5jb22CDSouZ3N0YXRpYy5jb22CFCou\nbWV0cmljLmdzdGF0aWMuY29tggoqLmd2dDEuY29tghEqLmdjcGNkbi5ndnQxLmNv\nbYIKKi5ndnQyLmNvbYIOKi5nY3AuZ3Z0Mi5jb22CECoudXJsLmdvb2dsZS5jb22C\nFioueW91dHViZS1ub2Nvb2tpZS5jb22CCyoueXRpbWcuY29tggthbmRyb2lkLmNv\nbYINKi5hbmRyb2lkLmNvbYITKi5mbGFzaC5hbmRyb2lkLmNvbYIEZy5jboIGKi5n\nLmNuggRnLmNvggYqLmcuY2+CBmdvby5nbIIKd3d3Lmdvby5nbIIUZ29vZ2xlLWFu\nYWx5dGljcy5jb22CFiouZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5jb22C\nEmdvb2dsZWNvbW1lcmNlLmNvbYIUKi5nb29nbGVjb21tZXJjZS5jb22CCGdncGh0\nLmNuggoqLmdncGh0LmNuggp1cmNoaW4uY29tggwqLnVyY2hpbi5jb22CCHlvdXR1\nLmJlggt5b3V0dWJlLmNvbYINKi55b3V0dWJlLmNvbYIUeW91dHViZWVkdWNhdGlv\nbi5jb22CFioueW91dHViZWVkdWNhdGlvbi5jb22CD3lvdXR1YmVraWRzLmNvbYIR\nKi55b3V0dWJla2lkcy5jb22CBXl0LmJlggcqLnl0LmJlghphbmRyb2lkLmNsaWVu\ndHMuZ29vZ2xlLmNvbYIbZGV2ZWxvcGVyLmFuZHJvaWQuZ29vZ2xlLmNughxkZXZl\nbG9wZXJzLmFuZHJvaWQuZ29vZ2xlLmNughhzb3VyY2UuYW5kcm9pZC5nb29nbGUu\nY24wIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxYzMvemRBVHQwRXhfRmsu\nY3JsMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAKXm+8J45OSHwVnOfY6V35b5X\nfZxgCvj5TV0mXCVdx4QAAAF9abZ3FwAABAMASDBGAiEAzaVx7NE+ZVGOQ8o4xW2e\ndtM5xk0oOOA0T4Bx9a7GR34CIQCF7CLZ0JTrK5WHwYx/rWQ+fnvp/XADSAbosa5q\nb/Bv/AB3AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfWm2dywA\nAAQDAEgwRgIhAPALzEmjaCwQG4GBR0cM5D8p3NlEqWPJmqCDrcptclYdAiEAq9JX\nqm37pB/R/OHPGC7AjpKKCCJ1qpvwNZogH85ruS4wDQYJKoZIhvcNAQELBQADggEB\nAIxs/oH+o0mVzI1lnZZbGZP6YjtOX4x7PVC5sTnUPXma/gdwzIefnrSU4QF+cKv6\n+JsFSzvQhcDFkqq/C3K2xj3dikINauIqEFJWcbHVqv43a0Gkhqhqa1RvuYGJTaNk\n3PCqn2qpGxuwzYCBdGzu33G48XiLKqvThFmjcHyfgB7WTbOgLcjQEAA9buzLNjpS\n8ePPP8avbl3AsiVQko4VD7Rdf4RTEoY7QbVGQovmljr3zcSZoTtkh6Jj5h36sTtk\nqN3j5ES7RyC6hnh0eWrvFGt//yTFil/mEU7DYYTRA9U+1nrSppbSlWM3HGVN8po5\nx4JAV8fxdrUjFsDDGX3pa8Q=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "5t51VWELQYVRHE/2eiSYya+8G5A=", - "fingerprint_sha256": "wFJnEP8g/2R25wwFr2NDSJ9YvsCu8OnJ+fkLCkobWTY=", - "hpkp_pin": "bhmwkLYwGyUDDhzos11UGJYAKGwR9wyxC/knLZzlkSs=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2022-02-21T02:21:39", - "not_valid_before": "2021-11-29T02:21:40", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 21888924785274671114212116798050489332058235941353934902816769603495162665725679579497244893212144953326782028588961935836208966504939320851802356955522834236195422537512627825798044971454314657647167856689142212031986940520202670028347541469889913737417086406535223731863751331155005571533908422639151265622861795192396361132263839721684170695529639757796817496945872409990350759925660522031382698065998695811983379259440878375311544679808296292938648598818902795405337007199137231174780159959136437972758527521905452372035990081824985079550831699188850043309540405746993861062800363226186126946878862482768494007361 - }, - "serial_number": 159411829818832564016018738286296431893, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.google.com", - "value": "*.google.com" - } - ], - "rfc4514_string": "CN=*.google.com" - }, - "subject_alternative_name": { - "dns": [ - "*.google.com", - "*.appengine.google.com", - "*.bdn.dev", - "*.cloud.google.com", - "*.crowdsource.google.com", - "*.datacompute.google.com", - "*.google.ca", - "*.google.cl", - "*.google.co.in", - "*.google.co.jp", - "*.google.co.uk", - "*.google.com.ar", - "*.google.com.au", - "*.google.com.br", - "*.google.com.co", - "*.google.com.mx", - "*.google.com.tr", - "*.google.com.vn", - "*.google.de", - "*.google.es", - "*.google.fr", - "*.google.hu", - "*.google.it", - "*.google.nl", - "*.google.pl", - "*.google.pt", - "*.googleadapis.com", - "*.googleapis.cn", - "*.googlevideo.com", - "*.gstatic.cn", - "*.gstatic-cn.com", - "googlecnapps.cn", - "*.googlecnapps.cn", - "googleapps-cn.com", - "*.googleapps-cn.com", - "gkecnapps.cn", - "*.gkecnapps.cn", - "googledownloads.cn", - "*.googledownloads.cn", - "recaptcha.net.cn", - "*.recaptcha.net.cn", - "widevine.cn", - "*.widevine.cn", - "ampproject.org.cn", - "*.ampproject.org.cn", - "ampproject.net.cn", - "*.ampproject.net.cn", - "google-analytics-cn.com", - "*.google-analytics-cn.com", - "googleadservices-cn.com", - "*.googleadservices-cn.com", - "googlevads-cn.com", - "*.googlevads-cn.com", - "googleapis-cn.com", - "*.googleapis-cn.com", - "googleoptimize-cn.com", - "*.googleoptimize-cn.com", - "doubleclick-cn.net", - "*.doubleclick-cn.net", - "*.fls.doubleclick-cn.net", - "*.g.doubleclick-cn.net", - "doubleclick.cn", - "*.doubleclick.cn", - "*.fls.doubleclick.cn", - "*.g.doubleclick.cn", - "dartsearch-cn.net", - "*.dartsearch-cn.net", - "googletraveladservices-cn.com", - "*.googletraveladservices-cn.com", - "googletagservices-cn.com", - "*.googletagservices-cn.com", - "googletagmanager-cn.com", - "*.googletagmanager-cn.com", - "googlesyndication-cn.com", - "*.googlesyndication-cn.com", - "*.safeframe.googlesyndication-cn.com", - "app-measurement-cn.com", - "*.app-measurement-cn.com", - "gvt1-cn.com", - "*.gvt1-cn.com", - "gvt2-cn.com", - "*.gvt2-cn.com", - "2mdn-cn.net", - "*.2mdn-cn.net", - "googleflights-cn.net", - "*.googleflights-cn.net", - "admob-cn.com", - "*.admob-cn.com", - "*.gstatic.com", - "*.metric.gstatic.com", - "*.gvt1.com", - "*.gcpcdn.gvt1.com", - "*.gvt2.com", - "*.gcp.gvt2.com", - "*.url.google.com", - "*.youtube-nocookie.com", - "*.ytimg.com", - "android.com", - "*.android.com", - "*.flash.android.com", - "g.cn", - "*.g.cn", - "g.co", - "*.g.co", - "goo.gl", - "www.goo.gl", - "google-analytics.com", - "*.google-analytics.com", - "google.com", - "googlecommerce.com", - "*.googlecommerce.com", - "ggpht.cn", - "*.ggpht.cn", - "urchin.com", - "*.urchin.com", - "youtu.be", - "youtube.com", - "*.youtube.com", - "youtubeeducation.com", - "*.youtubeeducation.com", - "youtubekids.com", - "*.youtubekids.com", - "yt.be", - "*.yt.be", - "android.clients.google.com", - "developer.android.google.cn", - "developers.android.google.cn", - "source.android.google.cn" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", - "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", - "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2027-09-30T00:00:42", - "not_valid_before": "2020-08-13T00:00:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 - }, - "serial_number": 159612451717983579589660725350, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", - "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", - "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2036-06-22T00:00:00", - "not_valid_before": "2016-06-22T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 - }, - "serial_number": 146587175971765017618439757810265552097, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.12", - "name": "sha384WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 48, - "name": "sha384" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - } - ], - "received_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIOfTCCDWWgAwIBAgIQd+2aBfss7EsKAAAAASX9FTANBgkqhkiG9w0BAQsFADBG\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzETMBEGA1UEAxMKR1RTIENBIDFDMzAeFw0yMTExMjkwMjIxNDBaFw0yMjAyMjEw\nMjIxMzlaMBcxFTATBgNVBAMMDCouZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAK1kyHzdiamF+Vh9PQCWLDW0Vp2ANmwZqiacEv/eFnfR\n2UcU9aZ7Hpd8hxfUYTnXsOL5nNW/NO1go/7c3gOxHTysGFHL5ABwzX94qpXpBaGQ\nkGg5IW9s0PDeZWJIIcgxcNAmT6C3WZh8ZC++EksniGezcpPIx2jlj2//K/GVPrUH\n2H8AruFnkJo7S4ab4+noxyu3RGhqc9w8Spyrl9lO4ZKdwRJDf1+Ad/g+Z03KxuTl\nllN87aXdog05WbEIwroMJPXXr2b1BiTiTW0RUrweT2OU5jsMjt88obokCi4xpdR2\nCLKgKIOcXV2YCqptVHK1K48NpLtMefFBiwuLCzMzFEECAwEAAaOCC5QwgguQMA4G\nA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRkbVrunXMAhh6SIpqkw571PmHaxDAfBgNVHSMEGDAWgBSKdH+v\nhc3ulc09nNDiRhTzcTUdJzBqBggrBgEFBQcBAQReMFwwJwYIKwYBBQUHMAGGG2h0\ndHA6Ly9vY3NwLnBraS5nb29nL2d0czFjMzAxBggrBgEFBQcwAoYlaHR0cDovL3Br\naS5nb29nL3JlcG8vY2VydHMvZ3RzMWMzLmRlcjCCCUIGA1UdEQSCCTkwggk1ggwq\nLmdvb2dsZS5jb22CFiouYXBwZW5naW5lLmdvb2dsZS5jb22CCSouYmRuLmRldoIS\nKi5jbG91ZC5nb29nbGUuY29tghgqLmNyb3dkc291cmNlLmdvb2dsZS5jb22CGCou\nZGF0YWNvbXB1dGUuZ29vZ2xlLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNs\ngg4qLmdvb2dsZS5jby5pboIOKi5nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVr\ngg8qLmdvb2dsZS5jb20uYXKCDyouZ29vZ2xlLmNvbS5hdYIPKi5nb29nbGUuY29t\nLmJygg8qLmdvb2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIPKi5nb29nbGUu\nY29tLnRygg8qLmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5l\nc4ILKi5nb29nbGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29n\nbGUubmyCCyouZ29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMu\nY29tgg8qLmdvb2dsZWFwaXMuY26CESouZ29vZ2xldmlkZW8uY29tggwqLmdzdGF0\naWMuY26CECouZ3N0YXRpYy1jbi5jb22CD2dvb2dsZWNuYXBwcy5jboIRKi5nb29n\nbGVjbmFwcHMuY26CEWdvb2dsZWFwcHMtY24uY29tghMqLmdvb2dsZWFwcHMtY24u\nY29tggxna2VjbmFwcHMuY26CDiouZ2tlY25hcHBzLmNughJnb29nbGVkb3dubG9h\nZHMuY26CFCouZ29vZ2xlZG93bmxvYWRzLmNughByZWNhcHRjaGEubmV0LmNughIq\nLnJlY2FwdGNoYS5uZXQuY26CC3dpZGV2aW5lLmNugg0qLndpZGV2aW5lLmNughFh\nbXBwcm9qZWN0Lm9yZy5jboITKi5hbXBwcm9qZWN0Lm9yZy5jboIRYW1wcHJvamVj\ndC5uZXQuY26CEyouYW1wcHJvamVjdC5uZXQuY26CF2dvb2dsZS1hbmFseXRpY3Mt\nY24uY29tghkqLmdvb2dsZS1hbmFseXRpY3MtY24uY29tghdnb29nbGVhZHNlcnZp\nY2VzLWNuLmNvbYIZKi5nb29nbGVhZHNlcnZpY2VzLWNuLmNvbYIRZ29vZ2xldmFk\ncy1jbi5jb22CEyouZ29vZ2xldmFkcy1jbi5jb22CEWdvb2dsZWFwaXMtY24uY29t\nghMqLmdvb2dsZWFwaXMtY24uY29tghVnb29nbGVvcHRpbWl6ZS1jbi5jb22CFyou\nZ29vZ2xlb3B0aW1pemUtY24uY29tghJkb3VibGVjbGljay1jbi5uZXSCFCouZG91\nYmxlY2xpY2stY24ubmV0ghgqLmZscy5kb3VibGVjbGljay1jbi5uZXSCFiouZy5k\nb3VibGVjbGljay1jbi5uZXSCDmRvdWJsZWNsaWNrLmNughAqLmRvdWJsZWNsaWNr\nLmNughQqLmZscy5kb3VibGVjbGljay5jboISKi5nLmRvdWJsZWNsaWNrLmNughFk\nYXJ0c2VhcmNoLWNuLm5ldIITKi5kYXJ0c2VhcmNoLWNuLm5ldIIdZ29vZ2xldHJh\ndmVsYWRzZXJ2aWNlcy1jbi5jb22CHyouZ29vZ2xldHJhdmVsYWRzZXJ2aWNlcy1j\nbi5jb22CGGdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNvbYIaKi5nb29nbGV0YWdzZXJ2\naWNlcy1jbi5jb22CF2dvb2dsZXRhZ21hbmFnZXItY24uY29tghkqLmdvb2dsZXRh\nZ21hbmFnZXItY24uY29tghhnb29nbGVzeW5kaWNhdGlvbi1jbi5jb22CGiouZ29v\nZ2xlc3luZGljYXRpb24tY24uY29tgiQqLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CFmFwcC1tZWFzdXJlbWVudC1jbi5jb22CGCouYXBwLW1lYXN1\ncmVtZW50LWNuLmNvbYILZ3Z0MS1jbi5jb22CDSouZ3Z0MS1jbi5jb22CC2d2dDIt\nY24uY29tgg0qLmd2dDItY24uY29tggsybWRuLWNuLm5ldIINKi4ybWRuLWNuLm5l\ndIIUZ29vZ2xlZmxpZ2h0cy1jbi5uZXSCFiouZ29vZ2xlZmxpZ2h0cy1jbi5uZXSC\nDGFkbW9iLWNuLmNvbYIOKi5hZG1vYi1jbi5jb22CDSouZ3N0YXRpYy5jb22CFCou\nbWV0cmljLmdzdGF0aWMuY29tggoqLmd2dDEuY29tghEqLmdjcGNkbi5ndnQxLmNv\nbYIKKi5ndnQyLmNvbYIOKi5nY3AuZ3Z0Mi5jb22CECoudXJsLmdvb2dsZS5jb22C\nFioueW91dHViZS1ub2Nvb2tpZS5jb22CCyoueXRpbWcuY29tggthbmRyb2lkLmNv\nbYINKi5hbmRyb2lkLmNvbYITKi5mbGFzaC5hbmRyb2lkLmNvbYIEZy5jboIGKi5n\nLmNuggRnLmNvggYqLmcuY2+CBmdvby5nbIIKd3d3Lmdvby5nbIIUZ29vZ2xlLWFu\nYWx5dGljcy5jb22CFiouZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5jb22C\nEmdvb2dsZWNvbW1lcmNlLmNvbYIUKi5nb29nbGVjb21tZXJjZS5jb22CCGdncGh0\nLmNuggoqLmdncGh0LmNuggp1cmNoaW4uY29tggwqLnVyY2hpbi5jb22CCHlvdXR1\nLmJlggt5b3V0dWJlLmNvbYINKi55b3V0dWJlLmNvbYIUeW91dHViZWVkdWNhdGlv\nbi5jb22CFioueW91dHViZWVkdWNhdGlvbi5jb22CD3lvdXR1YmVraWRzLmNvbYIR\nKi55b3V0dWJla2lkcy5jb22CBXl0LmJlggcqLnl0LmJlghphbmRyb2lkLmNsaWVu\ndHMuZ29vZ2xlLmNvbYIbZGV2ZWxvcGVyLmFuZHJvaWQuZ29vZ2xlLmNughxkZXZl\nbG9wZXJzLmFuZHJvaWQuZ29vZ2xlLmNughhzb3VyY2UuYW5kcm9pZC5nb29nbGUu\nY24wIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxYzMvemRBVHQwRXhfRmsu\nY3JsMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAKXm+8J45OSHwVnOfY6V35b5X\nfZxgCvj5TV0mXCVdx4QAAAF9abZ3FwAABAMASDBGAiEAzaVx7NE+ZVGOQ8o4xW2e\ndtM5xk0oOOA0T4Bx9a7GR34CIQCF7CLZ0JTrK5WHwYx/rWQ+fnvp/XADSAbosa5q\nb/Bv/AB3AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfWm2dywA\nAAQDAEgwRgIhAPALzEmjaCwQG4GBR0cM5D8p3NlEqWPJmqCDrcptclYdAiEAq9JX\nqm37pB/R/OHPGC7AjpKKCCJ1qpvwNZogH85ruS4wDQYJKoZIhvcNAQELBQADggEB\nAIxs/oH+o0mVzI1lnZZbGZP6YjtOX4x7PVC5sTnUPXma/gdwzIefnrSU4QF+cKv6\n+JsFSzvQhcDFkqq/C3K2xj3dikINauIqEFJWcbHVqv43a0Gkhqhqa1RvuYGJTaNk\n3PCqn2qpGxuwzYCBdGzu33G48XiLKqvThFmjcHyfgB7WTbOgLcjQEAA9buzLNjpS\n8ePPP8avbl3AsiVQko4VD7Rdf4RTEoY7QbVGQovmljr3zcSZoTtkh6Jj5h36sTtk\nqN3j5ES7RyC6hnh0eWrvFGt//yTFil/mEU7DYYTRA9U+1nrSppbSlWM3HGVN8po5\nx4JAV8fxdrUjFsDDGX3pa8Q=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "5t51VWELQYVRHE/2eiSYya+8G5A=", - "fingerprint_sha256": "wFJnEP8g/2R25wwFr2NDSJ9YvsCu8OnJ+fkLCkobWTY=", - "hpkp_pin": "bhmwkLYwGyUDDhzos11UGJYAKGwR9wyxC/knLZzlkSs=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2022-02-21T02:21:39", - "not_valid_before": "2021-11-29T02:21:40", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 21888924785274671114212116798050489332058235941353934902816769603495162665725679579497244893212144953326782028588961935836208966504939320851802356955522834236195422537512627825798044971454314657647167856689142212031986940520202670028347541469889913737417086406535223731863751331155005571533908422639151265622861795192396361132263839721684170695529639757796817496945872409990350759925660522031382698065998695811983379259440878375311544679808296292938648598818902795405337007199137231174780159959136437972758527521905452372035990081824985079550831699188850043309540405746993861062800363226186126946878862482768494007361 - }, - "serial_number": 159411829818832564016018738286296431893, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.google.com", - "value": "*.google.com" - } - ], - "rfc4514_string": "CN=*.google.com" - }, - "subject_alternative_name": { - "dns": [ - "*.google.com", - "*.appengine.google.com", - "*.bdn.dev", - "*.cloud.google.com", - "*.crowdsource.google.com", - "*.datacompute.google.com", - "*.google.ca", - "*.google.cl", - "*.google.co.in", - "*.google.co.jp", - "*.google.co.uk", - "*.google.com.ar", - "*.google.com.au", - "*.google.com.br", - "*.google.com.co", - "*.google.com.mx", - "*.google.com.tr", - "*.google.com.vn", - "*.google.de", - "*.google.es", - "*.google.fr", - "*.google.hu", - "*.google.it", - "*.google.nl", - "*.google.pl", - "*.google.pt", - "*.googleadapis.com", - "*.googleapis.cn", - "*.googlevideo.com", - "*.gstatic.cn", - "*.gstatic-cn.com", - "googlecnapps.cn", - "*.googlecnapps.cn", - "googleapps-cn.com", - "*.googleapps-cn.com", - "gkecnapps.cn", - "*.gkecnapps.cn", - "googledownloads.cn", - "*.googledownloads.cn", - "recaptcha.net.cn", - "*.recaptcha.net.cn", - "widevine.cn", - "*.widevine.cn", - "ampproject.org.cn", - "*.ampproject.org.cn", - "ampproject.net.cn", - "*.ampproject.net.cn", - "google-analytics-cn.com", - "*.google-analytics-cn.com", - "googleadservices-cn.com", - "*.googleadservices-cn.com", - "googlevads-cn.com", - "*.googlevads-cn.com", - "googleapis-cn.com", - "*.googleapis-cn.com", - "googleoptimize-cn.com", - "*.googleoptimize-cn.com", - "doubleclick-cn.net", - "*.doubleclick-cn.net", - "*.fls.doubleclick-cn.net", - "*.g.doubleclick-cn.net", - "doubleclick.cn", - "*.doubleclick.cn", - "*.fls.doubleclick.cn", - "*.g.doubleclick.cn", - "dartsearch-cn.net", - "*.dartsearch-cn.net", - "googletraveladservices-cn.com", - "*.googletraveladservices-cn.com", - "googletagservices-cn.com", - "*.googletagservices-cn.com", - "googletagmanager-cn.com", - "*.googletagmanager-cn.com", - "googlesyndication-cn.com", - "*.googlesyndication-cn.com", - "*.safeframe.googlesyndication-cn.com", - "app-measurement-cn.com", - "*.app-measurement-cn.com", - "gvt1-cn.com", - "*.gvt1-cn.com", - "gvt2-cn.com", - "*.gvt2-cn.com", - "2mdn-cn.net", - "*.2mdn-cn.net", - "googleflights-cn.net", - "*.googleflights-cn.net", - "admob-cn.com", - "*.admob-cn.com", - "*.gstatic.com", - "*.metric.gstatic.com", - "*.gvt1.com", - "*.gcpcdn.gvt1.com", - "*.gvt2.com", - "*.gcp.gvt2.com", - "*.url.google.com", - "*.youtube-nocookie.com", - "*.ytimg.com", - "android.com", - "*.android.com", - "*.flash.android.com", - "g.cn", - "*.g.cn", - "g.co", - "*.g.co", - "goo.gl", - "www.goo.gl", - "google-analytics.com", - "*.google-analytics.com", - "google.com", - "googlecommerce.com", - "*.googlecommerce.com", - "ggpht.cn", - "*.ggpht.cn", - "urchin.com", - "*.urchin.com", - "youtu.be", - "youtube.com", - "*.youtube.com", - "youtubeeducation.com", - "*.youtubeeducation.com", - "youtubekids.com", - "*.youtubekids.com", - "yt.be", - "*.yt.be", - "android.clients.google.com", - "developer.android.google.cn", - "developers.android.google.cn", - "source.android.google.cn" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", - "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", - "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2027-09-30T00:00:42", - "not_valid_before": "2020-08-13T00:00:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 - }, - "serial_number": 159612451717983579589660725350, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFYjCCBEqgAwIBAgIQd70NbNs2+RrqIQ/E8FjTDTANBgkqhkiG9w0BAQsFADBX\nMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE\nCxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIwMDYx\nOTAwMDA0MloXDTI4MDEyODAwMDA0MlowRzELMAkGA1UEBhMCVVMxIjAgBgNVBAoT\nGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBMTEMxFDASBgNVBAMTC0dUUyBSb290IFIx\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAthECix7joXebO9y/lD63\nladAPKH9gvl9MgaCcfb2jH/76Nu8ai6Xl6OMS/kr9rH5zoQdsfnFl97vufKj6bwS\niV6nqlKr+CMny6SxnGPb15l+8Ape62im9MZaRw1NEDPjTrETo8gYbEvs/AmQ351k\nKSUjB6G00j0uYODP0gmHu81I8E3CwnqIiru6z1kZ1q+PsAewnjHxgsHA3y6mbWwZ\nDrXYfiYaRQM9sHmklCitD38m5agI/pboPGiUU+6DOogrFZYJsuB6jC511pzrp1Zk\nj5ZPaK49l8KEj8C8QMALXL32h7M1bKwYUH+E4EzNktMg6TO8UpmvMrUpsyUqtEj5\ncuHKZPfmghCN6J3Cioj6OGaK/GP5Afl4/Xtcd/p2h/rs37EOeZVXtL0m79YB0esW\nCruOC7XFxYpVq9Os6pFLKcwZpDIlTirxZUTQAs6qzkm06p98g7BAe+dDq6dso499\niYH6TKX/1Y7DzkvgtdizjkXPdsDtQCv9Uw+wp9U7DbGKogPeMa3Md+pvez7W35Ei\nEua++tgy/BBjFFFy3l3WFpO9KWgz7zpm7AeKJt8T11dleCfeXkkUAKIAf5qoIbap\nsZWwpbkNFhHax2xIPEDgfg1azVY80ZcFuctL7TlLnMQ/0lUTbiSw1nH69MG6zO0b\n9f6BQdgAmD06yK56mDcYBZUCAwEAAaOCATgwggE0MA4GA1UdDwEB/wQEAwIBhjAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTkrysmcRorSCeFL1JmLO/wiRNxPjAf\nBgNVHSMEGDAWgBRge2YaRQ2XyolQL30EzTSo//z9SzBgBggrBgEFBQcBAQRUMFIw\nJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnBraS5nb29nL2dzcjEwKQYIKwYBBQUH\nMAKGHWh0dHA6Ly9wa2kuZ29vZy9nc3IxL2dzcjEuY3J0MDIGA1UdHwQrMCkwJ6Al\noCOGIWh0dHA6Ly9jcmwucGtpLmdvb2cvZ3NyMS9nc3IxLmNybDA7BgNVHSAENDAy\nMAgGBmeBDAECATAIBgZngQwBAgIwDQYLKwYBBAHWeQIFAwIwDQYLKwYBBAHWeQIF\nAwMwDQYJKoZIhvcNAQELBQADggEBADSkHrEoo9C0dhemMXoh6dFSPsjbdBZBiLg9\nNR3t5P+T4Vxfq7vqfM/b5A3Ri1fyJm9bvhdGaJQ3b2t6yMAYN/olUazsaL+yyEn9\nWprKASOshIArAoyZl+tJaox118fessmXn1hIVw41oeQa1v1vg4Fv74zPl6/AhSrw\n9U5pCZEt4Wi4wStz6dTZ/CLANx8LZh1J7QJVj2fhMtfTJr9w4z30Z209fOU0iOMy\n+qduBmpvvYuR7hZL6Dupszfnw0Skfths18dG9ZKb59UhvmaSGZRVbNQpsg3BZlvi\nd0lIKO2d1xozclOzgjXPYovJJIultzkMu34qQb9Sz/yilrbCgj8=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "CHRUh+iRwZ4weMHyoH5FKVDvNvY=", - "fingerprint_sha256": "PuAnjfcfo8ElxM1IfwHXdGlOb8V+DNlMJO/XaRM5GOU=", - "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=BE", - "value": "BE" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=GlobalSign nv-sa", - "value": "GlobalSign nv-sa" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=Root CA", - "value": "Root CA" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GlobalSign Root CA", - "value": "GlobalSign Root CA" - } - ], - "rfc4514_string": "CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE" - }, - "not_valid_after": "2028-01-28T00:00:42", - "not_valid_before": "2020-06-19T00:00:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 - }, - "serial_number": 159159747900478145820483398898491642637, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "received_chain_contains_anchor_certificate": false, - "received_chain_has_valid_order": true, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIOfTCCDWWgAwIBAgIQd+2aBfss7EsKAAAAASX9FTANBgkqhkiG9w0BAQsFADBG\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzETMBEGA1UEAxMKR1RTIENBIDFDMzAeFw0yMTExMjkwMjIxNDBaFw0yMjAyMjEw\nMjIxMzlaMBcxFTATBgNVBAMMDCouZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAK1kyHzdiamF+Vh9PQCWLDW0Vp2ANmwZqiacEv/eFnfR\n2UcU9aZ7Hpd8hxfUYTnXsOL5nNW/NO1go/7c3gOxHTysGFHL5ABwzX94qpXpBaGQ\nkGg5IW9s0PDeZWJIIcgxcNAmT6C3WZh8ZC++EksniGezcpPIx2jlj2//K/GVPrUH\n2H8AruFnkJo7S4ab4+noxyu3RGhqc9w8Spyrl9lO4ZKdwRJDf1+Ad/g+Z03KxuTl\nllN87aXdog05WbEIwroMJPXXr2b1BiTiTW0RUrweT2OU5jsMjt88obokCi4xpdR2\nCLKgKIOcXV2YCqptVHK1K48NpLtMefFBiwuLCzMzFEECAwEAAaOCC5QwgguQMA4G\nA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRkbVrunXMAhh6SIpqkw571PmHaxDAfBgNVHSMEGDAWgBSKdH+v\nhc3ulc09nNDiRhTzcTUdJzBqBggrBgEFBQcBAQReMFwwJwYIKwYBBQUHMAGGG2h0\ndHA6Ly9vY3NwLnBraS5nb29nL2d0czFjMzAxBggrBgEFBQcwAoYlaHR0cDovL3Br\naS5nb29nL3JlcG8vY2VydHMvZ3RzMWMzLmRlcjCCCUIGA1UdEQSCCTkwggk1ggwq\nLmdvb2dsZS5jb22CFiouYXBwZW5naW5lLmdvb2dsZS5jb22CCSouYmRuLmRldoIS\nKi5jbG91ZC5nb29nbGUuY29tghgqLmNyb3dkc291cmNlLmdvb2dsZS5jb22CGCou\nZGF0YWNvbXB1dGUuZ29vZ2xlLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNs\ngg4qLmdvb2dsZS5jby5pboIOKi5nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVr\ngg8qLmdvb2dsZS5jb20uYXKCDyouZ29vZ2xlLmNvbS5hdYIPKi5nb29nbGUuY29t\nLmJygg8qLmdvb2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIPKi5nb29nbGUu\nY29tLnRygg8qLmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5l\nc4ILKi5nb29nbGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29n\nbGUubmyCCyouZ29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMu\nY29tgg8qLmdvb2dsZWFwaXMuY26CESouZ29vZ2xldmlkZW8uY29tggwqLmdzdGF0\naWMuY26CECouZ3N0YXRpYy1jbi5jb22CD2dvb2dsZWNuYXBwcy5jboIRKi5nb29n\nbGVjbmFwcHMuY26CEWdvb2dsZWFwcHMtY24uY29tghMqLmdvb2dsZWFwcHMtY24u\nY29tggxna2VjbmFwcHMuY26CDiouZ2tlY25hcHBzLmNughJnb29nbGVkb3dubG9h\nZHMuY26CFCouZ29vZ2xlZG93bmxvYWRzLmNughByZWNhcHRjaGEubmV0LmNughIq\nLnJlY2FwdGNoYS5uZXQuY26CC3dpZGV2aW5lLmNugg0qLndpZGV2aW5lLmNughFh\nbXBwcm9qZWN0Lm9yZy5jboITKi5hbXBwcm9qZWN0Lm9yZy5jboIRYW1wcHJvamVj\ndC5uZXQuY26CEyouYW1wcHJvamVjdC5uZXQuY26CF2dvb2dsZS1hbmFseXRpY3Mt\nY24uY29tghkqLmdvb2dsZS1hbmFseXRpY3MtY24uY29tghdnb29nbGVhZHNlcnZp\nY2VzLWNuLmNvbYIZKi5nb29nbGVhZHNlcnZpY2VzLWNuLmNvbYIRZ29vZ2xldmFk\ncy1jbi5jb22CEyouZ29vZ2xldmFkcy1jbi5jb22CEWdvb2dsZWFwaXMtY24uY29t\nghMqLmdvb2dsZWFwaXMtY24uY29tghVnb29nbGVvcHRpbWl6ZS1jbi5jb22CFyou\nZ29vZ2xlb3B0aW1pemUtY24uY29tghJkb3VibGVjbGljay1jbi5uZXSCFCouZG91\nYmxlY2xpY2stY24ubmV0ghgqLmZscy5kb3VibGVjbGljay1jbi5uZXSCFiouZy5k\nb3VibGVjbGljay1jbi5uZXSCDmRvdWJsZWNsaWNrLmNughAqLmRvdWJsZWNsaWNr\nLmNughQqLmZscy5kb3VibGVjbGljay5jboISKi5nLmRvdWJsZWNsaWNrLmNughFk\nYXJ0c2VhcmNoLWNuLm5ldIITKi5kYXJ0c2VhcmNoLWNuLm5ldIIdZ29vZ2xldHJh\ndmVsYWRzZXJ2aWNlcy1jbi5jb22CHyouZ29vZ2xldHJhdmVsYWRzZXJ2aWNlcy1j\nbi5jb22CGGdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNvbYIaKi5nb29nbGV0YWdzZXJ2\naWNlcy1jbi5jb22CF2dvb2dsZXRhZ21hbmFnZXItY24uY29tghkqLmdvb2dsZXRh\nZ21hbmFnZXItY24uY29tghhnb29nbGVzeW5kaWNhdGlvbi1jbi5jb22CGiouZ29v\nZ2xlc3luZGljYXRpb24tY24uY29tgiQqLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CFmFwcC1tZWFzdXJlbWVudC1jbi5jb22CGCouYXBwLW1lYXN1\ncmVtZW50LWNuLmNvbYILZ3Z0MS1jbi5jb22CDSouZ3Z0MS1jbi5jb22CC2d2dDIt\nY24uY29tgg0qLmd2dDItY24uY29tggsybWRuLWNuLm5ldIINKi4ybWRuLWNuLm5l\ndIIUZ29vZ2xlZmxpZ2h0cy1jbi5uZXSCFiouZ29vZ2xlZmxpZ2h0cy1jbi5uZXSC\nDGFkbW9iLWNuLmNvbYIOKi5hZG1vYi1jbi5jb22CDSouZ3N0YXRpYy5jb22CFCou\nbWV0cmljLmdzdGF0aWMuY29tggoqLmd2dDEuY29tghEqLmdjcGNkbi5ndnQxLmNv\nbYIKKi5ndnQyLmNvbYIOKi5nY3AuZ3Z0Mi5jb22CECoudXJsLmdvb2dsZS5jb22C\nFioueW91dHViZS1ub2Nvb2tpZS5jb22CCyoueXRpbWcuY29tggthbmRyb2lkLmNv\nbYINKi5hbmRyb2lkLmNvbYITKi5mbGFzaC5hbmRyb2lkLmNvbYIEZy5jboIGKi5n\nLmNuggRnLmNvggYqLmcuY2+CBmdvby5nbIIKd3d3Lmdvby5nbIIUZ29vZ2xlLWFu\nYWx5dGljcy5jb22CFiouZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5jb22C\nEmdvb2dsZWNvbW1lcmNlLmNvbYIUKi5nb29nbGVjb21tZXJjZS5jb22CCGdncGh0\nLmNuggoqLmdncGh0LmNuggp1cmNoaW4uY29tggwqLnVyY2hpbi5jb22CCHlvdXR1\nLmJlggt5b3V0dWJlLmNvbYINKi55b3V0dWJlLmNvbYIUeW91dHViZWVkdWNhdGlv\nbi5jb22CFioueW91dHViZWVkdWNhdGlvbi5jb22CD3lvdXR1YmVraWRzLmNvbYIR\nKi55b3V0dWJla2lkcy5jb22CBXl0LmJlggcqLnl0LmJlghphbmRyb2lkLmNsaWVu\ndHMuZ29vZ2xlLmNvbYIbZGV2ZWxvcGVyLmFuZHJvaWQuZ29vZ2xlLmNughxkZXZl\nbG9wZXJzLmFuZHJvaWQuZ29vZ2xlLmNughhzb3VyY2UuYW5kcm9pZC5nb29nbGUu\nY24wIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxYzMvemRBVHQwRXhfRmsu\nY3JsMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAKXm+8J45OSHwVnOfY6V35b5X\nfZxgCvj5TV0mXCVdx4QAAAF9abZ3FwAABAMASDBGAiEAzaVx7NE+ZVGOQ8o4xW2e\ndtM5xk0oOOA0T4Bx9a7GR34CIQCF7CLZ0JTrK5WHwYx/rWQ+fnvp/XADSAbosa5q\nb/Bv/AB3AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfWm2dywA\nAAQDAEgwRgIhAPALzEmjaCwQG4GBR0cM5D8p3NlEqWPJmqCDrcptclYdAiEAq9JX\nqm37pB/R/OHPGC7AjpKKCCJ1qpvwNZogH85ruS4wDQYJKoZIhvcNAQELBQADggEB\nAIxs/oH+o0mVzI1lnZZbGZP6YjtOX4x7PVC5sTnUPXma/gdwzIefnrSU4QF+cKv6\n+JsFSzvQhcDFkqq/C3K2xj3dikINauIqEFJWcbHVqv43a0Gkhqhqa1RvuYGJTaNk\n3PCqn2qpGxuwzYCBdGzu33G48XiLKqvThFmjcHyfgB7WTbOgLcjQEAA9buzLNjpS\n8ePPP8avbl3AsiVQko4VD7Rdf4RTEoY7QbVGQovmljr3zcSZoTtkh6Jj5h36sTtk\nqN3j5ES7RyC6hnh0eWrvFGt//yTFil/mEU7DYYTRA9U+1nrSppbSlWM3HGVN8po5\nx4JAV8fxdrUjFsDDGX3pa8Q=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "5t51VWELQYVRHE/2eiSYya+8G5A=", - "fingerprint_sha256": "wFJnEP8g/2R25wwFr2NDSJ9YvsCu8OnJ+fkLCkobWTY=", - "hpkp_pin": "bhmwkLYwGyUDDhzos11UGJYAKGwR9wyxC/knLZzlkSs=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2022-02-21T02:21:39", - "not_valid_before": "2021-11-29T02:21:40", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 21888924785274671114212116798050489332058235941353934902816769603495162665725679579497244893212144953326782028588961935836208966504939320851802356955522834236195422537512627825798044971454314657647167856689142212031986940520202670028347541469889913737417086406535223731863751331155005571533908422639151265622861795192396361132263839721684170695529639757796817496945872409990350759925660522031382698065998695811983379259440878375311544679808296292938648598818902795405337007199137231174780159959136437972758527521905452372035990081824985079550831699188850043309540405746993861062800363226186126946878862482768494007361 - }, - "serial_number": 159411829818832564016018738286296431893, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.google.com", - "value": "*.google.com" - } - ], - "rfc4514_string": "CN=*.google.com" - }, - "subject_alternative_name": { - "dns": [ - "*.google.com", - "*.appengine.google.com", - "*.bdn.dev", - "*.cloud.google.com", - "*.crowdsource.google.com", - "*.datacompute.google.com", - "*.google.ca", - "*.google.cl", - "*.google.co.in", - "*.google.co.jp", - "*.google.co.uk", - "*.google.com.ar", - "*.google.com.au", - "*.google.com.br", - "*.google.com.co", - "*.google.com.mx", - "*.google.com.tr", - "*.google.com.vn", - "*.google.de", - "*.google.es", - "*.google.fr", - "*.google.hu", - "*.google.it", - "*.google.nl", - "*.google.pl", - "*.google.pt", - "*.googleadapis.com", - "*.googleapis.cn", - "*.googlevideo.com", - "*.gstatic.cn", - "*.gstatic-cn.com", - "googlecnapps.cn", - "*.googlecnapps.cn", - "googleapps-cn.com", - "*.googleapps-cn.com", - "gkecnapps.cn", - "*.gkecnapps.cn", - "googledownloads.cn", - "*.googledownloads.cn", - "recaptcha.net.cn", - "*.recaptcha.net.cn", - "widevine.cn", - "*.widevine.cn", - "ampproject.org.cn", - "*.ampproject.org.cn", - "ampproject.net.cn", - "*.ampproject.net.cn", - "google-analytics-cn.com", - "*.google-analytics-cn.com", - "googleadservices-cn.com", - "*.googleadservices-cn.com", - "googlevads-cn.com", - "*.googlevads-cn.com", - "googleapis-cn.com", - "*.googleapis-cn.com", - "googleoptimize-cn.com", - "*.googleoptimize-cn.com", - "doubleclick-cn.net", - "*.doubleclick-cn.net", - "*.fls.doubleclick-cn.net", - "*.g.doubleclick-cn.net", - "doubleclick.cn", - "*.doubleclick.cn", - "*.fls.doubleclick.cn", - "*.g.doubleclick.cn", - "dartsearch-cn.net", - "*.dartsearch-cn.net", - "googletraveladservices-cn.com", - "*.googletraveladservices-cn.com", - "googletagservices-cn.com", - "*.googletagservices-cn.com", - "googletagmanager-cn.com", - "*.googletagmanager-cn.com", - "googlesyndication-cn.com", - "*.googlesyndication-cn.com", - "*.safeframe.googlesyndication-cn.com", - "app-measurement-cn.com", - "*.app-measurement-cn.com", - "gvt1-cn.com", - "*.gvt1-cn.com", - "gvt2-cn.com", - "*.gvt2-cn.com", - "2mdn-cn.net", - "*.2mdn-cn.net", - "googleflights-cn.net", - "*.googleflights-cn.net", - "admob-cn.com", - "*.admob-cn.com", - "*.gstatic.com", - "*.metric.gstatic.com", - "*.gvt1.com", - "*.gcpcdn.gvt1.com", - "*.gvt2.com", - "*.gcp.gvt2.com", - "*.url.google.com", - "*.youtube-nocookie.com", - "*.ytimg.com", - "android.com", - "*.android.com", - "*.flash.android.com", - "g.cn", - "*.g.cn", - "g.co", - "*.g.co", - "goo.gl", - "www.goo.gl", - "google-analytics.com", - "*.google-analytics.com", - "google.com", - "googlecommerce.com", - "*.googlecommerce.com", - "ggpht.cn", - "*.ggpht.cn", - "urchin.com", - "*.urchin.com", - "youtu.be", - "youtube.com", - "*.youtube.com", - "youtubeeducation.com", - "*.youtubeeducation.com", - "youtubekids.com", - "*.youtubekids.com", - "yt.be", - "*.yt.be", - "android.clients.google.com", - "developer.android.google.cn", - "developers.android.google.cn", - "source.android.google.cn" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", - "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", - "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2027-09-30T00:00:42", - "not_valid_before": "2020-08-13T00:00:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 - }, - "serial_number": 159612451717983579589660725350, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS CA 1C3", - "value": "GTS CA 1C3" - } - ], - "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", - "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", - "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "not_valid_after": "2036-06-22T00:00:00", - "not_valid_before": "2016-06-22T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 - }, - "serial_number": 146587175971765017618439757810265552097, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.12", - "name": "sha384WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 48, - "name": "sha384" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Google Trust Services LLC", - "value": "Google Trust Services LLC" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=GTS Root R1", - "value": "GTS Root R1" - } - ], - "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "verified_chain_has_legacy_symantec_anchor": false, - "verified_chain_has_sha1_signature": false + "date_scans_completed": "2021-12-22T12:52:44.657908", + "date_scans_started": "2021-12-22T12:52:27.272408", + "server_scan_results": [ + { + "connectivity_error_trace": null, + "connectivity_result": { + "cipher_suite_supported": "TLS_AES_256_GCM_SHA384", + "client_auth_requirement": "DISABLED", + "highest_tls_version_supported": "TLS_1_3", + "supports_ecdh_key_exchange": true + }, + "connectivity_status": "COMPLETED", + "network_configuration": { + "network_max_retries": 3, + "network_timeout": 5, + "tls_client_auth_credentials": null, + "tls_opportunistic_encryption": null, + "tls_server_name_indication": "google.com", + "xmpp_to_hostname": null + }, + "scan_result": { + "certificate_info": { + "error_reason": null, + "error_trace": null, + "result": { + "certificate_deployments": [ + { + "leaf_certificate_has_must_staple_extension": false, + "leaf_certificate_is_ev": false, + "leaf_certificate_signed_certificate_timestamps_count": 2, + "leaf_certificate_subject_matches_hostname": true, + "ocsp_response": null, + "ocsp_response_is_trusted": null, + "path_validation_results": [ + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Android", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/google_aosp.pem", + "version": "12.0.0_r3" + }, + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIINsjCCDJqgAwIBAgIRAPq8ife/MxCUCgAAAAEl/TIwDQYJKoZIhvcNAQELBQAw\nRjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM\nTEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjExMTI5MDIyMjMzWhcNMjIwMjIx\nMDIyMjMyWjAXMRUwEwYDVQQDDAwqLmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggq\nhkjOPQMBBwNCAAShwtJ0zDJohmgYDI9a4Sxu+2c8JyYLtfnS/wdyRoIXUchfFuyr\nWO+bwp1BW6Fkauoqu0LeDXO8oysHN8gba4Vdo4ILkzCCC48wDgYDVR0PAQH/BAQD\nAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE\nFAQOcJ1gEZcBGw5+crGZ5Sj3KeByMB8GA1UdIwQYMBaAFIp0f6+Fze6VzT2c0OJG\nFPNxNR0nMGoGCCsGAQUFBwEBBF4wXDAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Au\ncGtpLmdvb2cvZ3RzMWMzMDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVw\nby9jZXJ0cy9ndHMxYzMuZGVyMIIJQgYDVR0RBIIJOTCCCTWCDCouZ29vZ2xlLmNv\nbYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYIJKi5iZG4uZGV2ghIqLmNsb3VkLmdv\nb2dsZS5jb22CGCouY3Jvd2Rzb3VyY2UuZ29vZ2xlLmNvbYIYKi5kYXRhY29tcHV0\nZS5nb29nbGUuY29tggsqLmdvb2dsZS5jYYILKi5nb29nbGUuY2yCDiouZ29vZ2xl\nLmNvLmlugg4qLmdvb2dsZS5jby5qcIIOKi5nb29nbGUuY28udWuCDyouZ29vZ2xl\nLmNvbS5hcoIPKi5nb29nbGUuY29tLmF1gg8qLmdvb2dsZS5jb20uYnKCDyouZ29v\nZ2xlLmNvbS5jb4IPKi5nb29nbGUuY29tLm14gg8qLmdvb2dsZS5jb20udHKCDyou\nZ29vZ2xlLmNvbS52boILKi5nb29nbGUuZGWCCyouZ29vZ2xlLmVzggsqLmdvb2ds\nZS5mcoILKi5nb29nbGUuaHWCCyouZ29vZ2xlLml0ggsqLmdvb2dsZS5ubIILKi5n\nb29nbGUucGyCCyouZ29vZ2xlLnB0ghIqLmdvb2dsZWFkYXBpcy5jb22CDyouZ29v\nZ2xlYXBpcy5jboIRKi5nb29nbGV2aWRlby5jb22CDCouZ3N0YXRpYy5jboIQKi5n\nc3RhdGljLWNuLmNvbYIPZ29vZ2xlY25hcHBzLmNughEqLmdvb2dsZWNuYXBwcy5j\nboIRZ29vZ2xlYXBwcy1jbi5jb22CEyouZ29vZ2xlYXBwcy1jbi5jb22CDGdrZWNu\nYXBwcy5jboIOKi5na2VjbmFwcHMuY26CEmdvb2dsZWRvd25sb2Fkcy5jboIUKi5n\nb29nbGVkb3dubG9hZHMuY26CEHJlY2FwdGNoYS5uZXQuY26CEioucmVjYXB0Y2hh\nLm5ldC5jboILd2lkZXZpbmUuY26CDSoud2lkZXZpbmUuY26CEWFtcHByb2plY3Qu\nb3JnLmNughMqLmFtcHByb2plY3Qub3JnLmNughFhbXBwcm9qZWN0Lm5ldC5jboIT\nKi5hbXBwcm9qZWN0Lm5ldC5jboIXZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CGSou\nZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CF2dvb2dsZWFkc2VydmljZXMtY24uY29t\nghkqLmdvb2dsZWFkc2VydmljZXMtY24uY29tghFnb29nbGV2YWRzLWNuLmNvbYIT\nKi5nb29nbGV2YWRzLWNuLmNvbYIRZ29vZ2xlYXBpcy1jbi5jb22CEyouZ29vZ2xl\nYXBpcy1jbi5jb22CFWdvb2dsZW9wdGltaXplLWNuLmNvbYIXKi5nb29nbGVvcHRp\nbWl6ZS1jbi5jb22CEmRvdWJsZWNsaWNrLWNuLm5ldIIUKi5kb3VibGVjbGljay1j\nbi5uZXSCGCouZmxzLmRvdWJsZWNsaWNrLWNuLm5ldIIWKi5nLmRvdWJsZWNsaWNr\nLWNuLm5ldIIOZG91YmxlY2xpY2suY26CECouZG91YmxlY2xpY2suY26CFCouZmxz\nLmRvdWJsZWNsaWNrLmNughIqLmcuZG91YmxlY2xpY2suY26CEWRhcnRzZWFyY2gt\nY24ubmV0ghMqLmRhcnRzZWFyY2gtY24ubmV0gh1nb29nbGV0cmF2ZWxhZHNlcnZp\nY2VzLWNuLmNvbYIfKi5nb29nbGV0cmF2ZWxhZHNlcnZpY2VzLWNuLmNvbYIYZ29v\nZ2xldGFnc2VydmljZXMtY24uY29tghoqLmdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNv\nbYIXZ29vZ2xldGFnbWFuYWdlci1jbi5jb22CGSouZ29vZ2xldGFnbWFuYWdlci1j\nbi5jb22CGGdvb2dsZXN5bmRpY2F0aW9uLWNuLmNvbYIaKi5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CJCouc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLWNuLmNv\nbYIWYXBwLW1lYXN1cmVtZW50LWNuLmNvbYIYKi5hcHAtbWVhc3VyZW1lbnQtY24u\nY29tggtndnQxLWNuLmNvbYINKi5ndnQxLWNuLmNvbYILZ3Z0Mi1jbi5jb22CDSou\nZ3Z0Mi1jbi5jb22CCzJtZG4tY24ubmV0gg0qLjJtZG4tY24ubmV0ghRnb29nbGVm\nbGlnaHRzLWNuLm5ldIIWKi5nb29nbGVmbGlnaHRzLWNuLm5ldIIMYWRtb2ItY24u\nY29tgg4qLmFkbW9iLWNuLmNvbYINKi5nc3RhdGljLmNvbYIUKi5tZXRyaWMuZ3N0\nYXRpYy5jb22CCiouZ3Z0MS5jb22CESouZ2NwY2RuLmd2dDEuY29tggoqLmd2dDIu\nY29tgg4qLmdjcC5ndnQyLmNvbYIQKi51cmwuZ29vZ2xlLmNvbYIWKi55b3V0dWJl\nLW5vY29va2llLmNvbYILKi55dGltZy5jb22CC2FuZHJvaWQuY29tgg0qLmFuZHJv\naWQuY29tghMqLmZsYXNoLmFuZHJvaWQuY29tggRnLmNuggYqLmcuY26CBGcuY2+C\nBiouZy5jb4IGZ29vLmdsggp3d3cuZ29vLmdsghRnb29nbGUtYW5hbHl0aWNzLmNv\nbYIWKi5nb29nbGUtYW5hbHl0aWNzLmNvbYIKZ29vZ2xlLmNvbYISZ29vZ2xlY29t\nbWVyY2UuY29tghQqLmdvb2dsZWNvbW1lcmNlLmNvbYIIZ2dwaHQuY26CCiouZ2dw\naHQuY26CCnVyY2hpbi5jb22CDCoudXJjaGluLmNvbYIIeW91dHUuYmWCC3lvdXR1\nYmUuY29tgg0qLnlvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbYIWKi55\nb3V0dWJlZWR1Y2F0aW9uLmNvbYIPeW91dHViZWtpZHMuY29tghEqLnlvdXR1YmVr\naWRzLmNvbYIFeXQuYmWCByoueXQuYmWCGmFuZHJvaWQuY2xpZW50cy5nb29nbGUu\nY29tghtkZXZlbG9wZXIuYW5kcm9pZC5nb29nbGUuY26CHGRldmVsb3BlcnMuYW5k\ncm9pZC5nb29nbGUuY26CGHNvdXJjZS5hbmRyb2lkLmdvb2dsZS5jbjAhBgNVHSAE\nGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAvoC2GK2h0\ndHA6Ly9jcmxzLnBraS5nb29nL2d0czFjMy9RcUZ4Ymk5TTQ4Yy5jcmwwggEFBgor\nBgEEAdZ5AgQCBIH2BIHzAPEAdwApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZc\nJV3HhAAAAX1pt0b0AAAEAwBIMEYCIQC1x9lAp2IZtthi0mxfjtSDXCR714tElKsl\nM61c4kJv/gIhAJPjgGFY5XBnQSaV/jHFfoRcbksMU+lruflT+sfvLLqcAHYAQcjK\nsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF9abdHmAAABAMARzBFAiEA\nhzUCqPYG77z0wZUE3y2DmZhTaStBB9BMVBfYSQmYTogCIHbA8hBzj6kjpaw57Zid\ntP5Dz5Zli2xOJQB+W4s15tI8MA0GCSqGSIb3DQEBCwUAA4IBAQB2aorYRKwUQJI2\n80q1y1Q2Z8c6pem1MWxRX/Ptapmsp1ucrsmu+VaC1YMCSlW1exVieyMhOIvcKDBy\n/8L0FUEAmsL8fCTroRQ4DnZVLelFk9vmVsiSQtfYHOf6rwEbOrv+94kk964iQCLQ\nFYN5klRqI0hWa3wYe6tnXm/2PvPbAwqsnAq3q+Iek+3pGm6YTshJyA7P9L176psd\ndm6slAYpHOryFcrvXzu1lHSylCAFNT/OYcH1GLTf0qJXuN7YnX9swoYu2oCDkIyA\nHss2DDp7f8qf0VgDNNxZB8drZ9ID85YA3qgeIbHHAB8UIj8qkKXkmybfMxVL0lz3\niY73asSm\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "vU56xz130U36VqWYgldabl+ckbo=", + "fingerprint_sha256": "Etq1XziM4dAVPJQLgqP+8Xo2sL06Jdsb3IQ6Y10L9eI=", + "hpkp_pin": "Z7iX8iPL/tb+En3S+O8dX8VWg/fn/BYJGWopTO3cNqU=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2022-02-21T02:22:32", + "not_valid_before": "2021-11-29T02:22:33", + "public_key": { + "algorithm": "_EllipticCurvePublicKey", + "ec_curve_name": "secp256r1", + "ec_x": 73166589468063978768506719647133910110540739867789316741176125650210060900177, + "ec_y": 90630578406819255037429180973183047516286263827387529370526503825550657422685, + "key_size": 256, + "rsa_e": null, + "rsa_n": null + }, + "serial_number": 333285949074278727503634643736840240434, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.google.com", + "value": "*.google.com" + } + ], + "rfc4514_string": "CN=*.google.com" + }, + "subject_alternative_name": { + "dns": [ + "*.google.com", + "*.appengine.google.com", + "*.bdn.dev", + "*.cloud.google.com", + "*.crowdsource.google.com", + "*.datacompute.google.com", + "*.google.ca", + "*.google.cl", + "*.google.co.in", + "*.google.co.jp", + "*.google.co.uk", + "*.google.com.ar", + "*.google.com.au", + "*.google.com.br", + "*.google.com.co", + "*.google.com.mx", + "*.google.com.tr", + "*.google.com.vn", + "*.google.de", + "*.google.es", + "*.google.fr", + "*.google.hu", + "*.google.it", + "*.google.nl", + "*.google.pl", + "*.google.pt", + "*.googleadapis.com", + "*.googleapis.cn", + "*.googlevideo.com", + "*.gstatic.cn", + "*.gstatic-cn.com", + "googlecnapps.cn", + "*.googlecnapps.cn", + "googleapps-cn.com", + "*.googleapps-cn.com", + "gkecnapps.cn", + "*.gkecnapps.cn", + "googledownloads.cn", + "*.googledownloads.cn", + "recaptcha.net.cn", + "*.recaptcha.net.cn", + "widevine.cn", + "*.widevine.cn", + "ampproject.org.cn", + "*.ampproject.org.cn", + "ampproject.net.cn", + "*.ampproject.net.cn", + "google-analytics-cn.com", + "*.google-analytics-cn.com", + "googleadservices-cn.com", + "*.googleadservices-cn.com", + "googlevads-cn.com", + "*.googlevads-cn.com", + "googleapis-cn.com", + "*.googleapis-cn.com", + "googleoptimize-cn.com", + "*.googleoptimize-cn.com", + "doubleclick-cn.net", + "*.doubleclick-cn.net", + "*.fls.doubleclick-cn.net", + "*.g.doubleclick-cn.net", + "doubleclick.cn", + "*.doubleclick.cn", + "*.fls.doubleclick.cn", + "*.g.doubleclick.cn", + "dartsearch-cn.net", + "*.dartsearch-cn.net", + "googletraveladservices-cn.com", + "*.googletraveladservices-cn.com", + "googletagservices-cn.com", + "*.googletagservices-cn.com", + "googletagmanager-cn.com", + "*.googletagmanager-cn.com", + "googlesyndication-cn.com", + "*.googlesyndication-cn.com", + "*.safeframe.googlesyndication-cn.com", + "app-measurement-cn.com", + "*.app-measurement-cn.com", + "gvt1-cn.com", + "*.gvt1-cn.com", + "gvt2-cn.com", + "*.gvt2-cn.com", + "2mdn-cn.net", + "*.2mdn-cn.net", + "googleflights-cn.net", + "*.googleflights-cn.net", + "admob-cn.com", + "*.admob-cn.com", + "*.gstatic.com", + "*.metric.gstatic.com", + "*.gvt1.com", + "*.gcpcdn.gvt1.com", + "*.gvt2.com", + "*.gcp.gvt2.com", + "*.url.google.com", + "*.youtube-nocookie.com", + "*.ytimg.com", + "android.com", + "*.android.com", + "*.flash.android.com", + "g.cn", + "*.g.cn", + "g.co", + "*.g.co", + "goo.gl", + "www.goo.gl", + "google-analytics.com", + "*.google-analytics.com", + "google.com", + "googlecommerce.com", + "*.googlecommerce.com", + "ggpht.cn", + "*.ggpht.cn", + "urchin.com", + "*.urchin.com", + "youtu.be", + "youtube.com", + "*.youtube.com", + "youtubeeducation.com", + "*.youtubeeducation.com", + "youtubekids.com", + "*.youtubekids.com", + "yt.be", + "*.yt.be", + "android.clients.google.com", + "developer.android.google.cn", + "developers.android.google.cn", + "source.android.google.cn" + ] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", + "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", + "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2027-09-30T00:00:42", + "not_valid_before": "2020-08-13T00:00:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 + }, + "serial_number": 159612451717983579589660725350, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", + "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", + "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2036-06-22T00:00:00", + "not_valid_before": "2016-06-22T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 + }, + "serial_number": 146587175971765017618439757810265552097, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.12", + "name": "sha384WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 48, + "name": "sha384" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" } - ], - "hostname_used_for_server_name_indication": "google.com" + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Apple", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/apple.pem", + "version": "iOS 15, iPadOS 15, macOS 12, tvOS 15, and watchOS 8" }, - "status": "COMPLETED" - }, - "elliptic_curves": { - "error_reason": null, - "error_trace": null, - "result": { - "rejected_curves": [ - { - "name": "X448", - "openssl_nid": 1035 - }, - { - "name": "prime192v1", - "openssl_nid": 409 - }, - { - "name": "secp160k1", - "openssl_nid": 708 - }, - { - "name": "secp160r1", - "openssl_nid": 709 - }, - { - "name": "secp160r2", - "openssl_nid": 710 - }, - { - "name": "secp192k1", - "openssl_nid": 711 - }, - { - "name": "secp224k1", - "openssl_nid": 712 - }, - { - "name": "secp224r1", - "openssl_nid": 713 - }, - { - "name": "secp256k1", - "openssl_nid": 714 - }, - { - "name": "secp384r1", - "openssl_nid": 715 - }, - { - "name": "secp521r1", - "openssl_nid": 716 - }, - { - "name": "sect163k1", - "openssl_nid": 721 - }, - { - "name": "sect163r1", - "openssl_nid": 722 - }, - { - "name": "sect163r2", - "openssl_nid": 723 - }, - { - "name": "sect193r1", - "openssl_nid": 724 - }, - { - "name": "sect193r2", - "openssl_nid": 725 - }, - { - "name": "sect233k1", - "openssl_nid": 726 - }, - { - "name": "sect233r1", - "openssl_nid": 727 - }, - { - "name": "sect239k1", - "openssl_nid": 728 - }, - { - "name": "sect283k1", - "openssl_nid": 729 - }, - { - "name": "sect283r1", - "openssl_nid": 730 - }, - { - "name": "sect409k1", - "openssl_nid": 731 - }, - { - "name": "sect409r1", - "openssl_nid": 732 - }, - { - "name": "sect571k1", - "openssl_nid": 733 - }, - { - "name": "sect571r1", - "openssl_nid": 734 + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIINsjCCDJqgAwIBAgIRAPq8ife/MxCUCgAAAAEl/TIwDQYJKoZIhvcNAQELBQAw\nRjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM\nTEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjExMTI5MDIyMjMzWhcNMjIwMjIx\nMDIyMjMyWjAXMRUwEwYDVQQDDAwqLmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggq\nhkjOPQMBBwNCAAShwtJ0zDJohmgYDI9a4Sxu+2c8JyYLtfnS/wdyRoIXUchfFuyr\nWO+bwp1BW6Fkauoqu0LeDXO8oysHN8gba4Vdo4ILkzCCC48wDgYDVR0PAQH/BAQD\nAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE\nFAQOcJ1gEZcBGw5+crGZ5Sj3KeByMB8GA1UdIwQYMBaAFIp0f6+Fze6VzT2c0OJG\nFPNxNR0nMGoGCCsGAQUFBwEBBF4wXDAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Au\ncGtpLmdvb2cvZ3RzMWMzMDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVw\nby9jZXJ0cy9ndHMxYzMuZGVyMIIJQgYDVR0RBIIJOTCCCTWCDCouZ29vZ2xlLmNv\nbYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYIJKi5iZG4uZGV2ghIqLmNsb3VkLmdv\nb2dsZS5jb22CGCouY3Jvd2Rzb3VyY2UuZ29vZ2xlLmNvbYIYKi5kYXRhY29tcHV0\nZS5nb29nbGUuY29tggsqLmdvb2dsZS5jYYILKi5nb29nbGUuY2yCDiouZ29vZ2xl\nLmNvLmlugg4qLmdvb2dsZS5jby5qcIIOKi5nb29nbGUuY28udWuCDyouZ29vZ2xl\nLmNvbS5hcoIPKi5nb29nbGUuY29tLmF1gg8qLmdvb2dsZS5jb20uYnKCDyouZ29v\nZ2xlLmNvbS5jb4IPKi5nb29nbGUuY29tLm14gg8qLmdvb2dsZS5jb20udHKCDyou\nZ29vZ2xlLmNvbS52boILKi5nb29nbGUuZGWCCyouZ29vZ2xlLmVzggsqLmdvb2ds\nZS5mcoILKi5nb29nbGUuaHWCCyouZ29vZ2xlLml0ggsqLmdvb2dsZS5ubIILKi5n\nb29nbGUucGyCCyouZ29vZ2xlLnB0ghIqLmdvb2dsZWFkYXBpcy5jb22CDyouZ29v\nZ2xlYXBpcy5jboIRKi5nb29nbGV2aWRlby5jb22CDCouZ3N0YXRpYy5jboIQKi5n\nc3RhdGljLWNuLmNvbYIPZ29vZ2xlY25hcHBzLmNughEqLmdvb2dsZWNuYXBwcy5j\nboIRZ29vZ2xlYXBwcy1jbi5jb22CEyouZ29vZ2xlYXBwcy1jbi5jb22CDGdrZWNu\nYXBwcy5jboIOKi5na2VjbmFwcHMuY26CEmdvb2dsZWRvd25sb2Fkcy5jboIUKi5n\nb29nbGVkb3dubG9hZHMuY26CEHJlY2FwdGNoYS5uZXQuY26CEioucmVjYXB0Y2hh\nLm5ldC5jboILd2lkZXZpbmUuY26CDSoud2lkZXZpbmUuY26CEWFtcHByb2plY3Qu\nb3JnLmNughMqLmFtcHByb2plY3Qub3JnLmNughFhbXBwcm9qZWN0Lm5ldC5jboIT\nKi5hbXBwcm9qZWN0Lm5ldC5jboIXZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CGSou\nZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CF2dvb2dsZWFkc2VydmljZXMtY24uY29t\nghkqLmdvb2dsZWFkc2VydmljZXMtY24uY29tghFnb29nbGV2YWRzLWNuLmNvbYIT\nKi5nb29nbGV2YWRzLWNuLmNvbYIRZ29vZ2xlYXBpcy1jbi5jb22CEyouZ29vZ2xl\nYXBpcy1jbi5jb22CFWdvb2dsZW9wdGltaXplLWNuLmNvbYIXKi5nb29nbGVvcHRp\nbWl6ZS1jbi5jb22CEmRvdWJsZWNsaWNrLWNuLm5ldIIUKi5kb3VibGVjbGljay1j\nbi5uZXSCGCouZmxzLmRvdWJsZWNsaWNrLWNuLm5ldIIWKi5nLmRvdWJsZWNsaWNr\nLWNuLm5ldIIOZG91YmxlY2xpY2suY26CECouZG91YmxlY2xpY2suY26CFCouZmxz\nLmRvdWJsZWNsaWNrLmNughIqLmcuZG91YmxlY2xpY2suY26CEWRhcnRzZWFyY2gt\nY24ubmV0ghMqLmRhcnRzZWFyY2gtY24ubmV0gh1nb29nbGV0cmF2ZWxhZHNlcnZp\nY2VzLWNuLmNvbYIfKi5nb29nbGV0cmF2ZWxhZHNlcnZpY2VzLWNuLmNvbYIYZ29v\nZ2xldGFnc2VydmljZXMtY24uY29tghoqLmdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNv\nbYIXZ29vZ2xldGFnbWFuYWdlci1jbi5jb22CGSouZ29vZ2xldGFnbWFuYWdlci1j\nbi5jb22CGGdvb2dsZXN5bmRpY2F0aW9uLWNuLmNvbYIaKi5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CJCouc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLWNuLmNv\nbYIWYXBwLW1lYXN1cmVtZW50LWNuLmNvbYIYKi5hcHAtbWVhc3VyZW1lbnQtY24u\nY29tggtndnQxLWNuLmNvbYINKi5ndnQxLWNuLmNvbYILZ3Z0Mi1jbi5jb22CDSou\nZ3Z0Mi1jbi5jb22CCzJtZG4tY24ubmV0gg0qLjJtZG4tY24ubmV0ghRnb29nbGVm\nbGlnaHRzLWNuLm5ldIIWKi5nb29nbGVmbGlnaHRzLWNuLm5ldIIMYWRtb2ItY24u\nY29tgg4qLmFkbW9iLWNuLmNvbYINKi5nc3RhdGljLmNvbYIUKi5tZXRyaWMuZ3N0\nYXRpYy5jb22CCiouZ3Z0MS5jb22CESouZ2NwY2RuLmd2dDEuY29tggoqLmd2dDIu\nY29tgg4qLmdjcC5ndnQyLmNvbYIQKi51cmwuZ29vZ2xlLmNvbYIWKi55b3V0dWJl\nLW5vY29va2llLmNvbYILKi55dGltZy5jb22CC2FuZHJvaWQuY29tgg0qLmFuZHJv\naWQuY29tghMqLmZsYXNoLmFuZHJvaWQuY29tggRnLmNuggYqLmcuY26CBGcuY2+C\nBiouZy5jb4IGZ29vLmdsggp3d3cuZ29vLmdsghRnb29nbGUtYW5hbHl0aWNzLmNv\nbYIWKi5nb29nbGUtYW5hbHl0aWNzLmNvbYIKZ29vZ2xlLmNvbYISZ29vZ2xlY29t\nbWVyY2UuY29tghQqLmdvb2dsZWNvbW1lcmNlLmNvbYIIZ2dwaHQuY26CCiouZ2dw\naHQuY26CCnVyY2hpbi5jb22CDCoudXJjaGluLmNvbYIIeW91dHUuYmWCC3lvdXR1\nYmUuY29tgg0qLnlvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbYIWKi55\nb3V0dWJlZWR1Y2F0aW9uLmNvbYIPeW91dHViZWtpZHMuY29tghEqLnlvdXR1YmVr\naWRzLmNvbYIFeXQuYmWCByoueXQuYmWCGmFuZHJvaWQuY2xpZW50cy5nb29nbGUu\nY29tghtkZXZlbG9wZXIuYW5kcm9pZC5nb29nbGUuY26CHGRldmVsb3BlcnMuYW5k\ncm9pZC5nb29nbGUuY26CGHNvdXJjZS5hbmRyb2lkLmdvb2dsZS5jbjAhBgNVHSAE\nGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAvoC2GK2h0\ndHA6Ly9jcmxzLnBraS5nb29nL2d0czFjMy9RcUZ4Ymk5TTQ4Yy5jcmwwggEFBgor\nBgEEAdZ5AgQCBIH2BIHzAPEAdwApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZc\nJV3HhAAAAX1pt0b0AAAEAwBIMEYCIQC1x9lAp2IZtthi0mxfjtSDXCR714tElKsl\nM61c4kJv/gIhAJPjgGFY5XBnQSaV/jHFfoRcbksMU+lruflT+sfvLLqcAHYAQcjK\nsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF9abdHmAAABAMARzBFAiEA\nhzUCqPYG77z0wZUE3y2DmZhTaStBB9BMVBfYSQmYTogCIHbA8hBzj6kjpaw57Zid\ntP5Dz5Zli2xOJQB+W4s15tI8MA0GCSqGSIb3DQEBCwUAA4IBAQB2aorYRKwUQJI2\n80q1y1Q2Z8c6pem1MWxRX/Ptapmsp1ucrsmu+VaC1YMCSlW1exVieyMhOIvcKDBy\n/8L0FUEAmsL8fCTroRQ4DnZVLelFk9vmVsiSQtfYHOf6rwEbOrv+94kk964iQCLQ\nFYN5klRqI0hWa3wYe6tnXm/2PvPbAwqsnAq3q+Iek+3pGm6YTshJyA7P9L176psd\ndm6slAYpHOryFcrvXzu1lHSylCAFNT/OYcH1GLTf0qJXuN7YnX9swoYu2oCDkIyA\nHss2DDp7f8qf0VgDNNxZB8drZ9ID85YA3qgeIbHHAB8UIj8qkKXkmybfMxVL0lz3\niY73asSm\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "vU56xz130U36VqWYgldabl+ckbo=", + "fingerprint_sha256": "Etq1XziM4dAVPJQLgqP+8Xo2sL06Jdsb3IQ6Y10L9eI=", + "hpkp_pin": "Z7iX8iPL/tb+En3S+O8dX8VWg/fn/BYJGWopTO3cNqU=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" } - ], - "supported_curves": [ - { - "name": "X25519", - "openssl_nid": 1034 - }, - { - "name": "prime256v1", - "openssl_nid": 415 + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2022-02-21T02:22:32", + "not_valid_before": "2021-11-29T02:22:33", + "public_key": { + "algorithm": "_EllipticCurvePublicKey", + "ec_curve_name": "secp256r1", + "ec_x": 73166589468063978768506719647133910110540739867789316741176125650210060900177, + "ec_y": 90630578406819255037429180973183047516286263827387529370526503825550657422685, + "key_size": 256, + "rsa_e": null, + "rsa_n": null + }, + "serial_number": 333285949074278727503634643736840240434, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.google.com", + "value": "*.google.com" + } + ], + "rfc4514_string": "CN=*.google.com" + }, + "subject_alternative_name": { + "dns": [ + "*.google.com", + "*.appengine.google.com", + "*.bdn.dev", + "*.cloud.google.com", + "*.crowdsource.google.com", + "*.datacompute.google.com", + "*.google.ca", + "*.google.cl", + "*.google.co.in", + "*.google.co.jp", + "*.google.co.uk", + "*.google.com.ar", + "*.google.com.au", + "*.google.com.br", + "*.google.com.co", + "*.google.com.mx", + "*.google.com.tr", + "*.google.com.vn", + "*.google.de", + "*.google.es", + "*.google.fr", + "*.google.hu", + "*.google.it", + "*.google.nl", + "*.google.pl", + "*.google.pt", + "*.googleadapis.com", + "*.googleapis.cn", + "*.googlevideo.com", + "*.gstatic.cn", + "*.gstatic-cn.com", + "googlecnapps.cn", + "*.googlecnapps.cn", + "googleapps-cn.com", + "*.googleapps-cn.com", + "gkecnapps.cn", + "*.gkecnapps.cn", + "googledownloads.cn", + "*.googledownloads.cn", + "recaptcha.net.cn", + "*.recaptcha.net.cn", + "widevine.cn", + "*.widevine.cn", + "ampproject.org.cn", + "*.ampproject.org.cn", + "ampproject.net.cn", + "*.ampproject.net.cn", + "google-analytics-cn.com", + "*.google-analytics-cn.com", + "googleadservices-cn.com", + "*.googleadservices-cn.com", + "googlevads-cn.com", + "*.googlevads-cn.com", + "googleapis-cn.com", + "*.googleapis-cn.com", + "googleoptimize-cn.com", + "*.googleoptimize-cn.com", + "doubleclick-cn.net", + "*.doubleclick-cn.net", + "*.fls.doubleclick-cn.net", + "*.g.doubleclick-cn.net", + "doubleclick.cn", + "*.doubleclick.cn", + "*.fls.doubleclick.cn", + "*.g.doubleclick.cn", + "dartsearch-cn.net", + "*.dartsearch-cn.net", + "googletraveladservices-cn.com", + "*.googletraveladservices-cn.com", + "googletagservices-cn.com", + "*.googletagservices-cn.com", + "googletagmanager-cn.com", + "*.googletagmanager-cn.com", + "googlesyndication-cn.com", + "*.googlesyndication-cn.com", + "*.safeframe.googlesyndication-cn.com", + "app-measurement-cn.com", + "*.app-measurement-cn.com", + "gvt1-cn.com", + "*.gvt1-cn.com", + "gvt2-cn.com", + "*.gvt2-cn.com", + "2mdn-cn.net", + "*.2mdn-cn.net", + "googleflights-cn.net", + "*.googleflights-cn.net", + "admob-cn.com", + "*.admob-cn.com", + "*.gstatic.com", + "*.metric.gstatic.com", + "*.gvt1.com", + "*.gcpcdn.gvt1.com", + "*.gvt2.com", + "*.gcp.gvt2.com", + "*.url.google.com", + "*.youtube-nocookie.com", + "*.ytimg.com", + "android.com", + "*.android.com", + "*.flash.android.com", + "g.cn", + "*.g.cn", + "g.co", + "*.g.co", + "goo.gl", + "www.goo.gl", + "google-analytics.com", + "*.google-analytics.com", + "google.com", + "googlecommerce.com", + "*.googlecommerce.com", + "ggpht.cn", + "*.ggpht.cn", + "urchin.com", + "*.urchin.com", + "youtu.be", + "youtube.com", + "*.youtube.com", + "youtubeeducation.com", + "*.youtubeeducation.com", + "youtubekids.com", + "*.youtubekids.com", + "yt.be", + "*.yt.be", + "android.clients.google.com", + "developer.android.google.cn", + "developers.android.google.cn", + "source.android.google.cn" + ] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", + "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", + "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2027-09-30T00:00:42", + "not_valid_before": "2020-08-13T00:00:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 + }, + "serial_number": 159612451717983579589660725350, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", + "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", + "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" } - ], - "supports_ecdh_key_exchange": true + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2036-06-22T00:00:00", + "not_valid_before": "2016-06-22T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 + }, + "serial_number": 146587175971765017618439757810265552097, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.12", + "name": "sha384WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 48, + "name": "sha384" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Java", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/oracle_java.pem", + "version": "jdk-13.0.2" }, - "status": "COMPLETED" - }, - "heartbleed": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_heartbleed": false + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIINsjCCDJqgAwIBAgIRAPq8ife/MxCUCgAAAAEl/TIwDQYJKoZIhvcNAQELBQAw\nRjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM\nTEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjExMTI5MDIyMjMzWhcNMjIwMjIx\nMDIyMjMyWjAXMRUwEwYDVQQDDAwqLmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggq\nhkjOPQMBBwNCAAShwtJ0zDJohmgYDI9a4Sxu+2c8JyYLtfnS/wdyRoIXUchfFuyr\nWO+bwp1BW6Fkauoqu0LeDXO8oysHN8gba4Vdo4ILkzCCC48wDgYDVR0PAQH/BAQD\nAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE\nFAQOcJ1gEZcBGw5+crGZ5Sj3KeByMB8GA1UdIwQYMBaAFIp0f6+Fze6VzT2c0OJG\nFPNxNR0nMGoGCCsGAQUFBwEBBF4wXDAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Au\ncGtpLmdvb2cvZ3RzMWMzMDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVw\nby9jZXJ0cy9ndHMxYzMuZGVyMIIJQgYDVR0RBIIJOTCCCTWCDCouZ29vZ2xlLmNv\nbYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYIJKi5iZG4uZGV2ghIqLmNsb3VkLmdv\nb2dsZS5jb22CGCouY3Jvd2Rzb3VyY2UuZ29vZ2xlLmNvbYIYKi5kYXRhY29tcHV0\nZS5nb29nbGUuY29tggsqLmdvb2dsZS5jYYILKi5nb29nbGUuY2yCDiouZ29vZ2xl\nLmNvLmlugg4qLmdvb2dsZS5jby5qcIIOKi5nb29nbGUuY28udWuCDyouZ29vZ2xl\nLmNvbS5hcoIPKi5nb29nbGUuY29tLmF1gg8qLmdvb2dsZS5jb20uYnKCDyouZ29v\nZ2xlLmNvbS5jb4IPKi5nb29nbGUuY29tLm14gg8qLmdvb2dsZS5jb20udHKCDyou\nZ29vZ2xlLmNvbS52boILKi5nb29nbGUuZGWCCyouZ29vZ2xlLmVzggsqLmdvb2ds\nZS5mcoILKi5nb29nbGUuaHWCCyouZ29vZ2xlLml0ggsqLmdvb2dsZS5ubIILKi5n\nb29nbGUucGyCCyouZ29vZ2xlLnB0ghIqLmdvb2dsZWFkYXBpcy5jb22CDyouZ29v\nZ2xlYXBpcy5jboIRKi5nb29nbGV2aWRlby5jb22CDCouZ3N0YXRpYy5jboIQKi5n\nc3RhdGljLWNuLmNvbYIPZ29vZ2xlY25hcHBzLmNughEqLmdvb2dsZWNuYXBwcy5j\nboIRZ29vZ2xlYXBwcy1jbi5jb22CEyouZ29vZ2xlYXBwcy1jbi5jb22CDGdrZWNu\nYXBwcy5jboIOKi5na2VjbmFwcHMuY26CEmdvb2dsZWRvd25sb2Fkcy5jboIUKi5n\nb29nbGVkb3dubG9hZHMuY26CEHJlY2FwdGNoYS5uZXQuY26CEioucmVjYXB0Y2hh\nLm5ldC5jboILd2lkZXZpbmUuY26CDSoud2lkZXZpbmUuY26CEWFtcHByb2plY3Qu\nb3JnLmNughMqLmFtcHByb2plY3Qub3JnLmNughFhbXBwcm9qZWN0Lm5ldC5jboIT\nKi5hbXBwcm9qZWN0Lm5ldC5jboIXZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CGSou\nZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CF2dvb2dsZWFkc2VydmljZXMtY24uY29t\nghkqLmdvb2dsZWFkc2VydmljZXMtY24uY29tghFnb29nbGV2YWRzLWNuLmNvbYIT\nKi5nb29nbGV2YWRzLWNuLmNvbYIRZ29vZ2xlYXBpcy1jbi5jb22CEyouZ29vZ2xl\nYXBpcy1jbi5jb22CFWdvb2dsZW9wdGltaXplLWNuLmNvbYIXKi5nb29nbGVvcHRp\nbWl6ZS1jbi5jb22CEmRvdWJsZWNsaWNrLWNuLm5ldIIUKi5kb3VibGVjbGljay1j\nbi5uZXSCGCouZmxzLmRvdWJsZWNsaWNrLWNuLm5ldIIWKi5nLmRvdWJsZWNsaWNr\nLWNuLm5ldIIOZG91YmxlY2xpY2suY26CECouZG91YmxlY2xpY2suY26CFCouZmxz\nLmRvdWJsZWNsaWNrLmNughIqLmcuZG91YmxlY2xpY2suY26CEWRhcnRzZWFyY2gt\nY24ubmV0ghMqLmRhcnRzZWFyY2gtY24ubmV0gh1nb29nbGV0cmF2ZWxhZHNlcnZp\nY2VzLWNuLmNvbYIfKi5nb29nbGV0cmF2ZWxhZHNlcnZpY2VzLWNuLmNvbYIYZ29v\nZ2xldGFnc2VydmljZXMtY24uY29tghoqLmdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNv\nbYIXZ29vZ2xldGFnbWFuYWdlci1jbi5jb22CGSouZ29vZ2xldGFnbWFuYWdlci1j\nbi5jb22CGGdvb2dsZXN5bmRpY2F0aW9uLWNuLmNvbYIaKi5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CJCouc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLWNuLmNv\nbYIWYXBwLW1lYXN1cmVtZW50LWNuLmNvbYIYKi5hcHAtbWVhc3VyZW1lbnQtY24u\nY29tggtndnQxLWNuLmNvbYINKi5ndnQxLWNuLmNvbYILZ3Z0Mi1jbi5jb22CDSou\nZ3Z0Mi1jbi5jb22CCzJtZG4tY24ubmV0gg0qLjJtZG4tY24ubmV0ghRnb29nbGVm\nbGlnaHRzLWNuLm5ldIIWKi5nb29nbGVmbGlnaHRzLWNuLm5ldIIMYWRtb2ItY24u\nY29tgg4qLmFkbW9iLWNuLmNvbYINKi5nc3RhdGljLmNvbYIUKi5tZXRyaWMuZ3N0\nYXRpYy5jb22CCiouZ3Z0MS5jb22CESouZ2NwY2RuLmd2dDEuY29tggoqLmd2dDIu\nY29tgg4qLmdjcC5ndnQyLmNvbYIQKi51cmwuZ29vZ2xlLmNvbYIWKi55b3V0dWJl\nLW5vY29va2llLmNvbYILKi55dGltZy5jb22CC2FuZHJvaWQuY29tgg0qLmFuZHJv\naWQuY29tghMqLmZsYXNoLmFuZHJvaWQuY29tggRnLmNuggYqLmcuY26CBGcuY2+C\nBiouZy5jb4IGZ29vLmdsggp3d3cuZ29vLmdsghRnb29nbGUtYW5hbHl0aWNzLmNv\nbYIWKi5nb29nbGUtYW5hbHl0aWNzLmNvbYIKZ29vZ2xlLmNvbYISZ29vZ2xlY29t\nbWVyY2UuY29tghQqLmdvb2dsZWNvbW1lcmNlLmNvbYIIZ2dwaHQuY26CCiouZ2dw\naHQuY26CCnVyY2hpbi5jb22CDCoudXJjaGluLmNvbYIIeW91dHUuYmWCC3lvdXR1\nYmUuY29tgg0qLnlvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbYIWKi55\nb3V0dWJlZWR1Y2F0aW9uLmNvbYIPeW91dHViZWtpZHMuY29tghEqLnlvdXR1YmVr\naWRzLmNvbYIFeXQuYmWCByoueXQuYmWCGmFuZHJvaWQuY2xpZW50cy5nb29nbGUu\nY29tghtkZXZlbG9wZXIuYW5kcm9pZC5nb29nbGUuY26CHGRldmVsb3BlcnMuYW5k\ncm9pZC5nb29nbGUuY26CGHNvdXJjZS5hbmRyb2lkLmdvb2dsZS5jbjAhBgNVHSAE\nGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAvoC2GK2h0\ndHA6Ly9jcmxzLnBraS5nb29nL2d0czFjMy9RcUZ4Ymk5TTQ4Yy5jcmwwggEFBgor\nBgEEAdZ5AgQCBIH2BIHzAPEAdwApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZc\nJV3HhAAAAX1pt0b0AAAEAwBIMEYCIQC1x9lAp2IZtthi0mxfjtSDXCR714tElKsl\nM61c4kJv/gIhAJPjgGFY5XBnQSaV/jHFfoRcbksMU+lruflT+sfvLLqcAHYAQcjK\nsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF9abdHmAAABAMARzBFAiEA\nhzUCqPYG77z0wZUE3y2DmZhTaStBB9BMVBfYSQmYTogCIHbA8hBzj6kjpaw57Zid\ntP5Dz5Zli2xOJQB+W4s15tI8MA0GCSqGSIb3DQEBCwUAA4IBAQB2aorYRKwUQJI2\n80q1y1Q2Z8c6pem1MWxRX/Ptapmsp1ucrsmu+VaC1YMCSlW1exVieyMhOIvcKDBy\n/8L0FUEAmsL8fCTroRQ4DnZVLelFk9vmVsiSQtfYHOf6rwEbOrv+94kk964iQCLQ\nFYN5klRqI0hWa3wYe6tnXm/2PvPbAwqsnAq3q+Iek+3pGm6YTshJyA7P9L176psd\ndm6slAYpHOryFcrvXzu1lHSylCAFNT/OYcH1GLTf0qJXuN7YnX9swoYu2oCDkIyA\nHss2DDp7f8qf0VgDNNxZB8drZ9ID85YA3qgeIbHHAB8UIj8qkKXkmybfMxVL0lz3\niY73asSm\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "vU56xz130U36VqWYgldabl+ckbo=", + "fingerprint_sha256": "Etq1XziM4dAVPJQLgqP+8Xo2sL06Jdsb3IQ6Y10L9eI=", + "hpkp_pin": "Z7iX8iPL/tb+En3S+O8dX8VWg/fn/BYJGWopTO3cNqU=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2022-02-21T02:22:32", + "not_valid_before": "2021-11-29T02:22:33", + "public_key": { + "algorithm": "_EllipticCurvePublicKey", + "ec_curve_name": "secp256r1", + "ec_x": 73166589468063978768506719647133910110540739867789316741176125650210060900177, + "ec_y": 90630578406819255037429180973183047516286263827387529370526503825550657422685, + "key_size": 256, + "rsa_e": null, + "rsa_n": null + }, + "serial_number": 333285949074278727503634643736840240434, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.google.com", + "value": "*.google.com" + } + ], + "rfc4514_string": "CN=*.google.com" + }, + "subject_alternative_name": { + "dns": [ + "*.google.com", + "*.appengine.google.com", + "*.bdn.dev", + "*.cloud.google.com", + "*.crowdsource.google.com", + "*.datacompute.google.com", + "*.google.ca", + "*.google.cl", + "*.google.co.in", + "*.google.co.jp", + "*.google.co.uk", + "*.google.com.ar", + "*.google.com.au", + "*.google.com.br", + "*.google.com.co", + "*.google.com.mx", + "*.google.com.tr", + "*.google.com.vn", + "*.google.de", + "*.google.es", + "*.google.fr", + "*.google.hu", + "*.google.it", + "*.google.nl", + "*.google.pl", + "*.google.pt", + "*.googleadapis.com", + "*.googleapis.cn", + "*.googlevideo.com", + "*.gstatic.cn", + "*.gstatic-cn.com", + "googlecnapps.cn", + "*.googlecnapps.cn", + "googleapps-cn.com", + "*.googleapps-cn.com", + "gkecnapps.cn", + "*.gkecnapps.cn", + "googledownloads.cn", + "*.googledownloads.cn", + "recaptcha.net.cn", + "*.recaptcha.net.cn", + "widevine.cn", + "*.widevine.cn", + "ampproject.org.cn", + "*.ampproject.org.cn", + "ampproject.net.cn", + "*.ampproject.net.cn", + "google-analytics-cn.com", + "*.google-analytics-cn.com", + "googleadservices-cn.com", + "*.googleadservices-cn.com", + "googlevads-cn.com", + "*.googlevads-cn.com", + "googleapis-cn.com", + "*.googleapis-cn.com", + "googleoptimize-cn.com", + "*.googleoptimize-cn.com", + "doubleclick-cn.net", + "*.doubleclick-cn.net", + "*.fls.doubleclick-cn.net", + "*.g.doubleclick-cn.net", + "doubleclick.cn", + "*.doubleclick.cn", + "*.fls.doubleclick.cn", + "*.g.doubleclick.cn", + "dartsearch-cn.net", + "*.dartsearch-cn.net", + "googletraveladservices-cn.com", + "*.googletraveladservices-cn.com", + "googletagservices-cn.com", + "*.googletagservices-cn.com", + "googletagmanager-cn.com", + "*.googletagmanager-cn.com", + "googlesyndication-cn.com", + "*.googlesyndication-cn.com", + "*.safeframe.googlesyndication-cn.com", + "app-measurement-cn.com", + "*.app-measurement-cn.com", + "gvt1-cn.com", + "*.gvt1-cn.com", + "gvt2-cn.com", + "*.gvt2-cn.com", + "2mdn-cn.net", + "*.2mdn-cn.net", + "googleflights-cn.net", + "*.googleflights-cn.net", + "admob-cn.com", + "*.admob-cn.com", + "*.gstatic.com", + "*.metric.gstatic.com", + "*.gvt1.com", + "*.gcpcdn.gvt1.com", + "*.gvt2.com", + "*.gcp.gvt2.com", + "*.url.google.com", + "*.youtube-nocookie.com", + "*.ytimg.com", + "android.com", + "*.android.com", + "*.flash.android.com", + "g.cn", + "*.g.cn", + "g.co", + "*.g.co", + "goo.gl", + "www.goo.gl", + "google-analytics.com", + "*.google-analytics.com", + "google.com", + "googlecommerce.com", + "*.googlecommerce.com", + "ggpht.cn", + "*.ggpht.cn", + "urchin.com", + "*.urchin.com", + "youtu.be", + "youtube.com", + "*.youtube.com", + "youtubeeducation.com", + "*.youtubeeducation.com", + "youtubekids.com", + "*.youtubekids.com", + "yt.be", + "*.yt.be", + "android.clients.google.com", + "developer.android.google.cn", + "developers.android.google.cn", + "source.android.google.cn" + ] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", + "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", + "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2027-09-30T00:00:42", + "not_valid_before": "2020-08-13T00:00:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 + }, + "serial_number": 159612451717983579589660725350, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFYjCCBEqgAwIBAgIQd70NbNs2+RrqIQ/E8FjTDTANBgkqhkiG9w0BAQsFADBX\nMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE\nCxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIwMDYx\nOTAwMDA0MloXDTI4MDEyODAwMDA0MlowRzELMAkGA1UEBhMCVVMxIjAgBgNVBAoT\nGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBMTEMxFDASBgNVBAMTC0dUUyBSb290IFIx\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAthECix7joXebO9y/lD63\nladAPKH9gvl9MgaCcfb2jH/76Nu8ai6Xl6OMS/kr9rH5zoQdsfnFl97vufKj6bwS\niV6nqlKr+CMny6SxnGPb15l+8Ape62im9MZaRw1NEDPjTrETo8gYbEvs/AmQ351k\nKSUjB6G00j0uYODP0gmHu81I8E3CwnqIiru6z1kZ1q+PsAewnjHxgsHA3y6mbWwZ\nDrXYfiYaRQM9sHmklCitD38m5agI/pboPGiUU+6DOogrFZYJsuB6jC511pzrp1Zk\nj5ZPaK49l8KEj8C8QMALXL32h7M1bKwYUH+E4EzNktMg6TO8UpmvMrUpsyUqtEj5\ncuHKZPfmghCN6J3Cioj6OGaK/GP5Afl4/Xtcd/p2h/rs37EOeZVXtL0m79YB0esW\nCruOC7XFxYpVq9Os6pFLKcwZpDIlTirxZUTQAs6qzkm06p98g7BAe+dDq6dso499\niYH6TKX/1Y7DzkvgtdizjkXPdsDtQCv9Uw+wp9U7DbGKogPeMa3Md+pvez7W35Ei\nEua++tgy/BBjFFFy3l3WFpO9KWgz7zpm7AeKJt8T11dleCfeXkkUAKIAf5qoIbap\nsZWwpbkNFhHax2xIPEDgfg1azVY80ZcFuctL7TlLnMQ/0lUTbiSw1nH69MG6zO0b\n9f6BQdgAmD06yK56mDcYBZUCAwEAAaOCATgwggE0MA4GA1UdDwEB/wQEAwIBhjAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTkrysmcRorSCeFL1JmLO/wiRNxPjAf\nBgNVHSMEGDAWgBRge2YaRQ2XyolQL30EzTSo//z9SzBgBggrBgEFBQcBAQRUMFIw\nJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnBraS5nb29nL2dzcjEwKQYIKwYBBQUH\nMAKGHWh0dHA6Ly9wa2kuZ29vZy9nc3IxL2dzcjEuY3J0MDIGA1UdHwQrMCkwJ6Al\noCOGIWh0dHA6Ly9jcmwucGtpLmdvb2cvZ3NyMS9nc3IxLmNybDA7BgNVHSAENDAy\nMAgGBmeBDAECATAIBgZngQwBAgIwDQYLKwYBBAHWeQIFAwIwDQYLKwYBBAHWeQIF\nAwMwDQYJKoZIhvcNAQELBQADggEBADSkHrEoo9C0dhemMXoh6dFSPsjbdBZBiLg9\nNR3t5P+T4Vxfq7vqfM/b5A3Ri1fyJm9bvhdGaJQ3b2t6yMAYN/olUazsaL+yyEn9\nWprKASOshIArAoyZl+tJaox118fessmXn1hIVw41oeQa1v1vg4Fv74zPl6/AhSrw\n9U5pCZEt4Wi4wStz6dTZ/CLANx8LZh1J7QJVj2fhMtfTJr9w4z30Z209fOU0iOMy\n+qduBmpvvYuR7hZL6Dupszfnw0Skfths18dG9ZKb59UhvmaSGZRVbNQpsg3BZlvi\nd0lIKO2d1xozclOzgjXPYovJJIultzkMu34qQb9Sz/yilrbCgj8=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "CHRUh+iRwZ4weMHyoH5FKVDvNvY=", + "fingerprint_sha256": "PuAnjfcfo8ElxM1IfwHXdGlOb8V+DNlMJO/XaRM5GOU=", + "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=BE", + "value": "BE" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=GlobalSign nv-sa", + "value": "GlobalSign nv-sa" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=Root CA", + "value": "Root CA" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GlobalSign Root CA", + "value": "GlobalSign Root CA" + } + ], + "rfc4514_string": "CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE" + }, + "not_valid_after": "2028-01-28T00:00:42", + "not_valid_before": "2020-06-19T00:00:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 + }, + "serial_number": 159159747900478145820483398898491642637, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG\nA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv\nb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw\nMDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i\nYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT\naWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ\njc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp\nxy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp\n1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG\nsnUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ\nU26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8\n9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E\nBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B\nAQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz\nyj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE\n38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP\nAbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad\nDKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME\nHMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "sbyWi9T0nWIqqJqB8hUBUqQdgpw=", + "fingerprint_sha256": "69QQQOS7PsdCyeOB0x7ypBpItmhclufO88HfbNQzHJk=", + "hpkp_pin": "K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=BE", + "value": "BE" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=GlobalSign nv-sa", + "value": "GlobalSign nv-sa" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=Root CA", + "value": "Root CA" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GlobalSign Root CA", + "value": "GlobalSign Root CA" + } + ], + "rfc4514_string": "CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE" + }, + "not_valid_after": "2028-01-28T12:00:00", + "not_valid_before": "1998-09-01T12:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27527298331346624659307815003393871405544020859223571253338520804765223430982458246098772321151941672961640627675186276205051526242643378100158885513217742058056466168392650055013100104849176312294167242041140310435772026717601763184706480259485212806902223894888566729634266984619221168862421838192203495151893762216777748330129909588210203299778581898175320882908371930984451809054509645379277309791084909705758372477320893336152882629891014286744815684371510751674825920204180490258122986862539585201934155220945732937830308834387108046657005363452071776396707181283143463213972159925612976006433949563180335468751 + }, + "serial_number": 4835703278459707669005204, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=BE", + "value": "BE" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=GlobalSign nv-sa", + "value": "GlobalSign nv-sa" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=Root CA", + "value": "Root CA" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GlobalSign Root CA", + "value": "GlobalSign Root CA" + } + ], + "rfc4514_string": "CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": [ + { + "dotted_string": "1.2.276.0.44.1.1.1.4", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.392.200091.100.721.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.40.0.17.1.22", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.616.1.113527.2.5.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.159.1.17.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.13177.10.1.3.10", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14370.1.6", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14777.6.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14777.6.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.14.2.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.14.2.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.8.12.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.8.12.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.22234.2.5.2.3.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.23223.1.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.29836.1.10", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.3", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.4", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.36305.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.40869.1.1.22.3", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.4146.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.4788.2.202.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.6334.1.100.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.6449.1.2.1.5.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.782.1.2.1.8.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.7879.13.24.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.8024.0.2.100.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.156.112554.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.528.1.1003.1.2.7", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.578.1.26.1.3.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.756.1.83.21.0", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.756.1.89.1.2.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.792.3.0.3.1.1.5", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.792.3.0.4.1.1.4", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.113733.1.7.23.6", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.113733.1.7.48.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114028.10.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114171.500.9", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114404.1.1.2.4.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114412.2.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114413.1.7.23.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114414.1.7.23.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114414.1.7.24.3", + "name": "Unknown OID" + } + ], + "name": "Mozilla", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/mozilla_nss.pem", + "version": "2021-09-25" }, - "status": "COMPLETED" - }, - "http_headers": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "openssl_ccs_injection": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_ccs_injection": false + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIINsjCCDJqgAwIBAgIRAPq8ife/MxCUCgAAAAEl/TIwDQYJKoZIhvcNAQELBQAw\nRjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM\nTEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjExMTI5MDIyMjMzWhcNMjIwMjIx\nMDIyMjMyWjAXMRUwEwYDVQQDDAwqLmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggq\nhkjOPQMBBwNCAAShwtJ0zDJohmgYDI9a4Sxu+2c8JyYLtfnS/wdyRoIXUchfFuyr\nWO+bwp1BW6Fkauoqu0LeDXO8oysHN8gba4Vdo4ILkzCCC48wDgYDVR0PAQH/BAQD\nAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE\nFAQOcJ1gEZcBGw5+crGZ5Sj3KeByMB8GA1UdIwQYMBaAFIp0f6+Fze6VzT2c0OJG\nFPNxNR0nMGoGCCsGAQUFBwEBBF4wXDAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Au\ncGtpLmdvb2cvZ3RzMWMzMDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVw\nby9jZXJ0cy9ndHMxYzMuZGVyMIIJQgYDVR0RBIIJOTCCCTWCDCouZ29vZ2xlLmNv\nbYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYIJKi5iZG4uZGV2ghIqLmNsb3VkLmdv\nb2dsZS5jb22CGCouY3Jvd2Rzb3VyY2UuZ29vZ2xlLmNvbYIYKi5kYXRhY29tcHV0\nZS5nb29nbGUuY29tggsqLmdvb2dsZS5jYYILKi5nb29nbGUuY2yCDiouZ29vZ2xl\nLmNvLmlugg4qLmdvb2dsZS5jby5qcIIOKi5nb29nbGUuY28udWuCDyouZ29vZ2xl\nLmNvbS5hcoIPKi5nb29nbGUuY29tLmF1gg8qLmdvb2dsZS5jb20uYnKCDyouZ29v\nZ2xlLmNvbS5jb4IPKi5nb29nbGUuY29tLm14gg8qLmdvb2dsZS5jb20udHKCDyou\nZ29vZ2xlLmNvbS52boILKi5nb29nbGUuZGWCCyouZ29vZ2xlLmVzggsqLmdvb2ds\nZS5mcoILKi5nb29nbGUuaHWCCyouZ29vZ2xlLml0ggsqLmdvb2dsZS5ubIILKi5n\nb29nbGUucGyCCyouZ29vZ2xlLnB0ghIqLmdvb2dsZWFkYXBpcy5jb22CDyouZ29v\nZ2xlYXBpcy5jboIRKi5nb29nbGV2aWRlby5jb22CDCouZ3N0YXRpYy5jboIQKi5n\nc3RhdGljLWNuLmNvbYIPZ29vZ2xlY25hcHBzLmNughEqLmdvb2dsZWNuYXBwcy5j\nboIRZ29vZ2xlYXBwcy1jbi5jb22CEyouZ29vZ2xlYXBwcy1jbi5jb22CDGdrZWNu\nYXBwcy5jboIOKi5na2VjbmFwcHMuY26CEmdvb2dsZWRvd25sb2Fkcy5jboIUKi5n\nb29nbGVkb3dubG9hZHMuY26CEHJlY2FwdGNoYS5uZXQuY26CEioucmVjYXB0Y2hh\nLm5ldC5jboILd2lkZXZpbmUuY26CDSoud2lkZXZpbmUuY26CEWFtcHByb2plY3Qu\nb3JnLmNughMqLmFtcHByb2plY3Qub3JnLmNughFhbXBwcm9qZWN0Lm5ldC5jboIT\nKi5hbXBwcm9qZWN0Lm5ldC5jboIXZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CGSou\nZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CF2dvb2dsZWFkc2VydmljZXMtY24uY29t\nghkqLmdvb2dsZWFkc2VydmljZXMtY24uY29tghFnb29nbGV2YWRzLWNuLmNvbYIT\nKi5nb29nbGV2YWRzLWNuLmNvbYIRZ29vZ2xlYXBpcy1jbi5jb22CEyouZ29vZ2xl\nYXBpcy1jbi5jb22CFWdvb2dsZW9wdGltaXplLWNuLmNvbYIXKi5nb29nbGVvcHRp\nbWl6ZS1jbi5jb22CEmRvdWJsZWNsaWNrLWNuLm5ldIIUKi5kb3VibGVjbGljay1j\nbi5uZXSCGCouZmxzLmRvdWJsZWNsaWNrLWNuLm5ldIIWKi5nLmRvdWJsZWNsaWNr\nLWNuLm5ldIIOZG91YmxlY2xpY2suY26CECouZG91YmxlY2xpY2suY26CFCouZmxz\nLmRvdWJsZWNsaWNrLmNughIqLmcuZG91YmxlY2xpY2suY26CEWRhcnRzZWFyY2gt\nY24ubmV0ghMqLmRhcnRzZWFyY2gtY24ubmV0gh1nb29nbGV0cmF2ZWxhZHNlcnZp\nY2VzLWNuLmNvbYIfKi5nb29nbGV0cmF2ZWxhZHNlcnZpY2VzLWNuLmNvbYIYZ29v\nZ2xldGFnc2VydmljZXMtY24uY29tghoqLmdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNv\nbYIXZ29vZ2xldGFnbWFuYWdlci1jbi5jb22CGSouZ29vZ2xldGFnbWFuYWdlci1j\nbi5jb22CGGdvb2dsZXN5bmRpY2F0aW9uLWNuLmNvbYIaKi5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CJCouc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLWNuLmNv\nbYIWYXBwLW1lYXN1cmVtZW50LWNuLmNvbYIYKi5hcHAtbWVhc3VyZW1lbnQtY24u\nY29tggtndnQxLWNuLmNvbYINKi5ndnQxLWNuLmNvbYILZ3Z0Mi1jbi5jb22CDSou\nZ3Z0Mi1jbi5jb22CCzJtZG4tY24ubmV0gg0qLjJtZG4tY24ubmV0ghRnb29nbGVm\nbGlnaHRzLWNuLm5ldIIWKi5nb29nbGVmbGlnaHRzLWNuLm5ldIIMYWRtb2ItY24u\nY29tgg4qLmFkbW9iLWNuLmNvbYINKi5nc3RhdGljLmNvbYIUKi5tZXRyaWMuZ3N0\nYXRpYy5jb22CCiouZ3Z0MS5jb22CESouZ2NwY2RuLmd2dDEuY29tggoqLmd2dDIu\nY29tgg4qLmdjcC5ndnQyLmNvbYIQKi51cmwuZ29vZ2xlLmNvbYIWKi55b3V0dWJl\nLW5vY29va2llLmNvbYILKi55dGltZy5jb22CC2FuZHJvaWQuY29tgg0qLmFuZHJv\naWQuY29tghMqLmZsYXNoLmFuZHJvaWQuY29tggRnLmNuggYqLmcuY26CBGcuY2+C\nBiouZy5jb4IGZ29vLmdsggp3d3cuZ29vLmdsghRnb29nbGUtYW5hbHl0aWNzLmNv\nbYIWKi5nb29nbGUtYW5hbHl0aWNzLmNvbYIKZ29vZ2xlLmNvbYISZ29vZ2xlY29t\nbWVyY2UuY29tghQqLmdvb2dsZWNvbW1lcmNlLmNvbYIIZ2dwaHQuY26CCiouZ2dw\naHQuY26CCnVyY2hpbi5jb22CDCoudXJjaGluLmNvbYIIeW91dHUuYmWCC3lvdXR1\nYmUuY29tgg0qLnlvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbYIWKi55\nb3V0dWJlZWR1Y2F0aW9uLmNvbYIPeW91dHViZWtpZHMuY29tghEqLnlvdXR1YmVr\naWRzLmNvbYIFeXQuYmWCByoueXQuYmWCGmFuZHJvaWQuY2xpZW50cy5nb29nbGUu\nY29tghtkZXZlbG9wZXIuYW5kcm9pZC5nb29nbGUuY26CHGRldmVsb3BlcnMuYW5k\ncm9pZC5nb29nbGUuY26CGHNvdXJjZS5hbmRyb2lkLmdvb2dsZS5jbjAhBgNVHSAE\nGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAvoC2GK2h0\ndHA6Ly9jcmxzLnBraS5nb29nL2d0czFjMy9RcUZ4Ymk5TTQ4Yy5jcmwwggEFBgor\nBgEEAdZ5AgQCBIH2BIHzAPEAdwApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZc\nJV3HhAAAAX1pt0b0AAAEAwBIMEYCIQC1x9lAp2IZtthi0mxfjtSDXCR714tElKsl\nM61c4kJv/gIhAJPjgGFY5XBnQSaV/jHFfoRcbksMU+lruflT+sfvLLqcAHYAQcjK\nsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF9abdHmAAABAMARzBFAiEA\nhzUCqPYG77z0wZUE3y2DmZhTaStBB9BMVBfYSQmYTogCIHbA8hBzj6kjpaw57Zid\ntP5Dz5Zli2xOJQB+W4s15tI8MA0GCSqGSIb3DQEBCwUAA4IBAQB2aorYRKwUQJI2\n80q1y1Q2Z8c6pem1MWxRX/Ptapmsp1ucrsmu+VaC1YMCSlW1exVieyMhOIvcKDBy\n/8L0FUEAmsL8fCTroRQ4DnZVLelFk9vmVsiSQtfYHOf6rwEbOrv+94kk964iQCLQ\nFYN5klRqI0hWa3wYe6tnXm/2PvPbAwqsnAq3q+Iek+3pGm6YTshJyA7P9L176psd\ndm6slAYpHOryFcrvXzu1lHSylCAFNT/OYcH1GLTf0qJXuN7YnX9swoYu2oCDkIyA\nHss2DDp7f8qf0VgDNNxZB8drZ9ID85YA3qgeIbHHAB8UIj8qkKXkmybfMxVL0lz3\niY73asSm\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "vU56xz130U36VqWYgldabl+ckbo=", + "fingerprint_sha256": "Etq1XziM4dAVPJQLgqP+8Xo2sL06Jdsb3IQ6Y10L9eI=", + "hpkp_pin": "Z7iX8iPL/tb+En3S+O8dX8VWg/fn/BYJGWopTO3cNqU=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2022-02-21T02:22:32", + "not_valid_before": "2021-11-29T02:22:33", + "public_key": { + "algorithm": "_EllipticCurvePublicKey", + "ec_curve_name": "secp256r1", + "ec_x": 73166589468063978768506719647133910110540739867789316741176125650210060900177, + "ec_y": 90630578406819255037429180973183047516286263827387529370526503825550657422685, + "key_size": 256, + "rsa_e": null, + "rsa_n": null + }, + "serial_number": 333285949074278727503634643736840240434, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.google.com", + "value": "*.google.com" + } + ], + "rfc4514_string": "CN=*.google.com" + }, + "subject_alternative_name": { + "dns": [ + "*.google.com", + "*.appengine.google.com", + "*.bdn.dev", + "*.cloud.google.com", + "*.crowdsource.google.com", + "*.datacompute.google.com", + "*.google.ca", + "*.google.cl", + "*.google.co.in", + "*.google.co.jp", + "*.google.co.uk", + "*.google.com.ar", + "*.google.com.au", + "*.google.com.br", + "*.google.com.co", + "*.google.com.mx", + "*.google.com.tr", + "*.google.com.vn", + "*.google.de", + "*.google.es", + "*.google.fr", + "*.google.hu", + "*.google.it", + "*.google.nl", + "*.google.pl", + "*.google.pt", + "*.googleadapis.com", + "*.googleapis.cn", + "*.googlevideo.com", + "*.gstatic.cn", + "*.gstatic-cn.com", + "googlecnapps.cn", + "*.googlecnapps.cn", + "googleapps-cn.com", + "*.googleapps-cn.com", + "gkecnapps.cn", + "*.gkecnapps.cn", + "googledownloads.cn", + "*.googledownloads.cn", + "recaptcha.net.cn", + "*.recaptcha.net.cn", + "widevine.cn", + "*.widevine.cn", + "ampproject.org.cn", + "*.ampproject.org.cn", + "ampproject.net.cn", + "*.ampproject.net.cn", + "google-analytics-cn.com", + "*.google-analytics-cn.com", + "googleadservices-cn.com", + "*.googleadservices-cn.com", + "googlevads-cn.com", + "*.googlevads-cn.com", + "googleapis-cn.com", + "*.googleapis-cn.com", + "googleoptimize-cn.com", + "*.googleoptimize-cn.com", + "doubleclick-cn.net", + "*.doubleclick-cn.net", + "*.fls.doubleclick-cn.net", + "*.g.doubleclick-cn.net", + "doubleclick.cn", + "*.doubleclick.cn", + "*.fls.doubleclick.cn", + "*.g.doubleclick.cn", + "dartsearch-cn.net", + "*.dartsearch-cn.net", + "googletraveladservices-cn.com", + "*.googletraveladservices-cn.com", + "googletagservices-cn.com", + "*.googletagservices-cn.com", + "googletagmanager-cn.com", + "*.googletagmanager-cn.com", + "googlesyndication-cn.com", + "*.googlesyndication-cn.com", + "*.safeframe.googlesyndication-cn.com", + "app-measurement-cn.com", + "*.app-measurement-cn.com", + "gvt1-cn.com", + "*.gvt1-cn.com", + "gvt2-cn.com", + "*.gvt2-cn.com", + "2mdn-cn.net", + "*.2mdn-cn.net", + "googleflights-cn.net", + "*.googleflights-cn.net", + "admob-cn.com", + "*.admob-cn.com", + "*.gstatic.com", + "*.metric.gstatic.com", + "*.gvt1.com", + "*.gcpcdn.gvt1.com", + "*.gvt2.com", + "*.gcp.gvt2.com", + "*.url.google.com", + "*.youtube-nocookie.com", + "*.ytimg.com", + "android.com", + "*.android.com", + "*.flash.android.com", + "g.cn", + "*.g.cn", + "g.co", + "*.g.co", + "goo.gl", + "www.goo.gl", + "google-analytics.com", + "*.google-analytics.com", + "google.com", + "googlecommerce.com", + "*.googlecommerce.com", + "ggpht.cn", + "*.ggpht.cn", + "urchin.com", + "*.urchin.com", + "youtu.be", + "youtube.com", + "*.youtube.com", + "youtubeeducation.com", + "*.youtubeeducation.com", + "youtubekids.com", + "*.youtubekids.com", + "yt.be", + "*.yt.be", + "android.clients.google.com", + "developer.android.google.cn", + "developers.android.google.cn", + "source.android.google.cn" + ] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", + "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", + "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2027-09-30T00:00:42", + "not_valid_before": "2020-08-13T00:00:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 + }, + "serial_number": 159612451717983579589660725350, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", + "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", + "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2036-06-22T00:00:00", + "not_valid_before": "2016-06-22T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 + }, + "serial_number": 146587175971765017618439757810265552097, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.12", + "name": "sha384WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 48, + "name": "sha384" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Windows", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/microsoft_windows.pem", + "version": "2021-09-25" }, - "status": "COMPLETED" - }, - "robot": { - "error_reason": null, - "error_trace": null, - "result": { - "robot_result": "NOT_VULNERABLE_NO_ORACLE" + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIINsjCCDJqgAwIBAgIRAPq8ife/MxCUCgAAAAEl/TIwDQYJKoZIhvcNAQELBQAw\nRjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM\nTEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjExMTI5MDIyMjMzWhcNMjIwMjIx\nMDIyMjMyWjAXMRUwEwYDVQQDDAwqLmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggq\nhkjOPQMBBwNCAAShwtJ0zDJohmgYDI9a4Sxu+2c8JyYLtfnS/wdyRoIXUchfFuyr\nWO+bwp1BW6Fkauoqu0LeDXO8oysHN8gba4Vdo4ILkzCCC48wDgYDVR0PAQH/BAQD\nAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE\nFAQOcJ1gEZcBGw5+crGZ5Sj3KeByMB8GA1UdIwQYMBaAFIp0f6+Fze6VzT2c0OJG\nFPNxNR0nMGoGCCsGAQUFBwEBBF4wXDAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Au\ncGtpLmdvb2cvZ3RzMWMzMDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVw\nby9jZXJ0cy9ndHMxYzMuZGVyMIIJQgYDVR0RBIIJOTCCCTWCDCouZ29vZ2xlLmNv\nbYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYIJKi5iZG4uZGV2ghIqLmNsb3VkLmdv\nb2dsZS5jb22CGCouY3Jvd2Rzb3VyY2UuZ29vZ2xlLmNvbYIYKi5kYXRhY29tcHV0\nZS5nb29nbGUuY29tggsqLmdvb2dsZS5jYYILKi5nb29nbGUuY2yCDiouZ29vZ2xl\nLmNvLmlugg4qLmdvb2dsZS5jby5qcIIOKi5nb29nbGUuY28udWuCDyouZ29vZ2xl\nLmNvbS5hcoIPKi5nb29nbGUuY29tLmF1gg8qLmdvb2dsZS5jb20uYnKCDyouZ29v\nZ2xlLmNvbS5jb4IPKi5nb29nbGUuY29tLm14gg8qLmdvb2dsZS5jb20udHKCDyou\nZ29vZ2xlLmNvbS52boILKi5nb29nbGUuZGWCCyouZ29vZ2xlLmVzggsqLmdvb2ds\nZS5mcoILKi5nb29nbGUuaHWCCyouZ29vZ2xlLml0ggsqLmdvb2dsZS5ubIILKi5n\nb29nbGUucGyCCyouZ29vZ2xlLnB0ghIqLmdvb2dsZWFkYXBpcy5jb22CDyouZ29v\nZ2xlYXBpcy5jboIRKi5nb29nbGV2aWRlby5jb22CDCouZ3N0YXRpYy5jboIQKi5n\nc3RhdGljLWNuLmNvbYIPZ29vZ2xlY25hcHBzLmNughEqLmdvb2dsZWNuYXBwcy5j\nboIRZ29vZ2xlYXBwcy1jbi5jb22CEyouZ29vZ2xlYXBwcy1jbi5jb22CDGdrZWNu\nYXBwcy5jboIOKi5na2VjbmFwcHMuY26CEmdvb2dsZWRvd25sb2Fkcy5jboIUKi5n\nb29nbGVkb3dubG9hZHMuY26CEHJlY2FwdGNoYS5uZXQuY26CEioucmVjYXB0Y2hh\nLm5ldC5jboILd2lkZXZpbmUuY26CDSoud2lkZXZpbmUuY26CEWFtcHByb2plY3Qu\nb3JnLmNughMqLmFtcHByb2plY3Qub3JnLmNughFhbXBwcm9qZWN0Lm5ldC5jboIT\nKi5hbXBwcm9qZWN0Lm5ldC5jboIXZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CGSou\nZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CF2dvb2dsZWFkc2VydmljZXMtY24uY29t\nghkqLmdvb2dsZWFkc2VydmljZXMtY24uY29tghFnb29nbGV2YWRzLWNuLmNvbYIT\nKi5nb29nbGV2YWRzLWNuLmNvbYIRZ29vZ2xlYXBpcy1jbi5jb22CEyouZ29vZ2xl\nYXBpcy1jbi5jb22CFWdvb2dsZW9wdGltaXplLWNuLmNvbYIXKi5nb29nbGVvcHRp\nbWl6ZS1jbi5jb22CEmRvdWJsZWNsaWNrLWNuLm5ldIIUKi5kb3VibGVjbGljay1j\nbi5uZXSCGCouZmxzLmRvdWJsZWNsaWNrLWNuLm5ldIIWKi5nLmRvdWJsZWNsaWNr\nLWNuLm5ldIIOZG91YmxlY2xpY2suY26CECouZG91YmxlY2xpY2suY26CFCouZmxz\nLmRvdWJsZWNsaWNrLmNughIqLmcuZG91YmxlY2xpY2suY26CEWRhcnRzZWFyY2gt\nY24ubmV0ghMqLmRhcnRzZWFyY2gtY24ubmV0gh1nb29nbGV0cmF2ZWxhZHNlcnZp\nY2VzLWNuLmNvbYIfKi5nb29nbGV0cmF2ZWxhZHNlcnZpY2VzLWNuLmNvbYIYZ29v\nZ2xldGFnc2VydmljZXMtY24uY29tghoqLmdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNv\nbYIXZ29vZ2xldGFnbWFuYWdlci1jbi5jb22CGSouZ29vZ2xldGFnbWFuYWdlci1j\nbi5jb22CGGdvb2dsZXN5bmRpY2F0aW9uLWNuLmNvbYIaKi5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CJCouc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLWNuLmNv\nbYIWYXBwLW1lYXN1cmVtZW50LWNuLmNvbYIYKi5hcHAtbWVhc3VyZW1lbnQtY24u\nY29tggtndnQxLWNuLmNvbYINKi5ndnQxLWNuLmNvbYILZ3Z0Mi1jbi5jb22CDSou\nZ3Z0Mi1jbi5jb22CCzJtZG4tY24ubmV0gg0qLjJtZG4tY24ubmV0ghRnb29nbGVm\nbGlnaHRzLWNuLm5ldIIWKi5nb29nbGVmbGlnaHRzLWNuLm5ldIIMYWRtb2ItY24u\nY29tgg4qLmFkbW9iLWNuLmNvbYINKi5nc3RhdGljLmNvbYIUKi5tZXRyaWMuZ3N0\nYXRpYy5jb22CCiouZ3Z0MS5jb22CESouZ2NwY2RuLmd2dDEuY29tggoqLmd2dDIu\nY29tgg4qLmdjcC5ndnQyLmNvbYIQKi51cmwuZ29vZ2xlLmNvbYIWKi55b3V0dWJl\nLW5vY29va2llLmNvbYILKi55dGltZy5jb22CC2FuZHJvaWQuY29tgg0qLmFuZHJv\naWQuY29tghMqLmZsYXNoLmFuZHJvaWQuY29tggRnLmNuggYqLmcuY26CBGcuY2+C\nBiouZy5jb4IGZ29vLmdsggp3d3cuZ29vLmdsghRnb29nbGUtYW5hbHl0aWNzLmNv\nbYIWKi5nb29nbGUtYW5hbHl0aWNzLmNvbYIKZ29vZ2xlLmNvbYISZ29vZ2xlY29t\nbWVyY2UuY29tghQqLmdvb2dsZWNvbW1lcmNlLmNvbYIIZ2dwaHQuY26CCiouZ2dw\naHQuY26CCnVyY2hpbi5jb22CDCoudXJjaGluLmNvbYIIeW91dHUuYmWCC3lvdXR1\nYmUuY29tgg0qLnlvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbYIWKi55\nb3V0dWJlZWR1Y2F0aW9uLmNvbYIPeW91dHViZWtpZHMuY29tghEqLnlvdXR1YmVr\naWRzLmNvbYIFeXQuYmWCByoueXQuYmWCGmFuZHJvaWQuY2xpZW50cy5nb29nbGUu\nY29tghtkZXZlbG9wZXIuYW5kcm9pZC5nb29nbGUuY26CHGRldmVsb3BlcnMuYW5k\ncm9pZC5nb29nbGUuY26CGHNvdXJjZS5hbmRyb2lkLmdvb2dsZS5jbjAhBgNVHSAE\nGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAvoC2GK2h0\ndHA6Ly9jcmxzLnBraS5nb29nL2d0czFjMy9RcUZ4Ymk5TTQ4Yy5jcmwwggEFBgor\nBgEEAdZ5AgQCBIH2BIHzAPEAdwApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZc\nJV3HhAAAAX1pt0b0AAAEAwBIMEYCIQC1x9lAp2IZtthi0mxfjtSDXCR714tElKsl\nM61c4kJv/gIhAJPjgGFY5XBnQSaV/jHFfoRcbksMU+lruflT+sfvLLqcAHYAQcjK\nsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF9abdHmAAABAMARzBFAiEA\nhzUCqPYG77z0wZUE3y2DmZhTaStBB9BMVBfYSQmYTogCIHbA8hBzj6kjpaw57Zid\ntP5Dz5Zli2xOJQB+W4s15tI8MA0GCSqGSIb3DQEBCwUAA4IBAQB2aorYRKwUQJI2\n80q1y1Q2Z8c6pem1MWxRX/Ptapmsp1ucrsmu+VaC1YMCSlW1exVieyMhOIvcKDBy\n/8L0FUEAmsL8fCTroRQ4DnZVLelFk9vmVsiSQtfYHOf6rwEbOrv+94kk964iQCLQ\nFYN5klRqI0hWa3wYe6tnXm/2PvPbAwqsnAq3q+Iek+3pGm6YTshJyA7P9L176psd\ndm6slAYpHOryFcrvXzu1lHSylCAFNT/OYcH1GLTf0qJXuN7YnX9swoYu2oCDkIyA\nHss2DDp7f8qf0VgDNNxZB8drZ9ID85YA3qgeIbHHAB8UIj8qkKXkmybfMxVL0lz3\niY73asSm\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "vU56xz130U36VqWYgldabl+ckbo=", + "fingerprint_sha256": "Etq1XziM4dAVPJQLgqP+8Xo2sL06Jdsb3IQ6Y10L9eI=", + "hpkp_pin": "Z7iX8iPL/tb+En3S+O8dX8VWg/fn/BYJGWopTO3cNqU=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2022-02-21T02:22:32", + "not_valid_before": "2021-11-29T02:22:33", + "public_key": { + "algorithm": "_EllipticCurvePublicKey", + "ec_curve_name": "secp256r1", + "ec_x": 73166589468063978768506719647133910110540739867789316741176125650210060900177, + "ec_y": 90630578406819255037429180973183047516286263827387529370526503825550657422685, + "key_size": 256, + "rsa_e": null, + "rsa_n": null + }, + "serial_number": 333285949074278727503634643736840240434, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.google.com", + "value": "*.google.com" + } + ], + "rfc4514_string": "CN=*.google.com" + }, + "subject_alternative_name": { + "dns": [ + "*.google.com", + "*.appengine.google.com", + "*.bdn.dev", + "*.cloud.google.com", + "*.crowdsource.google.com", + "*.datacompute.google.com", + "*.google.ca", + "*.google.cl", + "*.google.co.in", + "*.google.co.jp", + "*.google.co.uk", + "*.google.com.ar", + "*.google.com.au", + "*.google.com.br", + "*.google.com.co", + "*.google.com.mx", + "*.google.com.tr", + "*.google.com.vn", + "*.google.de", + "*.google.es", + "*.google.fr", + "*.google.hu", + "*.google.it", + "*.google.nl", + "*.google.pl", + "*.google.pt", + "*.googleadapis.com", + "*.googleapis.cn", + "*.googlevideo.com", + "*.gstatic.cn", + "*.gstatic-cn.com", + "googlecnapps.cn", + "*.googlecnapps.cn", + "googleapps-cn.com", + "*.googleapps-cn.com", + "gkecnapps.cn", + "*.gkecnapps.cn", + "googledownloads.cn", + "*.googledownloads.cn", + "recaptcha.net.cn", + "*.recaptcha.net.cn", + "widevine.cn", + "*.widevine.cn", + "ampproject.org.cn", + "*.ampproject.org.cn", + "ampproject.net.cn", + "*.ampproject.net.cn", + "google-analytics-cn.com", + "*.google-analytics-cn.com", + "googleadservices-cn.com", + "*.googleadservices-cn.com", + "googlevads-cn.com", + "*.googlevads-cn.com", + "googleapis-cn.com", + "*.googleapis-cn.com", + "googleoptimize-cn.com", + "*.googleoptimize-cn.com", + "doubleclick-cn.net", + "*.doubleclick-cn.net", + "*.fls.doubleclick-cn.net", + "*.g.doubleclick-cn.net", + "doubleclick.cn", + "*.doubleclick.cn", + "*.fls.doubleclick.cn", + "*.g.doubleclick.cn", + "dartsearch-cn.net", + "*.dartsearch-cn.net", + "googletraveladservices-cn.com", + "*.googletraveladservices-cn.com", + "googletagservices-cn.com", + "*.googletagservices-cn.com", + "googletagmanager-cn.com", + "*.googletagmanager-cn.com", + "googlesyndication-cn.com", + "*.googlesyndication-cn.com", + "*.safeframe.googlesyndication-cn.com", + "app-measurement-cn.com", + "*.app-measurement-cn.com", + "gvt1-cn.com", + "*.gvt1-cn.com", + "gvt2-cn.com", + "*.gvt2-cn.com", + "2mdn-cn.net", + "*.2mdn-cn.net", + "googleflights-cn.net", + "*.googleflights-cn.net", + "admob-cn.com", + "*.admob-cn.com", + "*.gstatic.com", + "*.metric.gstatic.com", + "*.gvt1.com", + "*.gcpcdn.gvt1.com", + "*.gvt2.com", + "*.gcp.gvt2.com", + "*.url.google.com", + "*.youtube-nocookie.com", + "*.ytimg.com", + "android.com", + "*.android.com", + "*.flash.android.com", + "g.cn", + "*.g.cn", + "g.co", + "*.g.co", + "goo.gl", + "www.goo.gl", + "google-analytics.com", + "*.google-analytics.com", + "google.com", + "googlecommerce.com", + "*.googlecommerce.com", + "ggpht.cn", + "*.ggpht.cn", + "urchin.com", + "*.urchin.com", + "youtu.be", + "youtube.com", + "*.youtube.com", + "youtubeeducation.com", + "*.youtubeeducation.com", + "youtubekids.com", + "*.youtubekids.com", + "yt.be", + "*.yt.be", + "android.clients.google.com", + "developer.android.google.cn", + "developers.android.google.cn", + "source.android.google.cn" + ] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", + "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", + "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2027-09-30T00:00:42", + "not_valid_before": "2020-08-13T00:00:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 + }, + "serial_number": 159612451717983579589660725350, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", + "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", + "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2036-06-22T00:00:00", + "not_valid_before": "2016-06-22T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 + }, + "serial_number": 146587175971765017618439757810265552097, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.12", + "name": "sha384WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 48, + "name": "sha384" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + } + ], + "received_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIINsjCCDJqgAwIBAgIRAPq8ife/MxCUCgAAAAEl/TIwDQYJKoZIhvcNAQELBQAw\nRjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM\nTEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjExMTI5MDIyMjMzWhcNMjIwMjIx\nMDIyMjMyWjAXMRUwEwYDVQQDDAwqLmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggq\nhkjOPQMBBwNCAAShwtJ0zDJohmgYDI9a4Sxu+2c8JyYLtfnS/wdyRoIXUchfFuyr\nWO+bwp1BW6Fkauoqu0LeDXO8oysHN8gba4Vdo4ILkzCCC48wDgYDVR0PAQH/BAQD\nAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE\nFAQOcJ1gEZcBGw5+crGZ5Sj3KeByMB8GA1UdIwQYMBaAFIp0f6+Fze6VzT2c0OJG\nFPNxNR0nMGoGCCsGAQUFBwEBBF4wXDAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Au\ncGtpLmdvb2cvZ3RzMWMzMDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVw\nby9jZXJ0cy9ndHMxYzMuZGVyMIIJQgYDVR0RBIIJOTCCCTWCDCouZ29vZ2xlLmNv\nbYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYIJKi5iZG4uZGV2ghIqLmNsb3VkLmdv\nb2dsZS5jb22CGCouY3Jvd2Rzb3VyY2UuZ29vZ2xlLmNvbYIYKi5kYXRhY29tcHV0\nZS5nb29nbGUuY29tggsqLmdvb2dsZS5jYYILKi5nb29nbGUuY2yCDiouZ29vZ2xl\nLmNvLmlugg4qLmdvb2dsZS5jby5qcIIOKi5nb29nbGUuY28udWuCDyouZ29vZ2xl\nLmNvbS5hcoIPKi5nb29nbGUuY29tLmF1gg8qLmdvb2dsZS5jb20uYnKCDyouZ29v\nZ2xlLmNvbS5jb4IPKi5nb29nbGUuY29tLm14gg8qLmdvb2dsZS5jb20udHKCDyou\nZ29vZ2xlLmNvbS52boILKi5nb29nbGUuZGWCCyouZ29vZ2xlLmVzggsqLmdvb2ds\nZS5mcoILKi5nb29nbGUuaHWCCyouZ29vZ2xlLml0ggsqLmdvb2dsZS5ubIILKi5n\nb29nbGUucGyCCyouZ29vZ2xlLnB0ghIqLmdvb2dsZWFkYXBpcy5jb22CDyouZ29v\nZ2xlYXBpcy5jboIRKi5nb29nbGV2aWRlby5jb22CDCouZ3N0YXRpYy5jboIQKi5n\nc3RhdGljLWNuLmNvbYIPZ29vZ2xlY25hcHBzLmNughEqLmdvb2dsZWNuYXBwcy5j\nboIRZ29vZ2xlYXBwcy1jbi5jb22CEyouZ29vZ2xlYXBwcy1jbi5jb22CDGdrZWNu\nYXBwcy5jboIOKi5na2VjbmFwcHMuY26CEmdvb2dsZWRvd25sb2Fkcy5jboIUKi5n\nb29nbGVkb3dubG9hZHMuY26CEHJlY2FwdGNoYS5uZXQuY26CEioucmVjYXB0Y2hh\nLm5ldC5jboILd2lkZXZpbmUuY26CDSoud2lkZXZpbmUuY26CEWFtcHByb2plY3Qu\nb3JnLmNughMqLmFtcHByb2plY3Qub3JnLmNughFhbXBwcm9qZWN0Lm5ldC5jboIT\nKi5hbXBwcm9qZWN0Lm5ldC5jboIXZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CGSou\nZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CF2dvb2dsZWFkc2VydmljZXMtY24uY29t\nghkqLmdvb2dsZWFkc2VydmljZXMtY24uY29tghFnb29nbGV2YWRzLWNuLmNvbYIT\nKi5nb29nbGV2YWRzLWNuLmNvbYIRZ29vZ2xlYXBpcy1jbi5jb22CEyouZ29vZ2xl\nYXBpcy1jbi5jb22CFWdvb2dsZW9wdGltaXplLWNuLmNvbYIXKi5nb29nbGVvcHRp\nbWl6ZS1jbi5jb22CEmRvdWJsZWNsaWNrLWNuLm5ldIIUKi5kb3VibGVjbGljay1j\nbi5uZXSCGCouZmxzLmRvdWJsZWNsaWNrLWNuLm5ldIIWKi5nLmRvdWJsZWNsaWNr\nLWNuLm5ldIIOZG91YmxlY2xpY2suY26CECouZG91YmxlY2xpY2suY26CFCouZmxz\nLmRvdWJsZWNsaWNrLmNughIqLmcuZG91YmxlY2xpY2suY26CEWRhcnRzZWFyY2gt\nY24ubmV0ghMqLmRhcnRzZWFyY2gtY24ubmV0gh1nb29nbGV0cmF2ZWxhZHNlcnZp\nY2VzLWNuLmNvbYIfKi5nb29nbGV0cmF2ZWxhZHNlcnZpY2VzLWNuLmNvbYIYZ29v\nZ2xldGFnc2VydmljZXMtY24uY29tghoqLmdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNv\nbYIXZ29vZ2xldGFnbWFuYWdlci1jbi5jb22CGSouZ29vZ2xldGFnbWFuYWdlci1j\nbi5jb22CGGdvb2dsZXN5bmRpY2F0aW9uLWNuLmNvbYIaKi5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CJCouc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLWNuLmNv\nbYIWYXBwLW1lYXN1cmVtZW50LWNuLmNvbYIYKi5hcHAtbWVhc3VyZW1lbnQtY24u\nY29tggtndnQxLWNuLmNvbYINKi5ndnQxLWNuLmNvbYILZ3Z0Mi1jbi5jb22CDSou\nZ3Z0Mi1jbi5jb22CCzJtZG4tY24ubmV0gg0qLjJtZG4tY24ubmV0ghRnb29nbGVm\nbGlnaHRzLWNuLm5ldIIWKi5nb29nbGVmbGlnaHRzLWNuLm5ldIIMYWRtb2ItY24u\nY29tgg4qLmFkbW9iLWNuLmNvbYINKi5nc3RhdGljLmNvbYIUKi5tZXRyaWMuZ3N0\nYXRpYy5jb22CCiouZ3Z0MS5jb22CESouZ2NwY2RuLmd2dDEuY29tggoqLmd2dDIu\nY29tgg4qLmdjcC5ndnQyLmNvbYIQKi51cmwuZ29vZ2xlLmNvbYIWKi55b3V0dWJl\nLW5vY29va2llLmNvbYILKi55dGltZy5jb22CC2FuZHJvaWQuY29tgg0qLmFuZHJv\naWQuY29tghMqLmZsYXNoLmFuZHJvaWQuY29tggRnLmNuggYqLmcuY26CBGcuY2+C\nBiouZy5jb4IGZ29vLmdsggp3d3cuZ29vLmdsghRnb29nbGUtYW5hbHl0aWNzLmNv\nbYIWKi5nb29nbGUtYW5hbHl0aWNzLmNvbYIKZ29vZ2xlLmNvbYISZ29vZ2xlY29t\nbWVyY2UuY29tghQqLmdvb2dsZWNvbW1lcmNlLmNvbYIIZ2dwaHQuY26CCiouZ2dw\naHQuY26CCnVyY2hpbi5jb22CDCoudXJjaGluLmNvbYIIeW91dHUuYmWCC3lvdXR1\nYmUuY29tgg0qLnlvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbYIWKi55\nb3V0dWJlZWR1Y2F0aW9uLmNvbYIPeW91dHViZWtpZHMuY29tghEqLnlvdXR1YmVr\naWRzLmNvbYIFeXQuYmWCByoueXQuYmWCGmFuZHJvaWQuY2xpZW50cy5nb29nbGUu\nY29tghtkZXZlbG9wZXIuYW5kcm9pZC5nb29nbGUuY26CHGRldmVsb3BlcnMuYW5k\ncm9pZC5nb29nbGUuY26CGHNvdXJjZS5hbmRyb2lkLmdvb2dsZS5jbjAhBgNVHSAE\nGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAvoC2GK2h0\ndHA6Ly9jcmxzLnBraS5nb29nL2d0czFjMy9RcUZ4Ymk5TTQ4Yy5jcmwwggEFBgor\nBgEEAdZ5AgQCBIH2BIHzAPEAdwApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZc\nJV3HhAAAAX1pt0b0AAAEAwBIMEYCIQC1x9lAp2IZtthi0mxfjtSDXCR714tElKsl\nM61c4kJv/gIhAJPjgGFY5XBnQSaV/jHFfoRcbksMU+lruflT+sfvLLqcAHYAQcjK\nsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF9abdHmAAABAMARzBFAiEA\nhzUCqPYG77z0wZUE3y2DmZhTaStBB9BMVBfYSQmYTogCIHbA8hBzj6kjpaw57Zid\ntP5Dz5Zli2xOJQB+W4s15tI8MA0GCSqGSIb3DQEBCwUAA4IBAQB2aorYRKwUQJI2\n80q1y1Q2Z8c6pem1MWxRX/Ptapmsp1ucrsmu+VaC1YMCSlW1exVieyMhOIvcKDBy\n/8L0FUEAmsL8fCTroRQ4DnZVLelFk9vmVsiSQtfYHOf6rwEbOrv+94kk964iQCLQ\nFYN5klRqI0hWa3wYe6tnXm/2PvPbAwqsnAq3q+Iek+3pGm6YTshJyA7P9L176psd\ndm6slAYpHOryFcrvXzu1lHSylCAFNT/OYcH1GLTf0qJXuN7YnX9swoYu2oCDkIyA\nHss2DDp7f8qf0VgDNNxZB8drZ9ID85YA3qgeIbHHAB8UIj8qkKXkmybfMxVL0lz3\niY73asSm\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "vU56xz130U36VqWYgldabl+ckbo=", + "fingerprint_sha256": "Etq1XziM4dAVPJQLgqP+8Xo2sL06Jdsb3IQ6Y10L9eI=", + "hpkp_pin": "Z7iX8iPL/tb+En3S+O8dX8VWg/fn/BYJGWopTO3cNqU=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" }, - "status": "COMPLETED" - }, - "session_renegotiation": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_client_renegotiation_dos": false, - "supports_secure_renegotiation": true + "not_valid_after": "2022-02-21T02:22:32", + "not_valid_before": "2021-11-29T02:22:33", + "public_key": { + "algorithm": "_EllipticCurvePublicKey", + "ec_curve_name": "secp256r1", + "ec_x": 73166589468063978768506719647133910110540739867789316741176125650210060900177, + "ec_y": 90630578406819255037429180973183047516286263827387529370526503825550657422685, + "key_size": 256, + "rsa_e": null, + "rsa_n": null }, - "status": "COMPLETED" - }, - "session_resumption": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "ssl_2_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_RC4_128_WITH_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "Server interrupted the TLS handshake" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "SSL_CK_RC4_128_EXPORT40_WITH_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "Server interrupted the TLS handshake" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_RC2_128_CBC_WITH_MD5", - "openssl_name": "RC2-CBC-MD5" - }, - "error_message": "Server interrupted the TLS handshake" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "Server interrupted the TLS handshake" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_IDEA_128_CBC_WITH_MD5", - "openssl_name": "IDEA-CBC-MD5" - }, - "error_message": "Server interrupted the TLS handshake" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "SSL_CK_DES_64_CBC_WITH_MD5", - "openssl_name": "DES-CBC-MD5" - }, - "error_message": "Server interrupted the TLS handshake" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "SSL_CK_DES_192_EDE3_CBC_WITH_MD5", - "openssl_name": "DES-CBC3-MD5" - }, - "error_message": "Server interrupted the TLS handshake" + "serial_number": 333285949074278727503634643736840240434, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.google.com", + "value": "*.google.com" + } + ], + "rfc4514_string": "CN=*.google.com" + }, + "subject_alternative_name": { + "dns": [ + "*.google.com", + "*.appengine.google.com", + "*.bdn.dev", + "*.cloud.google.com", + "*.crowdsource.google.com", + "*.datacompute.google.com", + "*.google.ca", + "*.google.cl", + "*.google.co.in", + "*.google.co.jp", + "*.google.co.uk", + "*.google.com.ar", + "*.google.com.au", + "*.google.com.br", + "*.google.com.co", + "*.google.com.mx", + "*.google.com.tr", + "*.google.com.vn", + "*.google.de", + "*.google.es", + "*.google.fr", + "*.google.hu", + "*.google.it", + "*.google.nl", + "*.google.pl", + "*.google.pt", + "*.googleadapis.com", + "*.googleapis.cn", + "*.googlevideo.com", + "*.gstatic.cn", + "*.gstatic-cn.com", + "googlecnapps.cn", + "*.googlecnapps.cn", + "googleapps-cn.com", + "*.googleapps-cn.com", + "gkecnapps.cn", + "*.gkecnapps.cn", + "googledownloads.cn", + "*.googledownloads.cn", + "recaptcha.net.cn", + "*.recaptcha.net.cn", + "widevine.cn", + "*.widevine.cn", + "ampproject.org.cn", + "*.ampproject.org.cn", + "ampproject.net.cn", + "*.ampproject.net.cn", + "google-analytics-cn.com", + "*.google-analytics-cn.com", + "googleadservices-cn.com", + "*.googleadservices-cn.com", + "googlevads-cn.com", + "*.googlevads-cn.com", + "googleapis-cn.com", + "*.googleapis-cn.com", + "googleoptimize-cn.com", + "*.googleoptimize-cn.com", + "doubleclick-cn.net", + "*.doubleclick-cn.net", + "*.fls.doubleclick-cn.net", + "*.g.doubleclick-cn.net", + "doubleclick.cn", + "*.doubleclick.cn", + "*.fls.doubleclick.cn", + "*.g.doubleclick.cn", + "dartsearch-cn.net", + "*.dartsearch-cn.net", + "googletraveladservices-cn.com", + "*.googletraveladservices-cn.com", + "googletagservices-cn.com", + "*.googletagservices-cn.com", + "googletagmanager-cn.com", + "*.googletagmanager-cn.com", + "googlesyndication-cn.com", + "*.googlesyndication-cn.com", + "*.safeframe.googlesyndication-cn.com", + "app-measurement-cn.com", + "*.app-measurement-cn.com", + "gvt1-cn.com", + "*.gvt1-cn.com", + "gvt2-cn.com", + "*.gvt2-cn.com", + "2mdn-cn.net", + "*.2mdn-cn.net", + "googleflights-cn.net", + "*.googleflights-cn.net", + "admob-cn.com", + "*.admob-cn.com", + "*.gstatic.com", + "*.metric.gstatic.com", + "*.gvt1.com", + "*.gcpcdn.gvt1.com", + "*.gvt2.com", + "*.gcp.gvt2.com", + "*.url.google.com", + "*.youtube-nocookie.com", + "*.ytimg.com", + "android.com", + "*.android.com", + "*.flash.android.com", + "g.cn", + "*.g.cn", + "g.co", + "*.g.co", + "goo.gl", + "www.goo.gl", + "google-analytics.com", + "*.google-analytics.com", + "google.com", + "googlecommerce.com", + "*.googlecommerce.com", + "ggpht.cn", + "*.ggpht.cn", + "urchin.com", + "*.urchin.com", + "youtu.be", + "youtube.com", + "*.youtube.com", + "youtubeeducation.com", + "*.youtubeeducation.com", + "youtubekids.com", + "*.youtubekids.com", + "yt.be", + "*.yt.be", + "android.clients.google.com", + "developer.android.google.cn", + "developers.android.google.cn", + "source.android.google.cn" + ] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", + "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", + "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2027-09-30T00:00:42", + "not_valid_before": "2020-08-13T00:00:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 + }, + "serial_number": 159612451717983579589660725350, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFYjCCBEqgAwIBAgIQd70NbNs2+RrqIQ/E8FjTDTANBgkqhkiG9w0BAQsFADBX\nMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE\nCxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIwMDYx\nOTAwMDA0MloXDTI4MDEyODAwMDA0MlowRzELMAkGA1UEBhMCVVMxIjAgBgNVBAoT\nGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBMTEMxFDASBgNVBAMTC0dUUyBSb290IFIx\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAthECix7joXebO9y/lD63\nladAPKH9gvl9MgaCcfb2jH/76Nu8ai6Xl6OMS/kr9rH5zoQdsfnFl97vufKj6bwS\niV6nqlKr+CMny6SxnGPb15l+8Ape62im9MZaRw1NEDPjTrETo8gYbEvs/AmQ351k\nKSUjB6G00j0uYODP0gmHu81I8E3CwnqIiru6z1kZ1q+PsAewnjHxgsHA3y6mbWwZ\nDrXYfiYaRQM9sHmklCitD38m5agI/pboPGiUU+6DOogrFZYJsuB6jC511pzrp1Zk\nj5ZPaK49l8KEj8C8QMALXL32h7M1bKwYUH+E4EzNktMg6TO8UpmvMrUpsyUqtEj5\ncuHKZPfmghCN6J3Cioj6OGaK/GP5Afl4/Xtcd/p2h/rs37EOeZVXtL0m79YB0esW\nCruOC7XFxYpVq9Os6pFLKcwZpDIlTirxZUTQAs6qzkm06p98g7BAe+dDq6dso499\niYH6TKX/1Y7DzkvgtdizjkXPdsDtQCv9Uw+wp9U7DbGKogPeMa3Md+pvez7W35Ei\nEua++tgy/BBjFFFy3l3WFpO9KWgz7zpm7AeKJt8T11dleCfeXkkUAKIAf5qoIbap\nsZWwpbkNFhHax2xIPEDgfg1azVY80ZcFuctL7TlLnMQ/0lUTbiSw1nH69MG6zO0b\n9f6BQdgAmD06yK56mDcYBZUCAwEAAaOCATgwggE0MA4GA1UdDwEB/wQEAwIBhjAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTkrysmcRorSCeFL1JmLO/wiRNxPjAf\nBgNVHSMEGDAWgBRge2YaRQ2XyolQL30EzTSo//z9SzBgBggrBgEFBQcBAQRUMFIw\nJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnBraS5nb29nL2dzcjEwKQYIKwYBBQUH\nMAKGHWh0dHA6Ly9wa2kuZ29vZy9nc3IxL2dzcjEuY3J0MDIGA1UdHwQrMCkwJ6Al\noCOGIWh0dHA6Ly9jcmwucGtpLmdvb2cvZ3NyMS9nc3IxLmNybDA7BgNVHSAENDAy\nMAgGBmeBDAECATAIBgZngQwBAgIwDQYLKwYBBAHWeQIFAwIwDQYLKwYBBAHWeQIF\nAwMwDQYJKoZIhvcNAQELBQADggEBADSkHrEoo9C0dhemMXoh6dFSPsjbdBZBiLg9\nNR3t5P+T4Vxfq7vqfM/b5A3Ri1fyJm9bvhdGaJQ3b2t6yMAYN/olUazsaL+yyEn9\nWprKASOshIArAoyZl+tJaox118fessmXn1hIVw41oeQa1v1vg4Fv74zPl6/AhSrw\n9U5pCZEt4Wi4wStz6dTZ/CLANx8LZh1J7QJVj2fhMtfTJr9w4z30Z209fOU0iOMy\n+qduBmpvvYuR7hZL6Dupszfnw0Skfths18dG9ZKb59UhvmaSGZRVbNQpsg3BZlvi\nd0lIKO2d1xozclOzgjXPYovJJIultzkMu34qQb9Sz/yilrbCgj8=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "CHRUh+iRwZ4weMHyoH5FKVDvNvY=", + "fingerprint_sha256": "PuAnjfcfo8ElxM1IfwHXdGlOb8V+DNlMJO/XaRM5GOU=", + "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=BE", + "value": "BE" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=GlobalSign nv-sa", + "value": "GlobalSign nv-sa" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=Root CA", + "value": "Root CA" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GlobalSign Root CA", + "value": "GlobalSign Root CA" + } + ], + "rfc4514_string": "CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE" + }, + "not_valid_after": "2028-01-28T00:00:42", + "not_valid_before": "2020-06-19T00:00:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 + }, + "serial_number": 159159747900478145820483398898491642637, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "received_chain_contains_anchor_certificate": false, + "received_chain_has_valid_order": true, + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIINsjCCDJqgAwIBAgIRAPq8ife/MxCUCgAAAAEl/TIwDQYJKoZIhvcNAQELBQAw\nRjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM\nTEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjExMTI5MDIyMjMzWhcNMjIwMjIx\nMDIyMjMyWjAXMRUwEwYDVQQDDAwqLmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggq\nhkjOPQMBBwNCAAShwtJ0zDJohmgYDI9a4Sxu+2c8JyYLtfnS/wdyRoIXUchfFuyr\nWO+bwp1BW6Fkauoqu0LeDXO8oysHN8gba4Vdo4ILkzCCC48wDgYDVR0PAQH/BAQD\nAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE\nFAQOcJ1gEZcBGw5+crGZ5Sj3KeByMB8GA1UdIwQYMBaAFIp0f6+Fze6VzT2c0OJG\nFPNxNR0nMGoGCCsGAQUFBwEBBF4wXDAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Au\ncGtpLmdvb2cvZ3RzMWMzMDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVw\nby9jZXJ0cy9ndHMxYzMuZGVyMIIJQgYDVR0RBIIJOTCCCTWCDCouZ29vZ2xlLmNv\nbYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYIJKi5iZG4uZGV2ghIqLmNsb3VkLmdv\nb2dsZS5jb22CGCouY3Jvd2Rzb3VyY2UuZ29vZ2xlLmNvbYIYKi5kYXRhY29tcHV0\nZS5nb29nbGUuY29tggsqLmdvb2dsZS5jYYILKi5nb29nbGUuY2yCDiouZ29vZ2xl\nLmNvLmlugg4qLmdvb2dsZS5jby5qcIIOKi5nb29nbGUuY28udWuCDyouZ29vZ2xl\nLmNvbS5hcoIPKi5nb29nbGUuY29tLmF1gg8qLmdvb2dsZS5jb20uYnKCDyouZ29v\nZ2xlLmNvbS5jb4IPKi5nb29nbGUuY29tLm14gg8qLmdvb2dsZS5jb20udHKCDyou\nZ29vZ2xlLmNvbS52boILKi5nb29nbGUuZGWCCyouZ29vZ2xlLmVzggsqLmdvb2ds\nZS5mcoILKi5nb29nbGUuaHWCCyouZ29vZ2xlLml0ggsqLmdvb2dsZS5ubIILKi5n\nb29nbGUucGyCCyouZ29vZ2xlLnB0ghIqLmdvb2dsZWFkYXBpcy5jb22CDyouZ29v\nZ2xlYXBpcy5jboIRKi5nb29nbGV2aWRlby5jb22CDCouZ3N0YXRpYy5jboIQKi5n\nc3RhdGljLWNuLmNvbYIPZ29vZ2xlY25hcHBzLmNughEqLmdvb2dsZWNuYXBwcy5j\nboIRZ29vZ2xlYXBwcy1jbi5jb22CEyouZ29vZ2xlYXBwcy1jbi5jb22CDGdrZWNu\nYXBwcy5jboIOKi5na2VjbmFwcHMuY26CEmdvb2dsZWRvd25sb2Fkcy5jboIUKi5n\nb29nbGVkb3dubG9hZHMuY26CEHJlY2FwdGNoYS5uZXQuY26CEioucmVjYXB0Y2hh\nLm5ldC5jboILd2lkZXZpbmUuY26CDSoud2lkZXZpbmUuY26CEWFtcHByb2plY3Qu\nb3JnLmNughMqLmFtcHByb2plY3Qub3JnLmNughFhbXBwcm9qZWN0Lm5ldC5jboIT\nKi5hbXBwcm9qZWN0Lm5ldC5jboIXZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CGSou\nZ29vZ2xlLWFuYWx5dGljcy1jbi5jb22CF2dvb2dsZWFkc2VydmljZXMtY24uY29t\nghkqLmdvb2dsZWFkc2VydmljZXMtY24uY29tghFnb29nbGV2YWRzLWNuLmNvbYIT\nKi5nb29nbGV2YWRzLWNuLmNvbYIRZ29vZ2xlYXBpcy1jbi5jb22CEyouZ29vZ2xl\nYXBpcy1jbi5jb22CFWdvb2dsZW9wdGltaXplLWNuLmNvbYIXKi5nb29nbGVvcHRp\nbWl6ZS1jbi5jb22CEmRvdWJsZWNsaWNrLWNuLm5ldIIUKi5kb3VibGVjbGljay1j\nbi5uZXSCGCouZmxzLmRvdWJsZWNsaWNrLWNuLm5ldIIWKi5nLmRvdWJsZWNsaWNr\nLWNuLm5ldIIOZG91YmxlY2xpY2suY26CECouZG91YmxlY2xpY2suY26CFCouZmxz\nLmRvdWJsZWNsaWNrLmNughIqLmcuZG91YmxlY2xpY2suY26CEWRhcnRzZWFyY2gt\nY24ubmV0ghMqLmRhcnRzZWFyY2gtY24ubmV0gh1nb29nbGV0cmF2ZWxhZHNlcnZp\nY2VzLWNuLmNvbYIfKi5nb29nbGV0cmF2ZWxhZHNlcnZpY2VzLWNuLmNvbYIYZ29v\nZ2xldGFnc2VydmljZXMtY24uY29tghoqLmdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNv\nbYIXZ29vZ2xldGFnbWFuYWdlci1jbi5jb22CGSouZ29vZ2xldGFnbWFuYWdlci1j\nbi5jb22CGGdvb2dsZXN5bmRpY2F0aW9uLWNuLmNvbYIaKi5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CJCouc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLWNuLmNv\nbYIWYXBwLW1lYXN1cmVtZW50LWNuLmNvbYIYKi5hcHAtbWVhc3VyZW1lbnQtY24u\nY29tggtndnQxLWNuLmNvbYINKi5ndnQxLWNuLmNvbYILZ3Z0Mi1jbi5jb22CDSou\nZ3Z0Mi1jbi5jb22CCzJtZG4tY24ubmV0gg0qLjJtZG4tY24ubmV0ghRnb29nbGVm\nbGlnaHRzLWNuLm5ldIIWKi5nb29nbGVmbGlnaHRzLWNuLm5ldIIMYWRtb2ItY24u\nY29tgg4qLmFkbW9iLWNuLmNvbYINKi5nc3RhdGljLmNvbYIUKi5tZXRyaWMuZ3N0\nYXRpYy5jb22CCiouZ3Z0MS5jb22CESouZ2NwY2RuLmd2dDEuY29tggoqLmd2dDIu\nY29tgg4qLmdjcC5ndnQyLmNvbYIQKi51cmwuZ29vZ2xlLmNvbYIWKi55b3V0dWJl\nLW5vY29va2llLmNvbYILKi55dGltZy5jb22CC2FuZHJvaWQuY29tgg0qLmFuZHJv\naWQuY29tghMqLmZsYXNoLmFuZHJvaWQuY29tggRnLmNuggYqLmcuY26CBGcuY2+C\nBiouZy5jb4IGZ29vLmdsggp3d3cuZ29vLmdsghRnb29nbGUtYW5hbHl0aWNzLmNv\nbYIWKi5nb29nbGUtYW5hbHl0aWNzLmNvbYIKZ29vZ2xlLmNvbYISZ29vZ2xlY29t\nbWVyY2UuY29tghQqLmdvb2dsZWNvbW1lcmNlLmNvbYIIZ2dwaHQuY26CCiouZ2dw\naHQuY26CCnVyY2hpbi5jb22CDCoudXJjaGluLmNvbYIIeW91dHUuYmWCC3lvdXR1\nYmUuY29tgg0qLnlvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbYIWKi55\nb3V0dWJlZWR1Y2F0aW9uLmNvbYIPeW91dHViZWtpZHMuY29tghEqLnlvdXR1YmVr\naWRzLmNvbYIFeXQuYmWCByoueXQuYmWCGmFuZHJvaWQuY2xpZW50cy5nb29nbGUu\nY29tghtkZXZlbG9wZXIuYW5kcm9pZC5nb29nbGUuY26CHGRldmVsb3BlcnMuYW5k\ncm9pZC5nb29nbGUuY26CGHNvdXJjZS5hbmRyb2lkLmdvb2dsZS5jbjAhBgNVHSAE\nGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAvoC2GK2h0\ndHA6Ly9jcmxzLnBraS5nb29nL2d0czFjMy9RcUZ4Ymk5TTQ4Yy5jcmwwggEFBgor\nBgEEAdZ5AgQCBIH2BIHzAPEAdwApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZc\nJV3HhAAAAX1pt0b0AAAEAwBIMEYCIQC1x9lAp2IZtthi0mxfjtSDXCR714tElKsl\nM61c4kJv/gIhAJPjgGFY5XBnQSaV/jHFfoRcbksMU+lruflT+sfvLLqcAHYAQcjK\nsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF9abdHmAAABAMARzBFAiEA\nhzUCqPYG77z0wZUE3y2DmZhTaStBB9BMVBfYSQmYTogCIHbA8hBzj6kjpaw57Zid\ntP5Dz5Zli2xOJQB+W4s15tI8MA0GCSqGSIb3DQEBCwUAA4IBAQB2aorYRKwUQJI2\n80q1y1Q2Z8c6pem1MWxRX/Ptapmsp1ucrsmu+VaC1YMCSlW1exVieyMhOIvcKDBy\n/8L0FUEAmsL8fCTroRQ4DnZVLelFk9vmVsiSQtfYHOf6rwEbOrv+94kk964iQCLQ\nFYN5klRqI0hWa3wYe6tnXm/2PvPbAwqsnAq3q+Iek+3pGm6YTshJyA7P9L176psd\ndm6slAYpHOryFcrvXzu1lHSylCAFNT/OYcH1GLTf0qJXuN7YnX9swoYu2oCDkIyA\nHss2DDp7f8qf0VgDNNxZB8drZ9ID85YA3qgeIbHHAB8UIj8qkKXkmybfMxVL0lz3\niY73asSm\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "vU56xz130U36VqWYgldabl+ckbo=", + "fingerprint_sha256": "Etq1XziM4dAVPJQLgqP+8Xo2sL06Jdsb3IQ6Y10L9eI=", + "hpkp_pin": "Z7iX8iPL/tb+En3S+O8dX8VWg/fn/BYJGWopTO3cNqU=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2022-02-21T02:22:32", + "not_valid_before": "2021-11-29T02:22:33", + "public_key": { + "algorithm": "_EllipticCurvePublicKey", + "ec_curve_name": "secp256r1", + "ec_x": 73166589468063978768506719647133910110540739867789316741176125650210060900177, + "ec_y": 90630578406819255037429180973183047516286263827387529370526503825550657422685, + "key_size": 256, + "rsa_e": null, + "rsa_n": null + }, + "serial_number": 333285949074278727503634643736840240434, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.google.com", + "value": "*.google.com" + } + ], + "rfc4514_string": "CN=*.google.com" + }, + "subject_alternative_name": { + "dns": [ + "*.google.com", + "*.appengine.google.com", + "*.bdn.dev", + "*.cloud.google.com", + "*.crowdsource.google.com", + "*.datacompute.google.com", + "*.google.ca", + "*.google.cl", + "*.google.co.in", + "*.google.co.jp", + "*.google.co.uk", + "*.google.com.ar", + "*.google.com.au", + "*.google.com.br", + "*.google.com.co", + "*.google.com.mx", + "*.google.com.tr", + "*.google.com.vn", + "*.google.de", + "*.google.es", + "*.google.fr", + "*.google.hu", + "*.google.it", + "*.google.nl", + "*.google.pl", + "*.google.pt", + "*.googleadapis.com", + "*.googleapis.cn", + "*.googlevideo.com", + "*.gstatic.cn", + "*.gstatic-cn.com", + "googlecnapps.cn", + "*.googlecnapps.cn", + "googleapps-cn.com", + "*.googleapps-cn.com", + "gkecnapps.cn", + "*.gkecnapps.cn", + "googledownloads.cn", + "*.googledownloads.cn", + "recaptcha.net.cn", + "*.recaptcha.net.cn", + "widevine.cn", + "*.widevine.cn", + "ampproject.org.cn", + "*.ampproject.org.cn", + "ampproject.net.cn", + "*.ampproject.net.cn", + "google-analytics-cn.com", + "*.google-analytics-cn.com", + "googleadservices-cn.com", + "*.googleadservices-cn.com", + "googlevads-cn.com", + "*.googlevads-cn.com", + "googleapis-cn.com", + "*.googleapis-cn.com", + "googleoptimize-cn.com", + "*.googleoptimize-cn.com", + "doubleclick-cn.net", + "*.doubleclick-cn.net", + "*.fls.doubleclick-cn.net", + "*.g.doubleclick-cn.net", + "doubleclick.cn", + "*.doubleclick.cn", + "*.fls.doubleclick.cn", + "*.g.doubleclick.cn", + "dartsearch-cn.net", + "*.dartsearch-cn.net", + "googletraveladservices-cn.com", + "*.googletraveladservices-cn.com", + "googletagservices-cn.com", + "*.googletagservices-cn.com", + "googletagmanager-cn.com", + "*.googletagmanager-cn.com", + "googlesyndication-cn.com", + "*.googlesyndication-cn.com", + "*.safeframe.googlesyndication-cn.com", + "app-measurement-cn.com", + "*.app-measurement-cn.com", + "gvt1-cn.com", + "*.gvt1-cn.com", + "gvt2-cn.com", + "*.gvt2-cn.com", + "2mdn-cn.net", + "*.2mdn-cn.net", + "googleflights-cn.net", + "*.googleflights-cn.net", + "admob-cn.com", + "*.admob-cn.com", + "*.gstatic.com", + "*.metric.gstatic.com", + "*.gvt1.com", + "*.gcpcdn.gvt1.com", + "*.gvt2.com", + "*.gcp.gvt2.com", + "*.url.google.com", + "*.youtube-nocookie.com", + "*.ytimg.com", + "android.com", + "*.android.com", + "*.flash.android.com", + "g.cn", + "*.g.cn", + "g.co", + "*.g.co", + "goo.gl", + "www.goo.gl", + "google-analytics.com", + "*.google-analytics.com", + "google.com", + "googlecommerce.com", + "*.googlecommerce.com", + "ggpht.cn", + "*.ggpht.cn", + "urchin.com", + "*.urchin.com", + "youtu.be", + "youtube.com", + "*.youtube.com", + "youtubeeducation.com", + "*.youtubeeducation.com", + "youtubekids.com", + "*.youtubekids.com", + "yt.be", + "*.yt.be", + "android.clients.google.com", + "developer.android.google.cn", + "developers.android.google.cn", + "source.android.google.cn" + ] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", + "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", + "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2027-09-30T00:00:42", + "not_valid_before": "2020-08-13T00:00:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 + }, + "serial_number": 159612451717983579589660725350, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", + "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", + "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2036-06-22T00:00:00", + "not_valid_before": "2016-06-22T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 + }, + "serial_number": 146587175971765017618439757810265552097, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.12", + "name": "sha384WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 48, + "name": "sha384" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "verified_chain_has_legacy_symantec_anchor": false, + "verified_chain_has_sha1_signature": false + }, + { + "leaf_certificate_has_must_staple_extension": false, + "leaf_certificate_is_ev": false, + "leaf_certificate_signed_certificate_timestamps_count": 2, + "leaf_certificate_subject_matches_hostname": true, + "ocsp_response": null, + "ocsp_response_is_trusted": null, + "path_validation_results": [ + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Android", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/google_aosp.pem", + "version": "12.0.0_r3" + }, + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIOfTCCDWWgAwIBAgIQd+2aBfss7EsKAAAAASX9FTANBgkqhkiG9w0BAQsFADBG\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzETMBEGA1UEAxMKR1RTIENBIDFDMzAeFw0yMTExMjkwMjIxNDBaFw0yMjAyMjEw\nMjIxMzlaMBcxFTATBgNVBAMMDCouZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAK1kyHzdiamF+Vh9PQCWLDW0Vp2ANmwZqiacEv/eFnfR\n2UcU9aZ7Hpd8hxfUYTnXsOL5nNW/NO1go/7c3gOxHTysGFHL5ABwzX94qpXpBaGQ\nkGg5IW9s0PDeZWJIIcgxcNAmT6C3WZh8ZC++EksniGezcpPIx2jlj2//K/GVPrUH\n2H8AruFnkJo7S4ab4+noxyu3RGhqc9w8Spyrl9lO4ZKdwRJDf1+Ad/g+Z03KxuTl\nllN87aXdog05WbEIwroMJPXXr2b1BiTiTW0RUrweT2OU5jsMjt88obokCi4xpdR2\nCLKgKIOcXV2YCqptVHK1K48NpLtMefFBiwuLCzMzFEECAwEAAaOCC5QwgguQMA4G\nA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRkbVrunXMAhh6SIpqkw571PmHaxDAfBgNVHSMEGDAWgBSKdH+v\nhc3ulc09nNDiRhTzcTUdJzBqBggrBgEFBQcBAQReMFwwJwYIKwYBBQUHMAGGG2h0\ndHA6Ly9vY3NwLnBraS5nb29nL2d0czFjMzAxBggrBgEFBQcwAoYlaHR0cDovL3Br\naS5nb29nL3JlcG8vY2VydHMvZ3RzMWMzLmRlcjCCCUIGA1UdEQSCCTkwggk1ggwq\nLmdvb2dsZS5jb22CFiouYXBwZW5naW5lLmdvb2dsZS5jb22CCSouYmRuLmRldoIS\nKi5jbG91ZC5nb29nbGUuY29tghgqLmNyb3dkc291cmNlLmdvb2dsZS5jb22CGCou\nZGF0YWNvbXB1dGUuZ29vZ2xlLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNs\ngg4qLmdvb2dsZS5jby5pboIOKi5nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVr\ngg8qLmdvb2dsZS5jb20uYXKCDyouZ29vZ2xlLmNvbS5hdYIPKi5nb29nbGUuY29t\nLmJygg8qLmdvb2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIPKi5nb29nbGUu\nY29tLnRygg8qLmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5l\nc4ILKi5nb29nbGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29n\nbGUubmyCCyouZ29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMu\nY29tgg8qLmdvb2dsZWFwaXMuY26CESouZ29vZ2xldmlkZW8uY29tggwqLmdzdGF0\naWMuY26CECouZ3N0YXRpYy1jbi5jb22CD2dvb2dsZWNuYXBwcy5jboIRKi5nb29n\nbGVjbmFwcHMuY26CEWdvb2dsZWFwcHMtY24uY29tghMqLmdvb2dsZWFwcHMtY24u\nY29tggxna2VjbmFwcHMuY26CDiouZ2tlY25hcHBzLmNughJnb29nbGVkb3dubG9h\nZHMuY26CFCouZ29vZ2xlZG93bmxvYWRzLmNughByZWNhcHRjaGEubmV0LmNughIq\nLnJlY2FwdGNoYS5uZXQuY26CC3dpZGV2aW5lLmNugg0qLndpZGV2aW5lLmNughFh\nbXBwcm9qZWN0Lm9yZy5jboITKi5hbXBwcm9qZWN0Lm9yZy5jboIRYW1wcHJvamVj\ndC5uZXQuY26CEyouYW1wcHJvamVjdC5uZXQuY26CF2dvb2dsZS1hbmFseXRpY3Mt\nY24uY29tghkqLmdvb2dsZS1hbmFseXRpY3MtY24uY29tghdnb29nbGVhZHNlcnZp\nY2VzLWNuLmNvbYIZKi5nb29nbGVhZHNlcnZpY2VzLWNuLmNvbYIRZ29vZ2xldmFk\ncy1jbi5jb22CEyouZ29vZ2xldmFkcy1jbi5jb22CEWdvb2dsZWFwaXMtY24uY29t\nghMqLmdvb2dsZWFwaXMtY24uY29tghVnb29nbGVvcHRpbWl6ZS1jbi5jb22CFyou\nZ29vZ2xlb3B0aW1pemUtY24uY29tghJkb3VibGVjbGljay1jbi5uZXSCFCouZG91\nYmxlY2xpY2stY24ubmV0ghgqLmZscy5kb3VibGVjbGljay1jbi5uZXSCFiouZy5k\nb3VibGVjbGljay1jbi5uZXSCDmRvdWJsZWNsaWNrLmNughAqLmRvdWJsZWNsaWNr\nLmNughQqLmZscy5kb3VibGVjbGljay5jboISKi5nLmRvdWJsZWNsaWNrLmNughFk\nYXJ0c2VhcmNoLWNuLm5ldIITKi5kYXJ0c2VhcmNoLWNuLm5ldIIdZ29vZ2xldHJh\ndmVsYWRzZXJ2aWNlcy1jbi5jb22CHyouZ29vZ2xldHJhdmVsYWRzZXJ2aWNlcy1j\nbi5jb22CGGdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNvbYIaKi5nb29nbGV0YWdzZXJ2\naWNlcy1jbi5jb22CF2dvb2dsZXRhZ21hbmFnZXItY24uY29tghkqLmdvb2dsZXRh\nZ21hbmFnZXItY24uY29tghhnb29nbGVzeW5kaWNhdGlvbi1jbi5jb22CGiouZ29v\nZ2xlc3luZGljYXRpb24tY24uY29tgiQqLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CFmFwcC1tZWFzdXJlbWVudC1jbi5jb22CGCouYXBwLW1lYXN1\ncmVtZW50LWNuLmNvbYILZ3Z0MS1jbi5jb22CDSouZ3Z0MS1jbi5jb22CC2d2dDIt\nY24uY29tgg0qLmd2dDItY24uY29tggsybWRuLWNuLm5ldIINKi4ybWRuLWNuLm5l\ndIIUZ29vZ2xlZmxpZ2h0cy1jbi5uZXSCFiouZ29vZ2xlZmxpZ2h0cy1jbi5uZXSC\nDGFkbW9iLWNuLmNvbYIOKi5hZG1vYi1jbi5jb22CDSouZ3N0YXRpYy5jb22CFCou\nbWV0cmljLmdzdGF0aWMuY29tggoqLmd2dDEuY29tghEqLmdjcGNkbi5ndnQxLmNv\nbYIKKi5ndnQyLmNvbYIOKi5nY3AuZ3Z0Mi5jb22CECoudXJsLmdvb2dsZS5jb22C\nFioueW91dHViZS1ub2Nvb2tpZS5jb22CCyoueXRpbWcuY29tggthbmRyb2lkLmNv\nbYINKi5hbmRyb2lkLmNvbYITKi5mbGFzaC5hbmRyb2lkLmNvbYIEZy5jboIGKi5n\nLmNuggRnLmNvggYqLmcuY2+CBmdvby5nbIIKd3d3Lmdvby5nbIIUZ29vZ2xlLWFu\nYWx5dGljcy5jb22CFiouZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5jb22C\nEmdvb2dsZWNvbW1lcmNlLmNvbYIUKi5nb29nbGVjb21tZXJjZS5jb22CCGdncGh0\nLmNuggoqLmdncGh0LmNuggp1cmNoaW4uY29tggwqLnVyY2hpbi5jb22CCHlvdXR1\nLmJlggt5b3V0dWJlLmNvbYINKi55b3V0dWJlLmNvbYIUeW91dHViZWVkdWNhdGlv\nbi5jb22CFioueW91dHViZWVkdWNhdGlvbi5jb22CD3lvdXR1YmVraWRzLmNvbYIR\nKi55b3V0dWJla2lkcy5jb22CBXl0LmJlggcqLnl0LmJlghphbmRyb2lkLmNsaWVu\ndHMuZ29vZ2xlLmNvbYIbZGV2ZWxvcGVyLmFuZHJvaWQuZ29vZ2xlLmNughxkZXZl\nbG9wZXJzLmFuZHJvaWQuZ29vZ2xlLmNughhzb3VyY2UuYW5kcm9pZC5nb29nbGUu\nY24wIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxYzMvemRBVHQwRXhfRmsu\nY3JsMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAKXm+8J45OSHwVnOfY6V35b5X\nfZxgCvj5TV0mXCVdx4QAAAF9abZ3FwAABAMASDBGAiEAzaVx7NE+ZVGOQ8o4xW2e\ndtM5xk0oOOA0T4Bx9a7GR34CIQCF7CLZ0JTrK5WHwYx/rWQ+fnvp/XADSAbosa5q\nb/Bv/AB3AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfWm2dywA\nAAQDAEgwRgIhAPALzEmjaCwQG4GBR0cM5D8p3NlEqWPJmqCDrcptclYdAiEAq9JX\nqm37pB/R/OHPGC7AjpKKCCJ1qpvwNZogH85ruS4wDQYJKoZIhvcNAQELBQADggEB\nAIxs/oH+o0mVzI1lnZZbGZP6YjtOX4x7PVC5sTnUPXma/gdwzIefnrSU4QF+cKv6\n+JsFSzvQhcDFkqq/C3K2xj3dikINauIqEFJWcbHVqv43a0Gkhqhqa1RvuYGJTaNk\n3PCqn2qpGxuwzYCBdGzu33G48XiLKqvThFmjcHyfgB7WTbOgLcjQEAA9buzLNjpS\n8ePPP8avbl3AsiVQko4VD7Rdf4RTEoY7QbVGQovmljr3zcSZoTtkh6Jj5h36sTtk\nqN3j5ES7RyC6hnh0eWrvFGt//yTFil/mEU7DYYTRA9U+1nrSppbSlWM3HGVN8po5\nx4JAV8fxdrUjFsDDGX3pa8Q=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "5t51VWELQYVRHE/2eiSYya+8G5A=", + "fingerprint_sha256": "wFJnEP8g/2R25wwFr2NDSJ9YvsCu8OnJ+fkLCkobWTY=", + "hpkp_pin": "bhmwkLYwGyUDDhzos11UGJYAKGwR9wyxC/knLZzlkSs=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" } - ], - "tls_version_used": "SSL_2_0" + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2022-02-21T02:21:39", + "not_valid_before": "2021-11-29T02:21:40", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 21888924785274671114212116798050489332058235941353934902816769603495162665725679579497244893212144953326782028588961935836208966504939320851802356955522834236195422537512627825798044971454314657647167856689142212031986940520202670028347541469889913737417086406535223731863751331155005571533908422639151265622861795192396361132263839721684170695529639757796817496945872409990350759925660522031382698065998695811983379259440878375311544679808296292938648598818902795405337007199137231174780159959136437972758527521905452372035990081824985079550831699188850043309540405746993861062800363226186126946878862482768494007361 + }, + "serial_number": 159411829818832564016018738286296431893, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.google.com", + "value": "*.google.com" + } + ], + "rfc4514_string": "CN=*.google.com" + }, + "subject_alternative_name": { + "dns": [ + "*.google.com", + "*.appengine.google.com", + "*.bdn.dev", + "*.cloud.google.com", + "*.crowdsource.google.com", + "*.datacompute.google.com", + "*.google.ca", + "*.google.cl", + "*.google.co.in", + "*.google.co.jp", + "*.google.co.uk", + "*.google.com.ar", + "*.google.com.au", + "*.google.com.br", + "*.google.com.co", + "*.google.com.mx", + "*.google.com.tr", + "*.google.com.vn", + "*.google.de", + "*.google.es", + "*.google.fr", + "*.google.hu", + "*.google.it", + "*.google.nl", + "*.google.pl", + "*.google.pt", + "*.googleadapis.com", + "*.googleapis.cn", + "*.googlevideo.com", + "*.gstatic.cn", + "*.gstatic-cn.com", + "googlecnapps.cn", + "*.googlecnapps.cn", + "googleapps-cn.com", + "*.googleapps-cn.com", + "gkecnapps.cn", + "*.gkecnapps.cn", + "googledownloads.cn", + "*.googledownloads.cn", + "recaptcha.net.cn", + "*.recaptcha.net.cn", + "widevine.cn", + "*.widevine.cn", + "ampproject.org.cn", + "*.ampproject.org.cn", + "ampproject.net.cn", + "*.ampproject.net.cn", + "google-analytics-cn.com", + "*.google-analytics-cn.com", + "googleadservices-cn.com", + "*.googleadservices-cn.com", + "googlevads-cn.com", + "*.googlevads-cn.com", + "googleapis-cn.com", + "*.googleapis-cn.com", + "googleoptimize-cn.com", + "*.googleoptimize-cn.com", + "doubleclick-cn.net", + "*.doubleclick-cn.net", + "*.fls.doubleclick-cn.net", + "*.g.doubleclick-cn.net", + "doubleclick.cn", + "*.doubleclick.cn", + "*.fls.doubleclick.cn", + "*.g.doubleclick.cn", + "dartsearch-cn.net", + "*.dartsearch-cn.net", + "googletraveladservices-cn.com", + "*.googletraveladservices-cn.com", + "googletagservices-cn.com", + "*.googletagservices-cn.com", + "googletagmanager-cn.com", + "*.googletagmanager-cn.com", + "googlesyndication-cn.com", + "*.googlesyndication-cn.com", + "*.safeframe.googlesyndication-cn.com", + "app-measurement-cn.com", + "*.app-measurement-cn.com", + "gvt1-cn.com", + "*.gvt1-cn.com", + "gvt2-cn.com", + "*.gvt2-cn.com", + "2mdn-cn.net", + "*.2mdn-cn.net", + "googleflights-cn.net", + "*.googleflights-cn.net", + "admob-cn.com", + "*.admob-cn.com", + "*.gstatic.com", + "*.metric.gstatic.com", + "*.gvt1.com", + "*.gcpcdn.gvt1.com", + "*.gvt2.com", + "*.gcp.gvt2.com", + "*.url.google.com", + "*.youtube-nocookie.com", + "*.ytimg.com", + "android.com", + "*.android.com", + "*.flash.android.com", + "g.cn", + "*.g.cn", + "g.co", + "*.g.co", + "goo.gl", + "www.goo.gl", + "google-analytics.com", + "*.google-analytics.com", + "google.com", + "googlecommerce.com", + "*.googlecommerce.com", + "ggpht.cn", + "*.ggpht.cn", + "urchin.com", + "*.urchin.com", + "youtu.be", + "youtube.com", + "*.youtube.com", + "youtubeeducation.com", + "*.youtubeeducation.com", + "youtubekids.com", + "*.youtubekids.com", + "yt.be", + "*.yt.be", + "android.clients.google.com", + "developer.android.google.cn", + "developers.android.google.cn", + "source.android.google.cn" + ] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", + "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", + "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2027-09-30T00:00:42", + "not_valid_before": "2020-08-13T00:00:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 + }, + "serial_number": 159612451717983579589660725350, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", + "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", + "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2036-06-22T00:00:00", + "not_valid_before": "2016-06-22T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 + }, + "serial_number": 146587175971765017618439757810265552097, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.12", + "name": "sha384WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 48, + "name": "sha384" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Apple", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/apple.pem", + "version": "iOS 15, iPadOS 15, macOS 12, tvOS 15, and watchOS 8" }, - "status": "COMPLETED" - }, - "ssl_3_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS error: wrong version number" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS error: wrong version number" + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIOfTCCDWWgAwIBAgIQd+2aBfss7EsKAAAAASX9FTANBgkqhkiG9w0BAQsFADBG\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzETMBEGA1UEAxMKR1RTIENBIDFDMzAeFw0yMTExMjkwMjIxNDBaFw0yMjAyMjEw\nMjIxMzlaMBcxFTATBgNVBAMMDCouZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAK1kyHzdiamF+Vh9PQCWLDW0Vp2ANmwZqiacEv/eFnfR\n2UcU9aZ7Hpd8hxfUYTnXsOL5nNW/NO1go/7c3gOxHTysGFHL5ABwzX94qpXpBaGQ\nkGg5IW9s0PDeZWJIIcgxcNAmT6C3WZh8ZC++EksniGezcpPIx2jlj2//K/GVPrUH\n2H8AruFnkJo7S4ab4+noxyu3RGhqc9w8Spyrl9lO4ZKdwRJDf1+Ad/g+Z03KxuTl\nllN87aXdog05WbEIwroMJPXXr2b1BiTiTW0RUrweT2OU5jsMjt88obokCi4xpdR2\nCLKgKIOcXV2YCqptVHK1K48NpLtMefFBiwuLCzMzFEECAwEAAaOCC5QwgguQMA4G\nA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRkbVrunXMAhh6SIpqkw571PmHaxDAfBgNVHSMEGDAWgBSKdH+v\nhc3ulc09nNDiRhTzcTUdJzBqBggrBgEFBQcBAQReMFwwJwYIKwYBBQUHMAGGG2h0\ndHA6Ly9vY3NwLnBraS5nb29nL2d0czFjMzAxBggrBgEFBQcwAoYlaHR0cDovL3Br\naS5nb29nL3JlcG8vY2VydHMvZ3RzMWMzLmRlcjCCCUIGA1UdEQSCCTkwggk1ggwq\nLmdvb2dsZS5jb22CFiouYXBwZW5naW5lLmdvb2dsZS5jb22CCSouYmRuLmRldoIS\nKi5jbG91ZC5nb29nbGUuY29tghgqLmNyb3dkc291cmNlLmdvb2dsZS5jb22CGCou\nZGF0YWNvbXB1dGUuZ29vZ2xlLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNs\ngg4qLmdvb2dsZS5jby5pboIOKi5nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVr\ngg8qLmdvb2dsZS5jb20uYXKCDyouZ29vZ2xlLmNvbS5hdYIPKi5nb29nbGUuY29t\nLmJygg8qLmdvb2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIPKi5nb29nbGUu\nY29tLnRygg8qLmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5l\nc4ILKi5nb29nbGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29n\nbGUubmyCCyouZ29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMu\nY29tgg8qLmdvb2dsZWFwaXMuY26CESouZ29vZ2xldmlkZW8uY29tggwqLmdzdGF0\naWMuY26CECouZ3N0YXRpYy1jbi5jb22CD2dvb2dsZWNuYXBwcy5jboIRKi5nb29n\nbGVjbmFwcHMuY26CEWdvb2dsZWFwcHMtY24uY29tghMqLmdvb2dsZWFwcHMtY24u\nY29tggxna2VjbmFwcHMuY26CDiouZ2tlY25hcHBzLmNughJnb29nbGVkb3dubG9h\nZHMuY26CFCouZ29vZ2xlZG93bmxvYWRzLmNughByZWNhcHRjaGEubmV0LmNughIq\nLnJlY2FwdGNoYS5uZXQuY26CC3dpZGV2aW5lLmNugg0qLndpZGV2aW5lLmNughFh\nbXBwcm9qZWN0Lm9yZy5jboITKi5hbXBwcm9qZWN0Lm9yZy5jboIRYW1wcHJvamVj\ndC5uZXQuY26CEyouYW1wcHJvamVjdC5uZXQuY26CF2dvb2dsZS1hbmFseXRpY3Mt\nY24uY29tghkqLmdvb2dsZS1hbmFseXRpY3MtY24uY29tghdnb29nbGVhZHNlcnZp\nY2VzLWNuLmNvbYIZKi5nb29nbGVhZHNlcnZpY2VzLWNuLmNvbYIRZ29vZ2xldmFk\ncy1jbi5jb22CEyouZ29vZ2xldmFkcy1jbi5jb22CEWdvb2dsZWFwaXMtY24uY29t\nghMqLmdvb2dsZWFwaXMtY24uY29tghVnb29nbGVvcHRpbWl6ZS1jbi5jb22CFyou\nZ29vZ2xlb3B0aW1pemUtY24uY29tghJkb3VibGVjbGljay1jbi5uZXSCFCouZG91\nYmxlY2xpY2stY24ubmV0ghgqLmZscy5kb3VibGVjbGljay1jbi5uZXSCFiouZy5k\nb3VibGVjbGljay1jbi5uZXSCDmRvdWJsZWNsaWNrLmNughAqLmRvdWJsZWNsaWNr\nLmNughQqLmZscy5kb3VibGVjbGljay5jboISKi5nLmRvdWJsZWNsaWNrLmNughFk\nYXJ0c2VhcmNoLWNuLm5ldIITKi5kYXJ0c2VhcmNoLWNuLm5ldIIdZ29vZ2xldHJh\ndmVsYWRzZXJ2aWNlcy1jbi5jb22CHyouZ29vZ2xldHJhdmVsYWRzZXJ2aWNlcy1j\nbi5jb22CGGdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNvbYIaKi5nb29nbGV0YWdzZXJ2\naWNlcy1jbi5jb22CF2dvb2dsZXRhZ21hbmFnZXItY24uY29tghkqLmdvb2dsZXRh\nZ21hbmFnZXItY24uY29tghhnb29nbGVzeW5kaWNhdGlvbi1jbi5jb22CGiouZ29v\nZ2xlc3luZGljYXRpb24tY24uY29tgiQqLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CFmFwcC1tZWFzdXJlbWVudC1jbi5jb22CGCouYXBwLW1lYXN1\ncmVtZW50LWNuLmNvbYILZ3Z0MS1jbi5jb22CDSouZ3Z0MS1jbi5jb22CC2d2dDIt\nY24uY29tgg0qLmd2dDItY24uY29tggsybWRuLWNuLm5ldIINKi4ybWRuLWNuLm5l\ndIIUZ29vZ2xlZmxpZ2h0cy1jbi5uZXSCFiouZ29vZ2xlZmxpZ2h0cy1jbi5uZXSC\nDGFkbW9iLWNuLmNvbYIOKi5hZG1vYi1jbi5jb22CDSouZ3N0YXRpYy5jb22CFCou\nbWV0cmljLmdzdGF0aWMuY29tggoqLmd2dDEuY29tghEqLmdjcGNkbi5ndnQxLmNv\nbYIKKi5ndnQyLmNvbYIOKi5nY3AuZ3Z0Mi5jb22CECoudXJsLmdvb2dsZS5jb22C\nFioueW91dHViZS1ub2Nvb2tpZS5jb22CCyoueXRpbWcuY29tggthbmRyb2lkLmNv\nbYINKi5hbmRyb2lkLmNvbYITKi5mbGFzaC5hbmRyb2lkLmNvbYIEZy5jboIGKi5n\nLmNuggRnLmNvggYqLmcuY2+CBmdvby5nbIIKd3d3Lmdvby5nbIIUZ29vZ2xlLWFu\nYWx5dGljcy5jb22CFiouZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5jb22C\nEmdvb2dsZWNvbW1lcmNlLmNvbYIUKi5nb29nbGVjb21tZXJjZS5jb22CCGdncGh0\nLmNuggoqLmdncGh0LmNuggp1cmNoaW4uY29tggwqLnVyY2hpbi5jb22CCHlvdXR1\nLmJlggt5b3V0dWJlLmNvbYINKi55b3V0dWJlLmNvbYIUeW91dHViZWVkdWNhdGlv\nbi5jb22CFioueW91dHViZWVkdWNhdGlvbi5jb22CD3lvdXR1YmVraWRzLmNvbYIR\nKi55b3V0dWJla2lkcy5jb22CBXl0LmJlggcqLnl0LmJlghphbmRyb2lkLmNsaWVu\ndHMuZ29vZ2xlLmNvbYIbZGV2ZWxvcGVyLmFuZHJvaWQuZ29vZ2xlLmNughxkZXZl\nbG9wZXJzLmFuZHJvaWQuZ29vZ2xlLmNughhzb3VyY2UuYW5kcm9pZC5nb29nbGUu\nY24wIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxYzMvemRBVHQwRXhfRmsu\nY3JsMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAKXm+8J45OSHwVnOfY6V35b5X\nfZxgCvj5TV0mXCVdx4QAAAF9abZ3FwAABAMASDBGAiEAzaVx7NE+ZVGOQ8o4xW2e\ndtM5xk0oOOA0T4Bx9a7GR34CIQCF7CLZ0JTrK5WHwYx/rWQ+fnvp/XADSAbosa5q\nb/Bv/AB3AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfWm2dywA\nAAQDAEgwRgIhAPALzEmjaCwQG4GBR0cM5D8p3NlEqWPJmqCDrcptclYdAiEAq9JX\nqm37pB/R/OHPGC7AjpKKCCJ1qpvwNZogH85ruS4wDQYJKoZIhvcNAQELBQADggEB\nAIxs/oH+o0mVzI1lnZZbGZP6YjtOX4x7PVC5sTnUPXma/gdwzIefnrSU4QF+cKv6\n+JsFSzvQhcDFkqq/C3K2xj3dikINauIqEFJWcbHVqv43a0Gkhqhqa1RvuYGJTaNk\n3PCqn2qpGxuwzYCBdGzu33G48XiLKqvThFmjcHyfgB7WTbOgLcjQEAA9buzLNjpS\n8ePPP8avbl3AsiVQko4VD7Rdf4RTEoY7QbVGQovmljr3zcSZoTtkh6Jj5h36sTtk\nqN3j5ES7RyC6hnh0eWrvFGt//yTFil/mEU7DYYTRA9U+1nrSppbSlWM3HGVN8po5\nx4JAV8fxdrUjFsDDGX3pa8Q=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "5t51VWELQYVRHE/2eiSYya+8G5A=", + "fingerprint_sha256": "wFJnEP8g/2R25wwFr2NDSJ9YvsCu8OnJ+fkLCkobWTY=", + "hpkp_pin": "bhmwkLYwGyUDDhzos11UGJYAKGwR9wyxC/knLZzlkSs=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2022-02-21T02:21:39", + "not_valid_before": "2021-11-29T02:21:40", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 21888924785274671114212116798050489332058235941353934902816769603495162665725679579497244893212144953326782028588961935836208966504939320851802356955522834236195422537512627825798044971454314657647167856689142212031986940520202670028347541469889913737417086406535223731863751331155005571533908422639151265622861795192396361132263839721684170695529639757796817496945872409990350759925660522031382698065998695811983379259440878375311544679808296292938648598818902795405337007199137231174780159959136437972758527521905452372035990081824985079550831699188850043309540405746993861062800363226186126946878862482768494007361 + }, + "serial_number": 159411829818832564016018738286296431893, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.google.com", + "value": "*.google.com" + } + ], + "rfc4514_string": "CN=*.google.com" + }, + "subject_alternative_name": { + "dns": [ + "*.google.com", + "*.appengine.google.com", + "*.bdn.dev", + "*.cloud.google.com", + "*.crowdsource.google.com", + "*.datacompute.google.com", + "*.google.ca", + "*.google.cl", + "*.google.co.in", + "*.google.co.jp", + "*.google.co.uk", + "*.google.com.ar", + "*.google.com.au", + "*.google.com.br", + "*.google.com.co", + "*.google.com.mx", + "*.google.com.tr", + "*.google.com.vn", + "*.google.de", + "*.google.es", + "*.google.fr", + "*.google.hu", + "*.google.it", + "*.google.nl", + "*.google.pl", + "*.google.pt", + "*.googleadapis.com", + "*.googleapis.cn", + "*.googlevideo.com", + "*.gstatic.cn", + "*.gstatic-cn.com", + "googlecnapps.cn", + "*.googlecnapps.cn", + "googleapps-cn.com", + "*.googleapps-cn.com", + "gkecnapps.cn", + "*.gkecnapps.cn", + "googledownloads.cn", + "*.googledownloads.cn", + "recaptcha.net.cn", + "*.recaptcha.net.cn", + "widevine.cn", + "*.widevine.cn", + "ampproject.org.cn", + "*.ampproject.org.cn", + "ampproject.net.cn", + "*.ampproject.net.cn", + "google-analytics-cn.com", + "*.google-analytics-cn.com", + "googleadservices-cn.com", + "*.googleadservices-cn.com", + "googlevads-cn.com", + "*.googlevads-cn.com", + "googleapis-cn.com", + "*.googleapis-cn.com", + "googleoptimize-cn.com", + "*.googleoptimize-cn.com", + "doubleclick-cn.net", + "*.doubleclick-cn.net", + "*.fls.doubleclick-cn.net", + "*.g.doubleclick-cn.net", + "doubleclick.cn", + "*.doubleclick.cn", + "*.fls.doubleclick.cn", + "*.g.doubleclick.cn", + "dartsearch-cn.net", + "*.dartsearch-cn.net", + "googletraveladservices-cn.com", + "*.googletraveladservices-cn.com", + "googletagservices-cn.com", + "*.googletagservices-cn.com", + "googletagmanager-cn.com", + "*.googletagmanager-cn.com", + "googlesyndication-cn.com", + "*.googlesyndication-cn.com", + "*.safeframe.googlesyndication-cn.com", + "app-measurement-cn.com", + "*.app-measurement-cn.com", + "gvt1-cn.com", + "*.gvt1-cn.com", + "gvt2-cn.com", + "*.gvt2-cn.com", + "2mdn-cn.net", + "*.2mdn-cn.net", + "googleflights-cn.net", + "*.googleflights-cn.net", + "admob-cn.com", + "*.admob-cn.com", + "*.gstatic.com", + "*.metric.gstatic.com", + "*.gvt1.com", + "*.gcpcdn.gvt1.com", + "*.gvt2.com", + "*.gcp.gvt2.com", + "*.url.google.com", + "*.youtube-nocookie.com", + "*.ytimg.com", + "android.com", + "*.android.com", + "*.flash.android.com", + "g.cn", + "*.g.cn", + "g.co", + "*.g.co", + "goo.gl", + "www.goo.gl", + "google-analytics.com", + "*.google-analytics.com", + "google.com", + "googlecommerce.com", + "*.googlecommerce.com", + "ggpht.cn", + "*.ggpht.cn", + "urchin.com", + "*.urchin.com", + "youtu.be", + "youtube.com", + "*.youtube.com", + "youtubeeducation.com", + "*.youtubeeducation.com", + "youtubekids.com", + "*.youtubekids.com", + "yt.be", + "*.yt.be", + "android.clients.google.com", + "developer.android.google.cn", + "developers.android.google.cn", + "source.android.google.cn" + ] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", + "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", + "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2027-09-30T00:00:42", + "not_valid_before": "2020-08-13T00:00:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 + }, + "serial_number": 159612451717983579589660725350, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", + "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", + "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2036-06-22T00:00:00", + "not_valid_before": "2016-06-22T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 + }, + "serial_number": 146587175971765017618439757810265552097, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.12", + "name": "sha384WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 48, + "name": "sha384" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" } - ], - "tls_version_used": "SSL_3_0" + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Java", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/oracle_java.pem", + "version": "jdk-13.0.2" }, - "status": "COMPLETED" - }, - "tls_1_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BLiPjeb1BEe7q2netSMbHnNQ4fS/aDS+XnUnhE+boa2EFqQJeirizSfkD7dYMJ1Q7vNU7X+49Pw6YNGZZb1hjRI=", - "size": 256, - "type_name": "ECDH", - "x": "uI+N5vUER7urad61Ixsec1Dh9L9oNL5edSeET5uhrYQ=", - "y": "FqQJeirizSfkD7dYMJ1Q7vNU7X+49Pw6YNGZZb1hjRI=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BMvQsJ6twgPYHWLcO+Mm9bJyzC9AYXhKIqL2QgL/OwKZ7wai0ql043INjn8QzJf9KenGKDQ9y5MX9Kzg2WbjoYA=", - "size": 256, - "type_name": "ECDH", - "x": "y9Cwnq3CA9gdYtw74yb1snLML0BheEoiovZCAv87Apk=", - "y": "7wai0ql043INjn8QzJf9KenGKDQ9y5MX9Kzg2WbjoYA=" - } + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIOfTCCDWWgAwIBAgIQd+2aBfss7EsKAAAAASX9FTANBgkqhkiG9w0BAQsFADBG\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzETMBEGA1UEAxMKR1RTIENBIDFDMzAeFw0yMTExMjkwMjIxNDBaFw0yMjAyMjEw\nMjIxMzlaMBcxFTATBgNVBAMMDCouZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAK1kyHzdiamF+Vh9PQCWLDW0Vp2ANmwZqiacEv/eFnfR\n2UcU9aZ7Hpd8hxfUYTnXsOL5nNW/NO1go/7c3gOxHTysGFHL5ABwzX94qpXpBaGQ\nkGg5IW9s0PDeZWJIIcgxcNAmT6C3WZh8ZC++EksniGezcpPIx2jlj2//K/GVPrUH\n2H8AruFnkJo7S4ab4+noxyu3RGhqc9w8Spyrl9lO4ZKdwRJDf1+Ad/g+Z03KxuTl\nllN87aXdog05WbEIwroMJPXXr2b1BiTiTW0RUrweT2OU5jsMjt88obokCi4xpdR2\nCLKgKIOcXV2YCqptVHK1K48NpLtMefFBiwuLCzMzFEECAwEAAaOCC5QwgguQMA4G\nA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRkbVrunXMAhh6SIpqkw571PmHaxDAfBgNVHSMEGDAWgBSKdH+v\nhc3ulc09nNDiRhTzcTUdJzBqBggrBgEFBQcBAQReMFwwJwYIKwYBBQUHMAGGG2h0\ndHA6Ly9vY3NwLnBraS5nb29nL2d0czFjMzAxBggrBgEFBQcwAoYlaHR0cDovL3Br\naS5nb29nL3JlcG8vY2VydHMvZ3RzMWMzLmRlcjCCCUIGA1UdEQSCCTkwggk1ggwq\nLmdvb2dsZS5jb22CFiouYXBwZW5naW5lLmdvb2dsZS5jb22CCSouYmRuLmRldoIS\nKi5jbG91ZC5nb29nbGUuY29tghgqLmNyb3dkc291cmNlLmdvb2dsZS5jb22CGCou\nZGF0YWNvbXB1dGUuZ29vZ2xlLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNs\ngg4qLmdvb2dsZS5jby5pboIOKi5nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVr\ngg8qLmdvb2dsZS5jb20uYXKCDyouZ29vZ2xlLmNvbS5hdYIPKi5nb29nbGUuY29t\nLmJygg8qLmdvb2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIPKi5nb29nbGUu\nY29tLnRygg8qLmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5l\nc4ILKi5nb29nbGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29n\nbGUubmyCCyouZ29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMu\nY29tgg8qLmdvb2dsZWFwaXMuY26CESouZ29vZ2xldmlkZW8uY29tggwqLmdzdGF0\naWMuY26CECouZ3N0YXRpYy1jbi5jb22CD2dvb2dsZWNuYXBwcy5jboIRKi5nb29n\nbGVjbmFwcHMuY26CEWdvb2dsZWFwcHMtY24uY29tghMqLmdvb2dsZWFwcHMtY24u\nY29tggxna2VjbmFwcHMuY26CDiouZ2tlY25hcHBzLmNughJnb29nbGVkb3dubG9h\nZHMuY26CFCouZ29vZ2xlZG93bmxvYWRzLmNughByZWNhcHRjaGEubmV0LmNughIq\nLnJlY2FwdGNoYS5uZXQuY26CC3dpZGV2aW5lLmNugg0qLndpZGV2aW5lLmNughFh\nbXBwcm9qZWN0Lm9yZy5jboITKi5hbXBwcm9qZWN0Lm9yZy5jboIRYW1wcHJvamVj\ndC5uZXQuY26CEyouYW1wcHJvamVjdC5uZXQuY26CF2dvb2dsZS1hbmFseXRpY3Mt\nY24uY29tghkqLmdvb2dsZS1hbmFseXRpY3MtY24uY29tghdnb29nbGVhZHNlcnZp\nY2VzLWNuLmNvbYIZKi5nb29nbGVhZHNlcnZpY2VzLWNuLmNvbYIRZ29vZ2xldmFk\ncy1jbi5jb22CEyouZ29vZ2xldmFkcy1jbi5jb22CEWdvb2dsZWFwaXMtY24uY29t\nghMqLmdvb2dsZWFwaXMtY24uY29tghVnb29nbGVvcHRpbWl6ZS1jbi5jb22CFyou\nZ29vZ2xlb3B0aW1pemUtY24uY29tghJkb3VibGVjbGljay1jbi5uZXSCFCouZG91\nYmxlY2xpY2stY24ubmV0ghgqLmZscy5kb3VibGVjbGljay1jbi5uZXSCFiouZy5k\nb3VibGVjbGljay1jbi5uZXSCDmRvdWJsZWNsaWNrLmNughAqLmRvdWJsZWNsaWNr\nLmNughQqLmZscy5kb3VibGVjbGljay5jboISKi5nLmRvdWJsZWNsaWNrLmNughFk\nYXJ0c2VhcmNoLWNuLm5ldIITKi5kYXJ0c2VhcmNoLWNuLm5ldIIdZ29vZ2xldHJh\ndmVsYWRzZXJ2aWNlcy1jbi5jb22CHyouZ29vZ2xldHJhdmVsYWRzZXJ2aWNlcy1j\nbi5jb22CGGdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNvbYIaKi5nb29nbGV0YWdzZXJ2\naWNlcy1jbi5jb22CF2dvb2dsZXRhZ21hbmFnZXItY24uY29tghkqLmdvb2dsZXRh\nZ21hbmFnZXItY24uY29tghhnb29nbGVzeW5kaWNhdGlvbi1jbi5jb22CGiouZ29v\nZ2xlc3luZGljYXRpb24tY24uY29tgiQqLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CFmFwcC1tZWFzdXJlbWVudC1jbi5jb22CGCouYXBwLW1lYXN1\ncmVtZW50LWNuLmNvbYILZ3Z0MS1jbi5jb22CDSouZ3Z0MS1jbi5jb22CC2d2dDIt\nY24uY29tgg0qLmd2dDItY24uY29tggsybWRuLWNuLm5ldIINKi4ybWRuLWNuLm5l\ndIIUZ29vZ2xlZmxpZ2h0cy1jbi5uZXSCFiouZ29vZ2xlZmxpZ2h0cy1jbi5uZXSC\nDGFkbW9iLWNuLmNvbYIOKi5hZG1vYi1jbi5jb22CDSouZ3N0YXRpYy5jb22CFCou\nbWV0cmljLmdzdGF0aWMuY29tggoqLmd2dDEuY29tghEqLmdjcGNkbi5ndnQxLmNv\nbYIKKi5ndnQyLmNvbYIOKi5nY3AuZ3Z0Mi5jb22CECoudXJsLmdvb2dsZS5jb22C\nFioueW91dHViZS1ub2Nvb2tpZS5jb22CCyoueXRpbWcuY29tggthbmRyb2lkLmNv\nbYINKi5hbmRyb2lkLmNvbYITKi5mbGFzaC5hbmRyb2lkLmNvbYIEZy5jboIGKi5n\nLmNuggRnLmNvggYqLmcuY2+CBmdvby5nbIIKd3d3Lmdvby5nbIIUZ29vZ2xlLWFu\nYWx5dGljcy5jb22CFiouZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5jb22C\nEmdvb2dsZWNvbW1lcmNlLmNvbYIUKi5nb29nbGVjb21tZXJjZS5jb22CCGdncGh0\nLmNuggoqLmdncGh0LmNuggp1cmNoaW4uY29tggwqLnVyY2hpbi5jb22CCHlvdXR1\nLmJlggt5b3V0dWJlLmNvbYINKi55b3V0dWJlLmNvbYIUeW91dHViZWVkdWNhdGlv\nbi5jb22CFioueW91dHViZWVkdWNhdGlvbi5jb22CD3lvdXR1YmVraWRzLmNvbYIR\nKi55b3V0dWJla2lkcy5jb22CBXl0LmJlggcqLnl0LmJlghphbmRyb2lkLmNsaWVu\ndHMuZ29vZ2xlLmNvbYIbZGV2ZWxvcGVyLmFuZHJvaWQuZ29vZ2xlLmNughxkZXZl\nbG9wZXJzLmFuZHJvaWQuZ29vZ2xlLmNughhzb3VyY2UuYW5kcm9pZC5nb29nbGUu\nY24wIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxYzMvemRBVHQwRXhfRmsu\nY3JsMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAKXm+8J45OSHwVnOfY6V35b5X\nfZxgCvj5TV0mXCVdx4QAAAF9abZ3FwAABAMASDBGAiEAzaVx7NE+ZVGOQ8o4xW2e\ndtM5xk0oOOA0T4Bx9a7GR34CIQCF7CLZ0JTrK5WHwYx/rWQ+fnvp/XADSAbosa5q\nb/Bv/AB3AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfWm2dywA\nAAQDAEgwRgIhAPALzEmjaCwQG4GBR0cM5D8p3NlEqWPJmqCDrcptclYdAiEAq9JX\nqm37pB/R/OHPGC7AjpKKCCJ1qpvwNZogH85ruS4wDQYJKoZIhvcNAQELBQADggEB\nAIxs/oH+o0mVzI1lnZZbGZP6YjtOX4x7PVC5sTnUPXma/gdwzIefnrSU4QF+cKv6\n+JsFSzvQhcDFkqq/C3K2xj3dikINauIqEFJWcbHVqv43a0Gkhqhqa1RvuYGJTaNk\n3PCqn2qpGxuwzYCBdGzu33G48XiLKqvThFmjcHyfgB7WTbOgLcjQEAA9buzLNjpS\n8ePPP8avbl3AsiVQko4VD7Rdf4RTEoY7QbVGQovmljr3zcSZoTtkh6Jj5h36sTtk\nqN3j5ES7RyC6hnh0eWrvFGt//yTFil/mEU7DYYTRA9U+1nrSppbSlWM3HGVN8po5\nx4JAV8fxdrUjFsDDGX3pa8Q=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "5t51VWELQYVRHE/2eiSYya+8G5A=", + "fingerprint_sha256": "wFJnEP8g/2R25wwFr2NDSJ9YvsCu8OnJ+fkLCkobWTY=", + "hpkp_pin": "bhmwkLYwGyUDDhzos11UGJYAKGwR9wyxC/knLZzlkSs=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2022-02-21T02:21:39", + "not_valid_before": "2021-11-29T02:21:40", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 21888924785274671114212116798050489332058235941353934902816769603495162665725679579497244893212144953326782028588961935836208966504939320851802356955522834236195422537512627825798044971454314657647167856689142212031986940520202670028347541469889913737417086406535223731863751331155005571533908422639151265622861795192396361132263839721684170695529639757796817496945872409990350759925660522031382698065998695811983379259440878375311544679808296292938648598818902795405337007199137231174780159959136437972758527521905452372035990081824985079550831699188850043309540405746993861062800363226186126946878862482768494007361 + }, + "serial_number": 159411829818832564016018738286296431893, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.google.com", + "value": "*.google.com" + } + ], + "rfc4514_string": "CN=*.google.com" + }, + "subject_alternative_name": { + "dns": [ + "*.google.com", + "*.appengine.google.com", + "*.bdn.dev", + "*.cloud.google.com", + "*.crowdsource.google.com", + "*.datacompute.google.com", + "*.google.ca", + "*.google.cl", + "*.google.co.in", + "*.google.co.jp", + "*.google.co.uk", + "*.google.com.ar", + "*.google.com.au", + "*.google.com.br", + "*.google.com.co", + "*.google.com.mx", + "*.google.com.tr", + "*.google.com.vn", + "*.google.de", + "*.google.es", + "*.google.fr", + "*.google.hu", + "*.google.it", + "*.google.nl", + "*.google.pl", + "*.google.pt", + "*.googleadapis.com", + "*.googleapis.cn", + "*.googlevideo.com", + "*.gstatic.cn", + "*.gstatic-cn.com", + "googlecnapps.cn", + "*.googlecnapps.cn", + "googleapps-cn.com", + "*.googleapps-cn.com", + "gkecnapps.cn", + "*.gkecnapps.cn", + "googledownloads.cn", + "*.googledownloads.cn", + "recaptcha.net.cn", + "*.recaptcha.net.cn", + "widevine.cn", + "*.widevine.cn", + "ampproject.org.cn", + "*.ampproject.org.cn", + "ampproject.net.cn", + "*.ampproject.net.cn", + "google-analytics-cn.com", + "*.google-analytics-cn.com", + "googleadservices-cn.com", + "*.googleadservices-cn.com", + "googlevads-cn.com", + "*.googlevads-cn.com", + "googleapis-cn.com", + "*.googleapis-cn.com", + "googleoptimize-cn.com", + "*.googleoptimize-cn.com", + "doubleclick-cn.net", + "*.doubleclick-cn.net", + "*.fls.doubleclick-cn.net", + "*.g.doubleclick-cn.net", + "doubleclick.cn", + "*.doubleclick.cn", + "*.fls.doubleclick.cn", + "*.g.doubleclick.cn", + "dartsearch-cn.net", + "*.dartsearch-cn.net", + "googletraveladservices-cn.com", + "*.googletraveladservices-cn.com", + "googletagservices-cn.com", + "*.googletagservices-cn.com", + "googletagmanager-cn.com", + "*.googletagmanager-cn.com", + "googlesyndication-cn.com", + "*.googlesyndication-cn.com", + "*.safeframe.googlesyndication-cn.com", + "app-measurement-cn.com", + "*.app-measurement-cn.com", + "gvt1-cn.com", + "*.gvt1-cn.com", + "gvt2-cn.com", + "*.gvt2-cn.com", + "2mdn-cn.net", + "*.2mdn-cn.net", + "googleflights-cn.net", + "*.googleflights-cn.net", + "admob-cn.com", + "*.admob-cn.com", + "*.gstatic.com", + "*.metric.gstatic.com", + "*.gvt1.com", + "*.gcpcdn.gvt1.com", + "*.gvt2.com", + "*.gcp.gvt2.com", + "*.url.google.com", + "*.youtube-nocookie.com", + "*.ytimg.com", + "android.com", + "*.android.com", + "*.flash.android.com", + "g.cn", + "*.g.cn", + "g.co", + "*.g.co", + "goo.gl", + "www.goo.gl", + "google-analytics.com", + "*.google-analytics.com", + "google.com", + "googlecommerce.com", + "*.googlecommerce.com", + "ggpht.cn", + "*.ggpht.cn", + "urchin.com", + "*.urchin.com", + "youtu.be", + "youtube.com", + "*.youtube.com", + "youtubeeducation.com", + "*.youtubeeducation.com", + "youtubekids.com", + "*.youtubekids.com", + "yt.be", + "*.yt.be", + "android.clients.google.com", + "developer.android.google.cn", + "developers.android.google.cn", + "source.android.google.cn" + ] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", + "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", + "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2027-09-30T00:00:42", + "not_valid_before": "2020-08-13T00:00:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 + }, + "serial_number": 159612451717983579589660725350, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFYjCCBEqgAwIBAgIQd70NbNs2+RrqIQ/E8FjTDTANBgkqhkiG9w0BAQsFADBX\nMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE\nCxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIwMDYx\nOTAwMDA0MloXDTI4MDEyODAwMDA0MlowRzELMAkGA1UEBhMCVVMxIjAgBgNVBAoT\nGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBMTEMxFDASBgNVBAMTC0dUUyBSb290IFIx\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAthECix7joXebO9y/lD63\nladAPKH9gvl9MgaCcfb2jH/76Nu8ai6Xl6OMS/kr9rH5zoQdsfnFl97vufKj6bwS\niV6nqlKr+CMny6SxnGPb15l+8Ape62im9MZaRw1NEDPjTrETo8gYbEvs/AmQ351k\nKSUjB6G00j0uYODP0gmHu81I8E3CwnqIiru6z1kZ1q+PsAewnjHxgsHA3y6mbWwZ\nDrXYfiYaRQM9sHmklCitD38m5agI/pboPGiUU+6DOogrFZYJsuB6jC511pzrp1Zk\nj5ZPaK49l8KEj8C8QMALXL32h7M1bKwYUH+E4EzNktMg6TO8UpmvMrUpsyUqtEj5\ncuHKZPfmghCN6J3Cioj6OGaK/GP5Afl4/Xtcd/p2h/rs37EOeZVXtL0m79YB0esW\nCruOC7XFxYpVq9Os6pFLKcwZpDIlTirxZUTQAs6qzkm06p98g7BAe+dDq6dso499\niYH6TKX/1Y7DzkvgtdizjkXPdsDtQCv9Uw+wp9U7DbGKogPeMa3Md+pvez7W35Ei\nEua++tgy/BBjFFFy3l3WFpO9KWgz7zpm7AeKJt8T11dleCfeXkkUAKIAf5qoIbap\nsZWwpbkNFhHax2xIPEDgfg1azVY80ZcFuctL7TlLnMQ/0lUTbiSw1nH69MG6zO0b\n9f6BQdgAmD06yK56mDcYBZUCAwEAAaOCATgwggE0MA4GA1UdDwEB/wQEAwIBhjAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTkrysmcRorSCeFL1JmLO/wiRNxPjAf\nBgNVHSMEGDAWgBRge2YaRQ2XyolQL30EzTSo//z9SzBgBggrBgEFBQcBAQRUMFIw\nJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnBraS5nb29nL2dzcjEwKQYIKwYBBQUH\nMAKGHWh0dHA6Ly9wa2kuZ29vZy9nc3IxL2dzcjEuY3J0MDIGA1UdHwQrMCkwJ6Al\noCOGIWh0dHA6Ly9jcmwucGtpLmdvb2cvZ3NyMS9nc3IxLmNybDA7BgNVHSAENDAy\nMAgGBmeBDAECATAIBgZngQwBAgIwDQYLKwYBBAHWeQIFAwIwDQYLKwYBBAHWeQIF\nAwMwDQYJKoZIhvcNAQELBQADggEBADSkHrEoo9C0dhemMXoh6dFSPsjbdBZBiLg9\nNR3t5P+T4Vxfq7vqfM/b5A3Ri1fyJm9bvhdGaJQ3b2t6yMAYN/olUazsaL+yyEn9\nWprKASOshIArAoyZl+tJaox118fessmXn1hIVw41oeQa1v1vg4Fv74zPl6/AhSrw\n9U5pCZEt4Wi4wStz6dTZ/CLANx8LZh1J7QJVj2fhMtfTJr9w4z30Z209fOU0iOMy\n+qduBmpvvYuR7hZL6Dupszfnw0Skfths18dG9ZKb59UhvmaSGZRVbNQpsg3BZlvi\nd0lIKO2d1xozclOzgjXPYovJJIultzkMu34qQb9Sz/yilrbCgj8=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "CHRUh+iRwZ4weMHyoH5FKVDvNvY=", + "fingerprint_sha256": "PuAnjfcfo8ElxM1IfwHXdGlOb8V+DNlMJO/XaRM5GOU=", + "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=BE", + "value": "BE" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=GlobalSign nv-sa", + "value": "GlobalSign nv-sa" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=Root CA", + "value": "Root CA" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GlobalSign Root CA", + "value": "GlobalSign Root CA" + } + ], + "rfc4514_string": "CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE" + }, + "not_valid_after": "2028-01-28T00:00:42", + "not_valid_before": "2020-06-19T00:00:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 + }, + "serial_number": 159159747900478145820483398898491642637, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" } - ], - "tls_version_used": "TLS_1_0" + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG\nA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv\nb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw\nMDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i\nYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT\naWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ\njc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp\nxy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp\n1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG\nsnUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ\nU26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8\n9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E\nBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B\nAQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz\nyj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE\n38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP\nAbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad\nDKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME\nHMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "sbyWi9T0nWIqqJqB8hUBUqQdgpw=", + "fingerprint_sha256": "69QQQOS7PsdCyeOB0x7ypBpItmhclufO88HfbNQzHJk=", + "hpkp_pin": "K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=BE", + "value": "BE" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=GlobalSign nv-sa", + "value": "GlobalSign nv-sa" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=Root CA", + "value": "Root CA" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GlobalSign Root CA", + "value": "GlobalSign Root CA" + } + ], + "rfc4514_string": "CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE" + }, + "not_valid_after": "2028-01-28T12:00:00", + "not_valid_before": "1998-09-01T12:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27527298331346624659307815003393871405544020859223571253338520804765223430982458246098772321151941672961640627675186276205051526242643378100158885513217742058056466168392650055013100104849176312294167242041140310435772026717601763184706480259485212806902223894888566729634266984619221168862421838192203495151893762216777748330129909588210203299778581898175320882908371930984451809054509645379277309791084909705758372477320893336152882629891014286744815684371510751674825920204180490258122986862539585201934155220945732937830308834387108046657005363452071776396707181283143463213972159925612976006433949563180335468751 + }, + "serial_number": 4835703278459707669005204, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=BE", + "value": "BE" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=GlobalSign nv-sa", + "value": "GlobalSign nv-sa" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=Root CA", + "value": "Root CA" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GlobalSign Root CA", + "value": "GlobalSign Root CA" + } + ], + "rfc4514_string": "CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": [ + { + "dotted_string": "1.2.276.0.44.1.1.1.4", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.392.200091.100.721.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.40.0.17.1.22", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.616.1.113527.2.5.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.159.1.17.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.13177.10.1.3.10", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14370.1.6", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14777.6.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14777.6.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.14.2.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.14.2.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.8.12.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.8.12.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.22234.2.5.2.3.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.23223.1.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.29836.1.10", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.3", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.4", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.36305.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.40869.1.1.22.3", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.4146.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.4788.2.202.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.6334.1.100.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.6449.1.2.1.5.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.782.1.2.1.8.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.7879.13.24.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.8024.0.2.100.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.156.112554.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.528.1.1003.1.2.7", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.578.1.26.1.3.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.756.1.83.21.0", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.756.1.89.1.2.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.792.3.0.3.1.1.5", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.792.3.0.4.1.1.4", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.113733.1.7.23.6", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.113733.1.7.48.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114028.10.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114171.500.9", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114404.1.1.2.4.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114412.2.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114413.1.7.23.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114414.1.7.23.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114414.1.7.24.3", + "name": "Unknown OID" + } + ], + "name": "Mozilla", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/mozilla_nss.pem", + "version": "2021-09-25" }, - "status": "COMPLETED" - }, - "tls_1_1_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BOp0jEFB0z9uE6CalMowVr0qdLwt4GZLeez9stQ3o2XHKTd21NbGKwaqYuB1z0i625wT28vO3xRkCxNq+4Nmo0Q=", - "size": 256, - "type_name": "ECDH", - "x": "6nSMQUHTP24ToJqUyjBWvSp0vC3gZkt57P2y1DejZcc=", - "y": "KTd21NbGKwaqYuB1z0i625wT28vO3xRkCxNq+4Nmo0Q=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BEzMjBhYe8xWtm2YGMGuO5txPeOcc83sqyaU5T//IWdOZTpcu8awhuDmvgj0c9wZdxIqGVUXiE4XzwtjtQIJc50=", - "size": 256, - "type_name": "ECDH", - "x": "TMyMGFh7zFa2bZgYwa47m3E945xzzeyrJpTlP/8hZ04=", - "y": "ZTpcu8awhuDmvgj0c9wZdxIqGVUXiE4XzwtjtQIJc50=" - } + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIOfTCCDWWgAwIBAgIQd+2aBfss7EsKAAAAASX9FTANBgkqhkiG9w0BAQsFADBG\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzETMBEGA1UEAxMKR1RTIENBIDFDMzAeFw0yMTExMjkwMjIxNDBaFw0yMjAyMjEw\nMjIxMzlaMBcxFTATBgNVBAMMDCouZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAK1kyHzdiamF+Vh9PQCWLDW0Vp2ANmwZqiacEv/eFnfR\n2UcU9aZ7Hpd8hxfUYTnXsOL5nNW/NO1go/7c3gOxHTysGFHL5ABwzX94qpXpBaGQ\nkGg5IW9s0PDeZWJIIcgxcNAmT6C3WZh8ZC++EksniGezcpPIx2jlj2//K/GVPrUH\n2H8AruFnkJo7S4ab4+noxyu3RGhqc9w8Spyrl9lO4ZKdwRJDf1+Ad/g+Z03KxuTl\nllN87aXdog05WbEIwroMJPXXr2b1BiTiTW0RUrweT2OU5jsMjt88obokCi4xpdR2\nCLKgKIOcXV2YCqptVHK1K48NpLtMefFBiwuLCzMzFEECAwEAAaOCC5QwgguQMA4G\nA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRkbVrunXMAhh6SIpqkw571PmHaxDAfBgNVHSMEGDAWgBSKdH+v\nhc3ulc09nNDiRhTzcTUdJzBqBggrBgEFBQcBAQReMFwwJwYIKwYBBQUHMAGGG2h0\ndHA6Ly9vY3NwLnBraS5nb29nL2d0czFjMzAxBggrBgEFBQcwAoYlaHR0cDovL3Br\naS5nb29nL3JlcG8vY2VydHMvZ3RzMWMzLmRlcjCCCUIGA1UdEQSCCTkwggk1ggwq\nLmdvb2dsZS5jb22CFiouYXBwZW5naW5lLmdvb2dsZS5jb22CCSouYmRuLmRldoIS\nKi5jbG91ZC5nb29nbGUuY29tghgqLmNyb3dkc291cmNlLmdvb2dsZS5jb22CGCou\nZGF0YWNvbXB1dGUuZ29vZ2xlLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNs\ngg4qLmdvb2dsZS5jby5pboIOKi5nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVr\ngg8qLmdvb2dsZS5jb20uYXKCDyouZ29vZ2xlLmNvbS5hdYIPKi5nb29nbGUuY29t\nLmJygg8qLmdvb2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIPKi5nb29nbGUu\nY29tLnRygg8qLmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5l\nc4ILKi5nb29nbGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29n\nbGUubmyCCyouZ29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMu\nY29tgg8qLmdvb2dsZWFwaXMuY26CESouZ29vZ2xldmlkZW8uY29tggwqLmdzdGF0\naWMuY26CECouZ3N0YXRpYy1jbi5jb22CD2dvb2dsZWNuYXBwcy5jboIRKi5nb29n\nbGVjbmFwcHMuY26CEWdvb2dsZWFwcHMtY24uY29tghMqLmdvb2dsZWFwcHMtY24u\nY29tggxna2VjbmFwcHMuY26CDiouZ2tlY25hcHBzLmNughJnb29nbGVkb3dubG9h\nZHMuY26CFCouZ29vZ2xlZG93bmxvYWRzLmNughByZWNhcHRjaGEubmV0LmNughIq\nLnJlY2FwdGNoYS5uZXQuY26CC3dpZGV2aW5lLmNugg0qLndpZGV2aW5lLmNughFh\nbXBwcm9qZWN0Lm9yZy5jboITKi5hbXBwcm9qZWN0Lm9yZy5jboIRYW1wcHJvamVj\ndC5uZXQuY26CEyouYW1wcHJvamVjdC5uZXQuY26CF2dvb2dsZS1hbmFseXRpY3Mt\nY24uY29tghkqLmdvb2dsZS1hbmFseXRpY3MtY24uY29tghdnb29nbGVhZHNlcnZp\nY2VzLWNuLmNvbYIZKi5nb29nbGVhZHNlcnZpY2VzLWNuLmNvbYIRZ29vZ2xldmFk\ncy1jbi5jb22CEyouZ29vZ2xldmFkcy1jbi5jb22CEWdvb2dsZWFwaXMtY24uY29t\nghMqLmdvb2dsZWFwaXMtY24uY29tghVnb29nbGVvcHRpbWl6ZS1jbi5jb22CFyou\nZ29vZ2xlb3B0aW1pemUtY24uY29tghJkb3VibGVjbGljay1jbi5uZXSCFCouZG91\nYmxlY2xpY2stY24ubmV0ghgqLmZscy5kb3VibGVjbGljay1jbi5uZXSCFiouZy5k\nb3VibGVjbGljay1jbi5uZXSCDmRvdWJsZWNsaWNrLmNughAqLmRvdWJsZWNsaWNr\nLmNughQqLmZscy5kb3VibGVjbGljay5jboISKi5nLmRvdWJsZWNsaWNrLmNughFk\nYXJ0c2VhcmNoLWNuLm5ldIITKi5kYXJ0c2VhcmNoLWNuLm5ldIIdZ29vZ2xldHJh\ndmVsYWRzZXJ2aWNlcy1jbi5jb22CHyouZ29vZ2xldHJhdmVsYWRzZXJ2aWNlcy1j\nbi5jb22CGGdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNvbYIaKi5nb29nbGV0YWdzZXJ2\naWNlcy1jbi5jb22CF2dvb2dsZXRhZ21hbmFnZXItY24uY29tghkqLmdvb2dsZXRh\nZ21hbmFnZXItY24uY29tghhnb29nbGVzeW5kaWNhdGlvbi1jbi5jb22CGiouZ29v\nZ2xlc3luZGljYXRpb24tY24uY29tgiQqLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CFmFwcC1tZWFzdXJlbWVudC1jbi5jb22CGCouYXBwLW1lYXN1\ncmVtZW50LWNuLmNvbYILZ3Z0MS1jbi5jb22CDSouZ3Z0MS1jbi5jb22CC2d2dDIt\nY24uY29tgg0qLmd2dDItY24uY29tggsybWRuLWNuLm5ldIINKi4ybWRuLWNuLm5l\ndIIUZ29vZ2xlZmxpZ2h0cy1jbi5uZXSCFiouZ29vZ2xlZmxpZ2h0cy1jbi5uZXSC\nDGFkbW9iLWNuLmNvbYIOKi5hZG1vYi1jbi5jb22CDSouZ3N0YXRpYy5jb22CFCou\nbWV0cmljLmdzdGF0aWMuY29tggoqLmd2dDEuY29tghEqLmdjcGNkbi5ndnQxLmNv\nbYIKKi5ndnQyLmNvbYIOKi5nY3AuZ3Z0Mi5jb22CECoudXJsLmdvb2dsZS5jb22C\nFioueW91dHViZS1ub2Nvb2tpZS5jb22CCyoueXRpbWcuY29tggthbmRyb2lkLmNv\nbYINKi5hbmRyb2lkLmNvbYITKi5mbGFzaC5hbmRyb2lkLmNvbYIEZy5jboIGKi5n\nLmNuggRnLmNvggYqLmcuY2+CBmdvby5nbIIKd3d3Lmdvby5nbIIUZ29vZ2xlLWFu\nYWx5dGljcy5jb22CFiouZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5jb22C\nEmdvb2dsZWNvbW1lcmNlLmNvbYIUKi5nb29nbGVjb21tZXJjZS5jb22CCGdncGh0\nLmNuggoqLmdncGh0LmNuggp1cmNoaW4uY29tggwqLnVyY2hpbi5jb22CCHlvdXR1\nLmJlggt5b3V0dWJlLmNvbYINKi55b3V0dWJlLmNvbYIUeW91dHViZWVkdWNhdGlv\nbi5jb22CFioueW91dHViZWVkdWNhdGlvbi5jb22CD3lvdXR1YmVraWRzLmNvbYIR\nKi55b3V0dWJla2lkcy5jb22CBXl0LmJlggcqLnl0LmJlghphbmRyb2lkLmNsaWVu\ndHMuZ29vZ2xlLmNvbYIbZGV2ZWxvcGVyLmFuZHJvaWQuZ29vZ2xlLmNughxkZXZl\nbG9wZXJzLmFuZHJvaWQuZ29vZ2xlLmNughhzb3VyY2UuYW5kcm9pZC5nb29nbGUu\nY24wIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxYzMvemRBVHQwRXhfRmsu\nY3JsMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAKXm+8J45OSHwVnOfY6V35b5X\nfZxgCvj5TV0mXCVdx4QAAAF9abZ3FwAABAMASDBGAiEAzaVx7NE+ZVGOQ8o4xW2e\ndtM5xk0oOOA0T4Bx9a7GR34CIQCF7CLZ0JTrK5WHwYx/rWQ+fnvp/XADSAbosa5q\nb/Bv/AB3AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfWm2dywA\nAAQDAEgwRgIhAPALzEmjaCwQG4GBR0cM5D8p3NlEqWPJmqCDrcptclYdAiEAq9JX\nqm37pB/R/OHPGC7AjpKKCCJ1qpvwNZogH85ruS4wDQYJKoZIhvcNAQELBQADggEB\nAIxs/oH+o0mVzI1lnZZbGZP6YjtOX4x7PVC5sTnUPXma/gdwzIefnrSU4QF+cKv6\n+JsFSzvQhcDFkqq/C3K2xj3dikINauIqEFJWcbHVqv43a0Gkhqhqa1RvuYGJTaNk\n3PCqn2qpGxuwzYCBdGzu33G48XiLKqvThFmjcHyfgB7WTbOgLcjQEAA9buzLNjpS\n8ePPP8avbl3AsiVQko4VD7Rdf4RTEoY7QbVGQovmljr3zcSZoTtkh6Jj5h36sTtk\nqN3j5ES7RyC6hnh0eWrvFGt//yTFil/mEU7DYYTRA9U+1nrSppbSlWM3HGVN8po5\nx4JAV8fxdrUjFsDDGX3pa8Q=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "5t51VWELQYVRHE/2eiSYya+8G5A=", + "fingerprint_sha256": "wFJnEP8g/2R25wwFr2NDSJ9YvsCu8OnJ+fkLCkobWTY=", + "hpkp_pin": "bhmwkLYwGyUDDhzos11UGJYAKGwR9wyxC/knLZzlkSs=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2022-02-21T02:21:39", + "not_valid_before": "2021-11-29T02:21:40", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 21888924785274671114212116798050489332058235941353934902816769603495162665725679579497244893212144953326782028588961935836208966504939320851802356955522834236195422537512627825798044971454314657647167856689142212031986940520202670028347541469889913737417086406535223731863751331155005571533908422639151265622861795192396361132263839721684170695529639757796817496945872409990350759925660522031382698065998695811983379259440878375311544679808296292938648598818902795405337007199137231174780159959136437972758527521905452372035990081824985079550831699188850043309540405746993861062800363226186126946878862482768494007361 + }, + "serial_number": 159411829818832564016018738286296431893, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.google.com", + "value": "*.google.com" + } + ], + "rfc4514_string": "CN=*.google.com" + }, + "subject_alternative_name": { + "dns": [ + "*.google.com", + "*.appengine.google.com", + "*.bdn.dev", + "*.cloud.google.com", + "*.crowdsource.google.com", + "*.datacompute.google.com", + "*.google.ca", + "*.google.cl", + "*.google.co.in", + "*.google.co.jp", + "*.google.co.uk", + "*.google.com.ar", + "*.google.com.au", + "*.google.com.br", + "*.google.com.co", + "*.google.com.mx", + "*.google.com.tr", + "*.google.com.vn", + "*.google.de", + "*.google.es", + "*.google.fr", + "*.google.hu", + "*.google.it", + "*.google.nl", + "*.google.pl", + "*.google.pt", + "*.googleadapis.com", + "*.googleapis.cn", + "*.googlevideo.com", + "*.gstatic.cn", + "*.gstatic-cn.com", + "googlecnapps.cn", + "*.googlecnapps.cn", + "googleapps-cn.com", + "*.googleapps-cn.com", + "gkecnapps.cn", + "*.gkecnapps.cn", + "googledownloads.cn", + "*.googledownloads.cn", + "recaptcha.net.cn", + "*.recaptcha.net.cn", + "widevine.cn", + "*.widevine.cn", + "ampproject.org.cn", + "*.ampproject.org.cn", + "ampproject.net.cn", + "*.ampproject.net.cn", + "google-analytics-cn.com", + "*.google-analytics-cn.com", + "googleadservices-cn.com", + "*.googleadservices-cn.com", + "googlevads-cn.com", + "*.googlevads-cn.com", + "googleapis-cn.com", + "*.googleapis-cn.com", + "googleoptimize-cn.com", + "*.googleoptimize-cn.com", + "doubleclick-cn.net", + "*.doubleclick-cn.net", + "*.fls.doubleclick-cn.net", + "*.g.doubleclick-cn.net", + "doubleclick.cn", + "*.doubleclick.cn", + "*.fls.doubleclick.cn", + "*.g.doubleclick.cn", + "dartsearch-cn.net", + "*.dartsearch-cn.net", + "googletraveladservices-cn.com", + "*.googletraveladservices-cn.com", + "googletagservices-cn.com", + "*.googletagservices-cn.com", + "googletagmanager-cn.com", + "*.googletagmanager-cn.com", + "googlesyndication-cn.com", + "*.googlesyndication-cn.com", + "*.safeframe.googlesyndication-cn.com", + "app-measurement-cn.com", + "*.app-measurement-cn.com", + "gvt1-cn.com", + "*.gvt1-cn.com", + "gvt2-cn.com", + "*.gvt2-cn.com", + "2mdn-cn.net", + "*.2mdn-cn.net", + "googleflights-cn.net", + "*.googleflights-cn.net", + "admob-cn.com", + "*.admob-cn.com", + "*.gstatic.com", + "*.metric.gstatic.com", + "*.gvt1.com", + "*.gcpcdn.gvt1.com", + "*.gvt2.com", + "*.gcp.gvt2.com", + "*.url.google.com", + "*.youtube-nocookie.com", + "*.ytimg.com", + "android.com", + "*.android.com", + "*.flash.android.com", + "g.cn", + "*.g.cn", + "g.co", + "*.g.co", + "goo.gl", + "www.goo.gl", + "google-analytics.com", + "*.google-analytics.com", + "google.com", + "googlecommerce.com", + "*.googlecommerce.com", + "ggpht.cn", + "*.ggpht.cn", + "urchin.com", + "*.urchin.com", + "youtu.be", + "youtube.com", + "*.youtube.com", + "youtubeeducation.com", + "*.youtubeeducation.com", + "youtubekids.com", + "*.youtubekids.com", + "yt.be", + "*.yt.be", + "android.clients.google.com", + "developer.android.google.cn", + "developers.android.google.cn", + "source.android.google.cn" + ] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", + "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", + "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2027-09-30T00:00:42", + "not_valid_before": "2020-08-13T00:00:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 + }, + "serial_number": 159612451717983579589660725350, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" } - ], - "tls_version_used": "TLS_1_1" + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", + "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", + "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2036-06-22T00:00:00", + "not_valid_before": "2016-06-22T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 + }, + "serial_number": 146587175971765017618439757810265552097, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.12", + "name": "sha384WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 48, + "name": "sha384" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Windows", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/microsoft_windows.pem", + "version": "2021-09-25" }, - "status": "COMPLETED" - }, - "tls_1_2_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "AES256-GCM-SHA384" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "AES128-GCM-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "ECDHE-RSA-CHACHA20-POLY1305" - }, - "ephemeral_key": { - "curve_name": "X25519", - "generator": null, - "prime": null, - "public_bytes": "V2BQ/K9aJEXhTJ1yduc2gMiQCaIBB58SHR8eK1o6WFY=", - "size": 253, - "type_name": "ECDH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDHE-RSA-AES256-GCM-SHA384" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BNOBRDferroQWvBT9KDFkb8MQ8dEdjVpBJxouconh+UuCx1Va2bJ2rwktGpLIfy5ExtfmssTHXw3iWXy88pOMkA=", - "size": 256, - "type_name": "ECDH", - "x": "04FEN96uuhBa8FP0oMWRvwxDx0R2NWkEnGi5yieH5S4=", - "y": "Cx1Va2bJ2rwktGpLIfy5ExtfmssTHXw3iWXy88pOMkA=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BBA6G3DOEZg20aBFjZQ1gRLVl5hpc3fiZyNOEQM+lIjuGAHr1lL+Y4+jnNWaZQhTHSTko6dqlB380Du6PN2MHAw=", - "size": 256, - "type_name": "ECDH", - "x": "EDobcM4RmDbRoEWNlDWBEtWXmGlzd+JnI04RAz6UiO4=", - "y": "GAHr1lL+Y4+jnNWaZQhTHSTko6dqlB380Du6PN2MHAw=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDHE-RSA-AES128-GCM-SHA256" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BCD4eSNHhcC+3rJQCPgrD1nmkFZ/AnSzAqs0MwzwDav64Dd9dm5tWJQm8x9uy77e0e4PImQW0QEEh62oSTdaiMk=", - "size": 256, - "type_name": "ECDH", - "x": "IPh5I0eFwL7eslAI+CsPWeaQVn8CdLMCqzQzDPANq/o=", - "y": "4Dd9dm5tWJQm8x9uy77e0e4PImQW0QEEh62oSTdaiMk=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BKom4s43jhPyjtXSo/yjPZmgzVWmxtHijLUmnQ6noAgQ3feG/hPSd5+Xmf3Q8Fzv08WPdfQFM45hYsYAE2QX1fs=", - "size": 256, - "type_name": "ECDH", - "x": "qibizjeOE/KO1dKj/KM9maDNVabG0eKMtSadDqegCBA=", - "y": "3feG/hPSd5+Xmf3Q8Fzv08WPdfQFM45hYsYAE2QX1fs=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "ECDHE-ECDSA-CHACHA20-POLY1305" - }, - "ephemeral_key": { - "curve_name": "X25519", - "generator": null, - "prime": null, - "public_bytes": "habWXrR8ID+8jbm6bgeog7aWIRUS6ejCUElNVoC5ElM=", - "size": 253, - "type_name": "ECDH", - "x": null, - "y": null - } + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIOfTCCDWWgAwIBAgIQd+2aBfss7EsKAAAAASX9FTANBgkqhkiG9w0BAQsFADBG\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzETMBEGA1UEAxMKR1RTIENBIDFDMzAeFw0yMTExMjkwMjIxNDBaFw0yMjAyMjEw\nMjIxMzlaMBcxFTATBgNVBAMMDCouZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAK1kyHzdiamF+Vh9PQCWLDW0Vp2ANmwZqiacEv/eFnfR\n2UcU9aZ7Hpd8hxfUYTnXsOL5nNW/NO1go/7c3gOxHTysGFHL5ABwzX94qpXpBaGQ\nkGg5IW9s0PDeZWJIIcgxcNAmT6C3WZh8ZC++EksniGezcpPIx2jlj2//K/GVPrUH\n2H8AruFnkJo7S4ab4+noxyu3RGhqc9w8Spyrl9lO4ZKdwRJDf1+Ad/g+Z03KxuTl\nllN87aXdog05WbEIwroMJPXXr2b1BiTiTW0RUrweT2OU5jsMjt88obokCi4xpdR2\nCLKgKIOcXV2YCqptVHK1K48NpLtMefFBiwuLCzMzFEECAwEAAaOCC5QwgguQMA4G\nA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRkbVrunXMAhh6SIpqkw571PmHaxDAfBgNVHSMEGDAWgBSKdH+v\nhc3ulc09nNDiRhTzcTUdJzBqBggrBgEFBQcBAQReMFwwJwYIKwYBBQUHMAGGG2h0\ndHA6Ly9vY3NwLnBraS5nb29nL2d0czFjMzAxBggrBgEFBQcwAoYlaHR0cDovL3Br\naS5nb29nL3JlcG8vY2VydHMvZ3RzMWMzLmRlcjCCCUIGA1UdEQSCCTkwggk1ggwq\nLmdvb2dsZS5jb22CFiouYXBwZW5naW5lLmdvb2dsZS5jb22CCSouYmRuLmRldoIS\nKi5jbG91ZC5nb29nbGUuY29tghgqLmNyb3dkc291cmNlLmdvb2dsZS5jb22CGCou\nZGF0YWNvbXB1dGUuZ29vZ2xlLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNs\ngg4qLmdvb2dsZS5jby5pboIOKi5nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVr\ngg8qLmdvb2dsZS5jb20uYXKCDyouZ29vZ2xlLmNvbS5hdYIPKi5nb29nbGUuY29t\nLmJygg8qLmdvb2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIPKi5nb29nbGUu\nY29tLnRygg8qLmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5l\nc4ILKi5nb29nbGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29n\nbGUubmyCCyouZ29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMu\nY29tgg8qLmdvb2dsZWFwaXMuY26CESouZ29vZ2xldmlkZW8uY29tggwqLmdzdGF0\naWMuY26CECouZ3N0YXRpYy1jbi5jb22CD2dvb2dsZWNuYXBwcy5jboIRKi5nb29n\nbGVjbmFwcHMuY26CEWdvb2dsZWFwcHMtY24uY29tghMqLmdvb2dsZWFwcHMtY24u\nY29tggxna2VjbmFwcHMuY26CDiouZ2tlY25hcHBzLmNughJnb29nbGVkb3dubG9h\nZHMuY26CFCouZ29vZ2xlZG93bmxvYWRzLmNughByZWNhcHRjaGEubmV0LmNughIq\nLnJlY2FwdGNoYS5uZXQuY26CC3dpZGV2aW5lLmNugg0qLndpZGV2aW5lLmNughFh\nbXBwcm9qZWN0Lm9yZy5jboITKi5hbXBwcm9qZWN0Lm9yZy5jboIRYW1wcHJvamVj\ndC5uZXQuY26CEyouYW1wcHJvamVjdC5uZXQuY26CF2dvb2dsZS1hbmFseXRpY3Mt\nY24uY29tghkqLmdvb2dsZS1hbmFseXRpY3MtY24uY29tghdnb29nbGVhZHNlcnZp\nY2VzLWNuLmNvbYIZKi5nb29nbGVhZHNlcnZpY2VzLWNuLmNvbYIRZ29vZ2xldmFk\ncy1jbi5jb22CEyouZ29vZ2xldmFkcy1jbi5jb22CEWdvb2dsZWFwaXMtY24uY29t\nghMqLmdvb2dsZWFwaXMtY24uY29tghVnb29nbGVvcHRpbWl6ZS1jbi5jb22CFyou\nZ29vZ2xlb3B0aW1pemUtY24uY29tghJkb3VibGVjbGljay1jbi5uZXSCFCouZG91\nYmxlY2xpY2stY24ubmV0ghgqLmZscy5kb3VibGVjbGljay1jbi5uZXSCFiouZy5k\nb3VibGVjbGljay1jbi5uZXSCDmRvdWJsZWNsaWNrLmNughAqLmRvdWJsZWNsaWNr\nLmNughQqLmZscy5kb3VibGVjbGljay5jboISKi5nLmRvdWJsZWNsaWNrLmNughFk\nYXJ0c2VhcmNoLWNuLm5ldIITKi5kYXJ0c2VhcmNoLWNuLm5ldIIdZ29vZ2xldHJh\ndmVsYWRzZXJ2aWNlcy1jbi5jb22CHyouZ29vZ2xldHJhdmVsYWRzZXJ2aWNlcy1j\nbi5jb22CGGdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNvbYIaKi5nb29nbGV0YWdzZXJ2\naWNlcy1jbi5jb22CF2dvb2dsZXRhZ21hbmFnZXItY24uY29tghkqLmdvb2dsZXRh\nZ21hbmFnZXItY24uY29tghhnb29nbGVzeW5kaWNhdGlvbi1jbi5jb22CGiouZ29v\nZ2xlc3luZGljYXRpb24tY24uY29tgiQqLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CFmFwcC1tZWFzdXJlbWVudC1jbi5jb22CGCouYXBwLW1lYXN1\ncmVtZW50LWNuLmNvbYILZ3Z0MS1jbi5jb22CDSouZ3Z0MS1jbi5jb22CC2d2dDIt\nY24uY29tgg0qLmd2dDItY24uY29tggsybWRuLWNuLm5ldIINKi4ybWRuLWNuLm5l\ndIIUZ29vZ2xlZmxpZ2h0cy1jbi5uZXSCFiouZ29vZ2xlZmxpZ2h0cy1jbi5uZXSC\nDGFkbW9iLWNuLmNvbYIOKi5hZG1vYi1jbi5jb22CDSouZ3N0YXRpYy5jb22CFCou\nbWV0cmljLmdzdGF0aWMuY29tggoqLmd2dDEuY29tghEqLmdjcGNkbi5ndnQxLmNv\nbYIKKi5ndnQyLmNvbYIOKi5nY3AuZ3Z0Mi5jb22CECoudXJsLmdvb2dsZS5jb22C\nFioueW91dHViZS1ub2Nvb2tpZS5jb22CCyoueXRpbWcuY29tggthbmRyb2lkLmNv\nbYINKi5hbmRyb2lkLmNvbYITKi5mbGFzaC5hbmRyb2lkLmNvbYIEZy5jboIGKi5n\nLmNuggRnLmNvggYqLmcuY2+CBmdvby5nbIIKd3d3Lmdvby5nbIIUZ29vZ2xlLWFu\nYWx5dGljcy5jb22CFiouZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5jb22C\nEmdvb2dsZWNvbW1lcmNlLmNvbYIUKi5nb29nbGVjb21tZXJjZS5jb22CCGdncGh0\nLmNuggoqLmdncGh0LmNuggp1cmNoaW4uY29tggwqLnVyY2hpbi5jb22CCHlvdXR1\nLmJlggt5b3V0dWJlLmNvbYINKi55b3V0dWJlLmNvbYIUeW91dHViZWVkdWNhdGlv\nbi5jb22CFioueW91dHViZWVkdWNhdGlvbi5jb22CD3lvdXR1YmVraWRzLmNvbYIR\nKi55b3V0dWJla2lkcy5jb22CBXl0LmJlggcqLnl0LmJlghphbmRyb2lkLmNsaWVu\ndHMuZ29vZ2xlLmNvbYIbZGV2ZWxvcGVyLmFuZHJvaWQuZ29vZ2xlLmNughxkZXZl\nbG9wZXJzLmFuZHJvaWQuZ29vZ2xlLmNughhzb3VyY2UuYW5kcm9pZC5nb29nbGUu\nY24wIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxYzMvemRBVHQwRXhfRmsu\nY3JsMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAKXm+8J45OSHwVnOfY6V35b5X\nfZxgCvj5TV0mXCVdx4QAAAF9abZ3FwAABAMASDBGAiEAzaVx7NE+ZVGOQ8o4xW2e\ndtM5xk0oOOA0T4Bx9a7GR34CIQCF7CLZ0JTrK5WHwYx/rWQ+fnvp/XADSAbosa5q\nb/Bv/AB3AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfWm2dywA\nAAQDAEgwRgIhAPALzEmjaCwQG4GBR0cM5D8p3NlEqWPJmqCDrcptclYdAiEAq9JX\nqm37pB/R/OHPGC7AjpKKCCJ1qpvwNZogH85ruS4wDQYJKoZIhvcNAQELBQADggEB\nAIxs/oH+o0mVzI1lnZZbGZP6YjtOX4x7PVC5sTnUPXma/gdwzIefnrSU4QF+cKv6\n+JsFSzvQhcDFkqq/C3K2xj3dikINauIqEFJWcbHVqv43a0Gkhqhqa1RvuYGJTaNk\n3PCqn2qpGxuwzYCBdGzu33G48XiLKqvThFmjcHyfgB7WTbOgLcjQEAA9buzLNjpS\n8ePPP8avbl3AsiVQko4VD7Rdf4RTEoY7QbVGQovmljr3zcSZoTtkh6Jj5h36sTtk\nqN3j5ES7RyC6hnh0eWrvFGt//yTFil/mEU7DYYTRA9U+1nrSppbSlWM3HGVN8po5\nx4JAV8fxdrUjFsDDGX3pa8Q=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "5t51VWELQYVRHE/2eiSYya+8G5A=", + "fingerprint_sha256": "wFJnEP8g/2R25wwFr2NDSJ9YvsCu8OnJ+fkLCkobWTY=", + "hpkp_pin": "bhmwkLYwGyUDDhzos11UGJYAKGwR9wyxC/knLZzlkSs=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA256", - "openssl_name": "NULL-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_256_CCM_8", - "openssl_name": "AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CCM", - "openssl_name": "AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CCM_8", - "openssl_name": "AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CCM", - "openssl_name": "AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDH-RSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDH-RSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDH-RSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDH-RSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDH-ECDSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDH-ECDSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDH-ECDSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDH-ECDSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", - "openssl_name": "ECDHE-RSA-CAMELLIA256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "ECDHE-RSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ECDHE-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ECDHE-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDHE-RSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDHE-RSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", - "openssl_name": "ECDHE-ECDSA-CAMELLIA256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "ECDHE-ECDSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ECDHE-ECDSA-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ECDHE-ECDSA-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDHE-ECDSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", - "openssl_name": "ECDHE-ECDSA-AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", - "openssl_name": "ECDHE-ECDSA-AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDHE-ECDSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDHE-ECDSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", - "openssl_name": "ECDHE-ECDSA-AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", - "openssl_name": "ECDHE-ECDSA-AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDHE-ECDSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_GCM_SHA384", - "openssl_name": "ADH-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA256", - "openssl_name": "ADH-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_GCM_SHA256", - "openssl_name": "ADH-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA256", - "openssl_name": "ADH-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "DH-RSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "DH-RSA-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "DH-RSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "DH-RSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", - "openssl_name": "DH-DSS-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", - "openssl_name": "DH-DSS-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", - "openssl_name": "DH-DSS-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", - "openssl_name": "DH-DSS-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "DHE-RSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "DHE-RSA-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "DHE-RSA-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "DHE-RSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CCM_8", - "openssl_name": "DHE-RSA-AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CCM", - "openssl_name": "DHE-RSA-AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "DHE-RSA-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "DHE-RSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CCM_8", - "openssl_name": "DHE-RSA-AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CCM", - "openssl_name": "DHE-RSA-AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "DHE-RSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "DHE-DSS-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "DHE-DSS-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", - "openssl_name": "DHE-DSS-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", - "openssl_name": "DHE-DSS-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", - "openssl_name": "DHE-DSS-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", - "openssl_name": "DHE-DSS-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DHE-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2022-02-21T02:21:39", + "not_valid_before": "2021-11-29T02:21:40", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 21888924785274671114212116798050489332058235941353934902816769603495162665725679579497244893212144953326782028588961935836208966504939320851802356955522834236195422537512627825798044971454314657647167856689142212031986940520202670028347541469889913737417086406535223731863751331155005571533908422639151265622861795192396361132263839721684170695529639757796817496945872409990350759925660522031382698065998695811983379259440878375311544679808296292938648598818902795405337007199137231174780159959136437972758527521905452372035990081824985079550831699188850043309540405746993861062800363226186126946878862482768494007361 + }, + "serial_number": 159411829818832564016018738286296431893, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.google.com", + "value": "*.google.com" } - ], - "tls_version_used": "TLS_1_2" - }, - "status": "COMPLETED" - }, - "tls_1_3_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_CHACHA20_POLY1305_SHA256", - "openssl_name": "TLS_CHACHA20_POLY1305_SHA256" - }, - "ephemeral_key": { - "curve_name": "X25519", - "generator": null, - "prime": null, - "public_bytes": "IibNefIeWakQYBwJVCKeGnlJDzGeXiPYhHG3xP50qiM=", - "size": 253, - "type_name": "ECDH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_AES_256_GCM_SHA384", - "openssl_name": "TLS_AES_256_GCM_SHA384" - }, - "ephemeral_key": { - "curve_name": "X25519", - "generator": null, - "prime": null, - "public_bytes": "Fxtiun40toNvzH09ceGUWiGYoCzhnn3L3vXmnk8GYmI=", - "size": 253, - "type_name": "ECDH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_GCM_SHA256", - "openssl_name": "TLS_AES_128_GCM_SHA256" - }, - "ephemeral_key": { - "curve_name": "X25519", - "generator": null, - "prime": null, - "public_bytes": "131nzOuxHWngA4/69FkSzZ+f55TKzYCTyG0MlR2JBQc=", - "size": 253, - "type_name": "ECDH", - "x": null, - "y": null - } + ], + "rfc4514_string": "CN=*.google.com" + }, + "subject_alternative_name": { + "dns": [ + "*.google.com", + "*.appengine.google.com", + "*.bdn.dev", + "*.cloud.google.com", + "*.crowdsource.google.com", + "*.datacompute.google.com", + "*.google.ca", + "*.google.cl", + "*.google.co.in", + "*.google.co.jp", + "*.google.co.uk", + "*.google.com.ar", + "*.google.com.au", + "*.google.com.br", + "*.google.com.co", + "*.google.com.mx", + "*.google.com.tr", + "*.google.com.vn", + "*.google.de", + "*.google.es", + "*.google.fr", + "*.google.hu", + "*.google.it", + "*.google.nl", + "*.google.pl", + "*.google.pt", + "*.googleadapis.com", + "*.googleapis.cn", + "*.googlevideo.com", + "*.gstatic.cn", + "*.gstatic-cn.com", + "googlecnapps.cn", + "*.googlecnapps.cn", + "googleapps-cn.com", + "*.googleapps-cn.com", + "gkecnapps.cn", + "*.gkecnapps.cn", + "googledownloads.cn", + "*.googledownloads.cn", + "recaptcha.net.cn", + "*.recaptcha.net.cn", + "widevine.cn", + "*.widevine.cn", + "ampproject.org.cn", + "*.ampproject.org.cn", + "ampproject.net.cn", + "*.ampproject.net.cn", + "google-analytics-cn.com", + "*.google-analytics-cn.com", + "googleadservices-cn.com", + "*.googleadservices-cn.com", + "googlevads-cn.com", + "*.googlevads-cn.com", + "googleapis-cn.com", + "*.googleapis-cn.com", + "googleoptimize-cn.com", + "*.googleoptimize-cn.com", + "doubleclick-cn.net", + "*.doubleclick-cn.net", + "*.fls.doubleclick-cn.net", + "*.g.doubleclick-cn.net", + "doubleclick.cn", + "*.doubleclick.cn", + "*.fls.doubleclick.cn", + "*.g.doubleclick.cn", + "dartsearch-cn.net", + "*.dartsearch-cn.net", + "googletraveladservices-cn.com", + "*.googletraveladservices-cn.com", + "googletagservices-cn.com", + "*.googletagservices-cn.com", + "googletagmanager-cn.com", + "*.googletagmanager-cn.com", + "googlesyndication-cn.com", + "*.googlesyndication-cn.com", + "*.safeframe.googlesyndication-cn.com", + "app-measurement-cn.com", + "*.app-measurement-cn.com", + "gvt1-cn.com", + "*.gvt1-cn.com", + "gvt2-cn.com", + "*.gvt2-cn.com", + "2mdn-cn.net", + "*.2mdn-cn.net", + "googleflights-cn.net", + "*.googleflights-cn.net", + "admob-cn.com", + "*.admob-cn.com", + "*.gstatic.com", + "*.metric.gstatic.com", + "*.gvt1.com", + "*.gcpcdn.gvt1.com", + "*.gvt2.com", + "*.gcp.gvt2.com", + "*.url.google.com", + "*.youtube-nocookie.com", + "*.ytimg.com", + "android.com", + "*.android.com", + "*.flash.android.com", + "g.cn", + "*.g.cn", + "g.co", + "*.g.co", + "goo.gl", + "www.goo.gl", + "google-analytics.com", + "*.google-analytics.com", + "google.com", + "googlecommerce.com", + "*.googlecommerce.com", + "ggpht.cn", + "*.ggpht.cn", + "urchin.com", + "*.urchin.com", + "youtu.be", + "youtube.com", + "*.youtube.com", + "youtubeeducation.com", + "*.youtubeeducation.com", + "youtubekids.com", + "*.youtubekids.com", + "yt.be", + "*.yt.be", + "android.clients.google.com", + "developer.android.google.cn", + "developers.android.google.cn", + "source.android.google.cn" + ] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", + "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", + "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_CCM_SHA256", - "openssl_name": "TLS_AES_128_CCM_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_CCM_8_SHA256", - "openssl_name": "TLS_AES_128_CCM_8_SHA256" - }, - "error_message": "TLS alert: handshake failure" + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2027-09-30T00:00:42", + "not_valid_before": "2020-08-13T00:00:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 + }, + "serial_number": 159612451717983579589660725350, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", + "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", + "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" } - ], - "tls_version_used": "TLS_1_3" + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2036-06-22T00:00:00", + "not_valid_before": "2016-06-22T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 + }, + "serial_number": 146587175971765017618439757810265552097, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.12", + "name": "sha384WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 48, + "name": "sha384" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + } + ], + "received_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIOfTCCDWWgAwIBAgIQd+2aBfss7EsKAAAAASX9FTANBgkqhkiG9w0BAQsFADBG\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzETMBEGA1UEAxMKR1RTIENBIDFDMzAeFw0yMTExMjkwMjIxNDBaFw0yMjAyMjEw\nMjIxMzlaMBcxFTATBgNVBAMMDCouZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAK1kyHzdiamF+Vh9PQCWLDW0Vp2ANmwZqiacEv/eFnfR\n2UcU9aZ7Hpd8hxfUYTnXsOL5nNW/NO1go/7c3gOxHTysGFHL5ABwzX94qpXpBaGQ\nkGg5IW9s0PDeZWJIIcgxcNAmT6C3WZh8ZC++EksniGezcpPIx2jlj2//K/GVPrUH\n2H8AruFnkJo7S4ab4+noxyu3RGhqc9w8Spyrl9lO4ZKdwRJDf1+Ad/g+Z03KxuTl\nllN87aXdog05WbEIwroMJPXXr2b1BiTiTW0RUrweT2OU5jsMjt88obokCi4xpdR2\nCLKgKIOcXV2YCqptVHK1K48NpLtMefFBiwuLCzMzFEECAwEAAaOCC5QwgguQMA4G\nA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRkbVrunXMAhh6SIpqkw571PmHaxDAfBgNVHSMEGDAWgBSKdH+v\nhc3ulc09nNDiRhTzcTUdJzBqBggrBgEFBQcBAQReMFwwJwYIKwYBBQUHMAGGG2h0\ndHA6Ly9vY3NwLnBraS5nb29nL2d0czFjMzAxBggrBgEFBQcwAoYlaHR0cDovL3Br\naS5nb29nL3JlcG8vY2VydHMvZ3RzMWMzLmRlcjCCCUIGA1UdEQSCCTkwggk1ggwq\nLmdvb2dsZS5jb22CFiouYXBwZW5naW5lLmdvb2dsZS5jb22CCSouYmRuLmRldoIS\nKi5jbG91ZC5nb29nbGUuY29tghgqLmNyb3dkc291cmNlLmdvb2dsZS5jb22CGCou\nZGF0YWNvbXB1dGUuZ29vZ2xlLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNs\ngg4qLmdvb2dsZS5jby5pboIOKi5nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVr\ngg8qLmdvb2dsZS5jb20uYXKCDyouZ29vZ2xlLmNvbS5hdYIPKi5nb29nbGUuY29t\nLmJygg8qLmdvb2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIPKi5nb29nbGUu\nY29tLnRygg8qLmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5l\nc4ILKi5nb29nbGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29n\nbGUubmyCCyouZ29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMu\nY29tgg8qLmdvb2dsZWFwaXMuY26CESouZ29vZ2xldmlkZW8uY29tggwqLmdzdGF0\naWMuY26CECouZ3N0YXRpYy1jbi5jb22CD2dvb2dsZWNuYXBwcy5jboIRKi5nb29n\nbGVjbmFwcHMuY26CEWdvb2dsZWFwcHMtY24uY29tghMqLmdvb2dsZWFwcHMtY24u\nY29tggxna2VjbmFwcHMuY26CDiouZ2tlY25hcHBzLmNughJnb29nbGVkb3dubG9h\nZHMuY26CFCouZ29vZ2xlZG93bmxvYWRzLmNughByZWNhcHRjaGEubmV0LmNughIq\nLnJlY2FwdGNoYS5uZXQuY26CC3dpZGV2aW5lLmNugg0qLndpZGV2aW5lLmNughFh\nbXBwcm9qZWN0Lm9yZy5jboITKi5hbXBwcm9qZWN0Lm9yZy5jboIRYW1wcHJvamVj\ndC5uZXQuY26CEyouYW1wcHJvamVjdC5uZXQuY26CF2dvb2dsZS1hbmFseXRpY3Mt\nY24uY29tghkqLmdvb2dsZS1hbmFseXRpY3MtY24uY29tghdnb29nbGVhZHNlcnZp\nY2VzLWNuLmNvbYIZKi5nb29nbGVhZHNlcnZpY2VzLWNuLmNvbYIRZ29vZ2xldmFk\ncy1jbi5jb22CEyouZ29vZ2xldmFkcy1jbi5jb22CEWdvb2dsZWFwaXMtY24uY29t\nghMqLmdvb2dsZWFwaXMtY24uY29tghVnb29nbGVvcHRpbWl6ZS1jbi5jb22CFyou\nZ29vZ2xlb3B0aW1pemUtY24uY29tghJkb3VibGVjbGljay1jbi5uZXSCFCouZG91\nYmxlY2xpY2stY24ubmV0ghgqLmZscy5kb3VibGVjbGljay1jbi5uZXSCFiouZy5k\nb3VibGVjbGljay1jbi5uZXSCDmRvdWJsZWNsaWNrLmNughAqLmRvdWJsZWNsaWNr\nLmNughQqLmZscy5kb3VibGVjbGljay5jboISKi5nLmRvdWJsZWNsaWNrLmNughFk\nYXJ0c2VhcmNoLWNuLm5ldIITKi5kYXJ0c2VhcmNoLWNuLm5ldIIdZ29vZ2xldHJh\ndmVsYWRzZXJ2aWNlcy1jbi5jb22CHyouZ29vZ2xldHJhdmVsYWRzZXJ2aWNlcy1j\nbi5jb22CGGdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNvbYIaKi5nb29nbGV0YWdzZXJ2\naWNlcy1jbi5jb22CF2dvb2dsZXRhZ21hbmFnZXItY24uY29tghkqLmdvb2dsZXRh\nZ21hbmFnZXItY24uY29tghhnb29nbGVzeW5kaWNhdGlvbi1jbi5jb22CGiouZ29v\nZ2xlc3luZGljYXRpb24tY24uY29tgiQqLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CFmFwcC1tZWFzdXJlbWVudC1jbi5jb22CGCouYXBwLW1lYXN1\ncmVtZW50LWNuLmNvbYILZ3Z0MS1jbi5jb22CDSouZ3Z0MS1jbi5jb22CC2d2dDIt\nY24uY29tgg0qLmd2dDItY24uY29tggsybWRuLWNuLm5ldIINKi4ybWRuLWNuLm5l\ndIIUZ29vZ2xlZmxpZ2h0cy1jbi5uZXSCFiouZ29vZ2xlZmxpZ2h0cy1jbi5uZXSC\nDGFkbW9iLWNuLmNvbYIOKi5hZG1vYi1jbi5jb22CDSouZ3N0YXRpYy5jb22CFCou\nbWV0cmljLmdzdGF0aWMuY29tggoqLmd2dDEuY29tghEqLmdjcGNkbi5ndnQxLmNv\nbYIKKi5ndnQyLmNvbYIOKi5nY3AuZ3Z0Mi5jb22CECoudXJsLmdvb2dsZS5jb22C\nFioueW91dHViZS1ub2Nvb2tpZS5jb22CCyoueXRpbWcuY29tggthbmRyb2lkLmNv\nbYINKi5hbmRyb2lkLmNvbYITKi5mbGFzaC5hbmRyb2lkLmNvbYIEZy5jboIGKi5n\nLmNuggRnLmNvggYqLmcuY2+CBmdvby5nbIIKd3d3Lmdvby5nbIIUZ29vZ2xlLWFu\nYWx5dGljcy5jb22CFiouZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5jb22C\nEmdvb2dsZWNvbW1lcmNlLmNvbYIUKi5nb29nbGVjb21tZXJjZS5jb22CCGdncGh0\nLmNuggoqLmdncGh0LmNuggp1cmNoaW4uY29tggwqLnVyY2hpbi5jb22CCHlvdXR1\nLmJlggt5b3V0dWJlLmNvbYINKi55b3V0dWJlLmNvbYIUeW91dHViZWVkdWNhdGlv\nbi5jb22CFioueW91dHViZWVkdWNhdGlvbi5jb22CD3lvdXR1YmVraWRzLmNvbYIR\nKi55b3V0dWJla2lkcy5jb22CBXl0LmJlggcqLnl0LmJlghphbmRyb2lkLmNsaWVu\ndHMuZ29vZ2xlLmNvbYIbZGV2ZWxvcGVyLmFuZHJvaWQuZ29vZ2xlLmNughxkZXZl\nbG9wZXJzLmFuZHJvaWQuZ29vZ2xlLmNughhzb3VyY2UuYW5kcm9pZC5nb29nbGUu\nY24wIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxYzMvemRBVHQwRXhfRmsu\nY3JsMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAKXm+8J45OSHwVnOfY6V35b5X\nfZxgCvj5TV0mXCVdx4QAAAF9abZ3FwAABAMASDBGAiEAzaVx7NE+ZVGOQ8o4xW2e\ndtM5xk0oOOA0T4Bx9a7GR34CIQCF7CLZ0JTrK5WHwYx/rWQ+fnvp/XADSAbosa5q\nb/Bv/AB3AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfWm2dywA\nAAQDAEgwRgIhAPALzEmjaCwQG4GBR0cM5D8p3NlEqWPJmqCDrcptclYdAiEAq9JX\nqm37pB/R/OHPGC7AjpKKCCJ1qpvwNZogH85ruS4wDQYJKoZIhvcNAQELBQADggEB\nAIxs/oH+o0mVzI1lnZZbGZP6YjtOX4x7PVC5sTnUPXma/gdwzIefnrSU4QF+cKv6\n+JsFSzvQhcDFkqq/C3K2xj3dikINauIqEFJWcbHVqv43a0Gkhqhqa1RvuYGJTaNk\n3PCqn2qpGxuwzYCBdGzu33G48XiLKqvThFmjcHyfgB7WTbOgLcjQEAA9buzLNjpS\n8ePPP8avbl3AsiVQko4VD7Rdf4RTEoY7QbVGQovmljr3zcSZoTtkh6Jj5h36sTtk\nqN3j5ES7RyC6hnh0eWrvFGt//yTFil/mEU7DYYTRA9U+1nrSppbSlWM3HGVN8po5\nx4JAV8fxdrUjFsDDGX3pa8Q=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "5t51VWELQYVRHE/2eiSYya+8G5A=", + "fingerprint_sha256": "wFJnEP8g/2R25wwFr2NDSJ9YvsCu8OnJ+fkLCkobWTY=", + "hpkp_pin": "bhmwkLYwGyUDDhzos11UGJYAKGwR9wyxC/knLZzlkSs=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2022-02-21T02:21:39", + "not_valid_before": "2021-11-29T02:21:40", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 21888924785274671114212116798050489332058235941353934902816769603495162665725679579497244893212144953326782028588961935836208966504939320851802356955522834236195422537512627825798044971454314657647167856689142212031986940520202670028347541469889913737417086406535223731863751331155005571533908422639151265622861795192396361132263839721684170695529639757796817496945872409990350759925660522031382698065998695811983379259440878375311544679808296292938648598818902795405337007199137231174780159959136437972758527521905452372035990081824985079550831699188850043309540405746993861062800363226186126946878862482768494007361 + }, + "serial_number": 159411829818832564016018738286296431893, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.google.com", + "value": "*.google.com" + } + ], + "rfc4514_string": "CN=*.google.com" + }, + "subject_alternative_name": { + "dns": [ + "*.google.com", + "*.appengine.google.com", + "*.bdn.dev", + "*.cloud.google.com", + "*.crowdsource.google.com", + "*.datacompute.google.com", + "*.google.ca", + "*.google.cl", + "*.google.co.in", + "*.google.co.jp", + "*.google.co.uk", + "*.google.com.ar", + "*.google.com.au", + "*.google.com.br", + "*.google.com.co", + "*.google.com.mx", + "*.google.com.tr", + "*.google.com.vn", + "*.google.de", + "*.google.es", + "*.google.fr", + "*.google.hu", + "*.google.it", + "*.google.nl", + "*.google.pl", + "*.google.pt", + "*.googleadapis.com", + "*.googleapis.cn", + "*.googlevideo.com", + "*.gstatic.cn", + "*.gstatic-cn.com", + "googlecnapps.cn", + "*.googlecnapps.cn", + "googleapps-cn.com", + "*.googleapps-cn.com", + "gkecnapps.cn", + "*.gkecnapps.cn", + "googledownloads.cn", + "*.googledownloads.cn", + "recaptcha.net.cn", + "*.recaptcha.net.cn", + "widevine.cn", + "*.widevine.cn", + "ampproject.org.cn", + "*.ampproject.org.cn", + "ampproject.net.cn", + "*.ampproject.net.cn", + "google-analytics-cn.com", + "*.google-analytics-cn.com", + "googleadservices-cn.com", + "*.googleadservices-cn.com", + "googlevads-cn.com", + "*.googlevads-cn.com", + "googleapis-cn.com", + "*.googleapis-cn.com", + "googleoptimize-cn.com", + "*.googleoptimize-cn.com", + "doubleclick-cn.net", + "*.doubleclick-cn.net", + "*.fls.doubleclick-cn.net", + "*.g.doubleclick-cn.net", + "doubleclick.cn", + "*.doubleclick.cn", + "*.fls.doubleclick.cn", + "*.g.doubleclick.cn", + "dartsearch-cn.net", + "*.dartsearch-cn.net", + "googletraveladservices-cn.com", + "*.googletraveladservices-cn.com", + "googletagservices-cn.com", + "*.googletagservices-cn.com", + "googletagmanager-cn.com", + "*.googletagmanager-cn.com", + "googlesyndication-cn.com", + "*.googlesyndication-cn.com", + "*.safeframe.googlesyndication-cn.com", + "app-measurement-cn.com", + "*.app-measurement-cn.com", + "gvt1-cn.com", + "*.gvt1-cn.com", + "gvt2-cn.com", + "*.gvt2-cn.com", + "2mdn-cn.net", + "*.2mdn-cn.net", + "googleflights-cn.net", + "*.googleflights-cn.net", + "admob-cn.com", + "*.admob-cn.com", + "*.gstatic.com", + "*.metric.gstatic.com", + "*.gvt1.com", + "*.gcpcdn.gvt1.com", + "*.gvt2.com", + "*.gcp.gvt2.com", + "*.url.google.com", + "*.youtube-nocookie.com", + "*.ytimg.com", + "android.com", + "*.android.com", + "*.flash.android.com", + "g.cn", + "*.g.cn", + "g.co", + "*.g.co", + "goo.gl", + "www.goo.gl", + "google-analytics.com", + "*.google-analytics.com", + "google.com", + "googlecommerce.com", + "*.googlecommerce.com", + "ggpht.cn", + "*.ggpht.cn", + "urchin.com", + "*.urchin.com", + "youtu.be", + "youtube.com", + "*.youtube.com", + "youtubeeducation.com", + "*.youtubeeducation.com", + "youtubekids.com", + "*.youtubekids.com", + "yt.be", + "*.yt.be", + "android.clients.google.com", + "developer.android.google.cn", + "developers.android.google.cn", + "source.android.google.cn" + ] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", + "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", + "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2027-09-30T00:00:42", + "not_valid_before": "2020-08-13T00:00:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 + }, + "serial_number": 159612451717983579589660725350, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFYjCCBEqgAwIBAgIQd70NbNs2+RrqIQ/E8FjTDTANBgkqhkiG9w0BAQsFADBX\nMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE\nCxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIwMDYx\nOTAwMDA0MloXDTI4MDEyODAwMDA0MlowRzELMAkGA1UEBhMCVVMxIjAgBgNVBAoT\nGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBMTEMxFDASBgNVBAMTC0dUUyBSb290IFIx\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAthECix7joXebO9y/lD63\nladAPKH9gvl9MgaCcfb2jH/76Nu8ai6Xl6OMS/kr9rH5zoQdsfnFl97vufKj6bwS\niV6nqlKr+CMny6SxnGPb15l+8Ape62im9MZaRw1NEDPjTrETo8gYbEvs/AmQ351k\nKSUjB6G00j0uYODP0gmHu81I8E3CwnqIiru6z1kZ1q+PsAewnjHxgsHA3y6mbWwZ\nDrXYfiYaRQM9sHmklCitD38m5agI/pboPGiUU+6DOogrFZYJsuB6jC511pzrp1Zk\nj5ZPaK49l8KEj8C8QMALXL32h7M1bKwYUH+E4EzNktMg6TO8UpmvMrUpsyUqtEj5\ncuHKZPfmghCN6J3Cioj6OGaK/GP5Afl4/Xtcd/p2h/rs37EOeZVXtL0m79YB0esW\nCruOC7XFxYpVq9Os6pFLKcwZpDIlTirxZUTQAs6qzkm06p98g7BAe+dDq6dso499\niYH6TKX/1Y7DzkvgtdizjkXPdsDtQCv9Uw+wp9U7DbGKogPeMa3Md+pvez7W35Ei\nEua++tgy/BBjFFFy3l3WFpO9KWgz7zpm7AeKJt8T11dleCfeXkkUAKIAf5qoIbap\nsZWwpbkNFhHax2xIPEDgfg1azVY80ZcFuctL7TlLnMQ/0lUTbiSw1nH69MG6zO0b\n9f6BQdgAmD06yK56mDcYBZUCAwEAAaOCATgwggE0MA4GA1UdDwEB/wQEAwIBhjAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTkrysmcRorSCeFL1JmLO/wiRNxPjAf\nBgNVHSMEGDAWgBRge2YaRQ2XyolQL30EzTSo//z9SzBgBggrBgEFBQcBAQRUMFIw\nJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnBraS5nb29nL2dzcjEwKQYIKwYBBQUH\nMAKGHWh0dHA6Ly9wa2kuZ29vZy9nc3IxL2dzcjEuY3J0MDIGA1UdHwQrMCkwJ6Al\noCOGIWh0dHA6Ly9jcmwucGtpLmdvb2cvZ3NyMS9nc3IxLmNybDA7BgNVHSAENDAy\nMAgGBmeBDAECATAIBgZngQwBAgIwDQYLKwYBBAHWeQIFAwIwDQYLKwYBBAHWeQIF\nAwMwDQYJKoZIhvcNAQELBQADggEBADSkHrEoo9C0dhemMXoh6dFSPsjbdBZBiLg9\nNR3t5P+T4Vxfq7vqfM/b5A3Ri1fyJm9bvhdGaJQ3b2t6yMAYN/olUazsaL+yyEn9\nWprKASOshIArAoyZl+tJaox118fessmXn1hIVw41oeQa1v1vg4Fv74zPl6/AhSrw\n9U5pCZEt4Wi4wStz6dTZ/CLANx8LZh1J7QJVj2fhMtfTJr9w4z30Z209fOU0iOMy\n+qduBmpvvYuR7hZL6Dupszfnw0Skfths18dG9ZKb59UhvmaSGZRVbNQpsg3BZlvi\nd0lIKO2d1xozclOzgjXPYovJJIultzkMu34qQb9Sz/yilrbCgj8=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "CHRUh+iRwZ4weMHyoH5FKVDvNvY=", + "fingerprint_sha256": "PuAnjfcfo8ElxM1IfwHXdGlOb8V+DNlMJO/XaRM5GOU=", + "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=BE", + "value": "BE" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=GlobalSign nv-sa", + "value": "GlobalSign nv-sa" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=Root CA", + "value": "Root CA" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GlobalSign Root CA", + "value": "GlobalSign Root CA" + } + ], + "rfc4514_string": "CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE" + }, + "not_valid_after": "2028-01-28T00:00:42", + "not_valid_before": "2020-06-19T00:00:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 + }, + "serial_number": 159159747900478145820483398898491642637, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "received_chain_contains_anchor_certificate": false, + "received_chain_has_valid_order": true, + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIOfTCCDWWgAwIBAgIQd+2aBfss7EsKAAAAASX9FTANBgkqhkiG9w0BAQsFADBG\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzETMBEGA1UEAxMKR1RTIENBIDFDMzAeFw0yMTExMjkwMjIxNDBaFw0yMjAyMjEw\nMjIxMzlaMBcxFTATBgNVBAMMDCouZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAK1kyHzdiamF+Vh9PQCWLDW0Vp2ANmwZqiacEv/eFnfR\n2UcU9aZ7Hpd8hxfUYTnXsOL5nNW/NO1go/7c3gOxHTysGFHL5ABwzX94qpXpBaGQ\nkGg5IW9s0PDeZWJIIcgxcNAmT6C3WZh8ZC++EksniGezcpPIx2jlj2//K/GVPrUH\n2H8AruFnkJo7S4ab4+noxyu3RGhqc9w8Spyrl9lO4ZKdwRJDf1+Ad/g+Z03KxuTl\nllN87aXdog05WbEIwroMJPXXr2b1BiTiTW0RUrweT2OU5jsMjt88obokCi4xpdR2\nCLKgKIOcXV2YCqptVHK1K48NpLtMefFBiwuLCzMzFEECAwEAAaOCC5QwgguQMA4G\nA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRkbVrunXMAhh6SIpqkw571PmHaxDAfBgNVHSMEGDAWgBSKdH+v\nhc3ulc09nNDiRhTzcTUdJzBqBggrBgEFBQcBAQReMFwwJwYIKwYBBQUHMAGGG2h0\ndHA6Ly9vY3NwLnBraS5nb29nL2d0czFjMzAxBggrBgEFBQcwAoYlaHR0cDovL3Br\naS5nb29nL3JlcG8vY2VydHMvZ3RzMWMzLmRlcjCCCUIGA1UdEQSCCTkwggk1ggwq\nLmdvb2dsZS5jb22CFiouYXBwZW5naW5lLmdvb2dsZS5jb22CCSouYmRuLmRldoIS\nKi5jbG91ZC5nb29nbGUuY29tghgqLmNyb3dkc291cmNlLmdvb2dsZS5jb22CGCou\nZGF0YWNvbXB1dGUuZ29vZ2xlLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNs\ngg4qLmdvb2dsZS5jby5pboIOKi5nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVr\ngg8qLmdvb2dsZS5jb20uYXKCDyouZ29vZ2xlLmNvbS5hdYIPKi5nb29nbGUuY29t\nLmJygg8qLmdvb2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIPKi5nb29nbGUu\nY29tLnRygg8qLmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5l\nc4ILKi5nb29nbGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29n\nbGUubmyCCyouZ29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMu\nY29tgg8qLmdvb2dsZWFwaXMuY26CESouZ29vZ2xldmlkZW8uY29tggwqLmdzdGF0\naWMuY26CECouZ3N0YXRpYy1jbi5jb22CD2dvb2dsZWNuYXBwcy5jboIRKi5nb29n\nbGVjbmFwcHMuY26CEWdvb2dsZWFwcHMtY24uY29tghMqLmdvb2dsZWFwcHMtY24u\nY29tggxna2VjbmFwcHMuY26CDiouZ2tlY25hcHBzLmNughJnb29nbGVkb3dubG9h\nZHMuY26CFCouZ29vZ2xlZG93bmxvYWRzLmNughByZWNhcHRjaGEubmV0LmNughIq\nLnJlY2FwdGNoYS5uZXQuY26CC3dpZGV2aW5lLmNugg0qLndpZGV2aW5lLmNughFh\nbXBwcm9qZWN0Lm9yZy5jboITKi5hbXBwcm9qZWN0Lm9yZy5jboIRYW1wcHJvamVj\ndC5uZXQuY26CEyouYW1wcHJvamVjdC5uZXQuY26CF2dvb2dsZS1hbmFseXRpY3Mt\nY24uY29tghkqLmdvb2dsZS1hbmFseXRpY3MtY24uY29tghdnb29nbGVhZHNlcnZp\nY2VzLWNuLmNvbYIZKi5nb29nbGVhZHNlcnZpY2VzLWNuLmNvbYIRZ29vZ2xldmFk\ncy1jbi5jb22CEyouZ29vZ2xldmFkcy1jbi5jb22CEWdvb2dsZWFwaXMtY24uY29t\nghMqLmdvb2dsZWFwaXMtY24uY29tghVnb29nbGVvcHRpbWl6ZS1jbi5jb22CFyou\nZ29vZ2xlb3B0aW1pemUtY24uY29tghJkb3VibGVjbGljay1jbi5uZXSCFCouZG91\nYmxlY2xpY2stY24ubmV0ghgqLmZscy5kb3VibGVjbGljay1jbi5uZXSCFiouZy5k\nb3VibGVjbGljay1jbi5uZXSCDmRvdWJsZWNsaWNrLmNughAqLmRvdWJsZWNsaWNr\nLmNughQqLmZscy5kb3VibGVjbGljay5jboISKi5nLmRvdWJsZWNsaWNrLmNughFk\nYXJ0c2VhcmNoLWNuLm5ldIITKi5kYXJ0c2VhcmNoLWNuLm5ldIIdZ29vZ2xldHJh\ndmVsYWRzZXJ2aWNlcy1jbi5jb22CHyouZ29vZ2xldHJhdmVsYWRzZXJ2aWNlcy1j\nbi5jb22CGGdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNvbYIaKi5nb29nbGV0YWdzZXJ2\naWNlcy1jbi5jb22CF2dvb2dsZXRhZ21hbmFnZXItY24uY29tghkqLmdvb2dsZXRh\nZ21hbmFnZXItY24uY29tghhnb29nbGVzeW5kaWNhdGlvbi1jbi5jb22CGiouZ29v\nZ2xlc3luZGljYXRpb24tY24uY29tgiQqLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNh\ndGlvbi1jbi5jb22CFmFwcC1tZWFzdXJlbWVudC1jbi5jb22CGCouYXBwLW1lYXN1\ncmVtZW50LWNuLmNvbYILZ3Z0MS1jbi5jb22CDSouZ3Z0MS1jbi5jb22CC2d2dDIt\nY24uY29tgg0qLmd2dDItY24uY29tggsybWRuLWNuLm5ldIINKi4ybWRuLWNuLm5l\ndIIUZ29vZ2xlZmxpZ2h0cy1jbi5uZXSCFiouZ29vZ2xlZmxpZ2h0cy1jbi5uZXSC\nDGFkbW9iLWNuLmNvbYIOKi5hZG1vYi1jbi5jb22CDSouZ3N0YXRpYy5jb22CFCou\nbWV0cmljLmdzdGF0aWMuY29tggoqLmd2dDEuY29tghEqLmdjcGNkbi5ndnQxLmNv\nbYIKKi5ndnQyLmNvbYIOKi5nY3AuZ3Z0Mi5jb22CECoudXJsLmdvb2dsZS5jb22C\nFioueW91dHViZS1ub2Nvb2tpZS5jb22CCyoueXRpbWcuY29tggthbmRyb2lkLmNv\nbYINKi5hbmRyb2lkLmNvbYITKi5mbGFzaC5hbmRyb2lkLmNvbYIEZy5jboIGKi5n\nLmNuggRnLmNvggYqLmcuY2+CBmdvby5nbIIKd3d3Lmdvby5nbIIUZ29vZ2xlLWFu\nYWx5dGljcy5jb22CFiouZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5jb22C\nEmdvb2dsZWNvbW1lcmNlLmNvbYIUKi5nb29nbGVjb21tZXJjZS5jb22CCGdncGh0\nLmNuggoqLmdncGh0LmNuggp1cmNoaW4uY29tggwqLnVyY2hpbi5jb22CCHlvdXR1\nLmJlggt5b3V0dWJlLmNvbYINKi55b3V0dWJlLmNvbYIUeW91dHViZWVkdWNhdGlv\nbi5jb22CFioueW91dHViZWVkdWNhdGlvbi5jb22CD3lvdXR1YmVraWRzLmNvbYIR\nKi55b3V0dWJla2lkcy5jb22CBXl0LmJlggcqLnl0LmJlghphbmRyb2lkLmNsaWVu\ndHMuZ29vZ2xlLmNvbYIbZGV2ZWxvcGVyLmFuZHJvaWQuZ29vZ2xlLmNughxkZXZl\nbG9wZXJzLmFuZHJvaWQuZ29vZ2xlLmNughhzb3VyY2UuYW5kcm9pZC5nb29nbGUu\nY24wIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxYzMvemRBVHQwRXhfRmsu\nY3JsMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAKXm+8J45OSHwVnOfY6V35b5X\nfZxgCvj5TV0mXCVdx4QAAAF9abZ3FwAABAMASDBGAiEAzaVx7NE+ZVGOQ8o4xW2e\ndtM5xk0oOOA0T4Bx9a7GR34CIQCF7CLZ0JTrK5WHwYx/rWQ+fnvp/XADSAbosa5q\nb/Bv/AB3AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfWm2dywA\nAAQDAEgwRgIhAPALzEmjaCwQG4GBR0cM5D8p3NlEqWPJmqCDrcptclYdAiEAq9JX\nqm37pB/R/OHPGC7AjpKKCCJ1qpvwNZogH85ruS4wDQYJKoZIhvcNAQELBQADggEB\nAIxs/oH+o0mVzI1lnZZbGZP6YjtOX4x7PVC5sTnUPXma/gdwzIefnrSU4QF+cKv6\n+JsFSzvQhcDFkqq/C3K2xj3dikINauIqEFJWcbHVqv43a0Gkhqhqa1RvuYGJTaNk\n3PCqn2qpGxuwzYCBdGzu33G48XiLKqvThFmjcHyfgB7WTbOgLcjQEAA9buzLNjpS\n8ePPP8avbl3AsiVQko4VD7Rdf4RTEoY7QbVGQovmljr3zcSZoTtkh6Jj5h36sTtk\nqN3j5ES7RyC6hnh0eWrvFGt//yTFil/mEU7DYYTRA9U+1nrSppbSlWM3HGVN8po5\nx4JAV8fxdrUjFsDDGX3pa8Q=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "5t51VWELQYVRHE/2eiSYya+8G5A=", + "fingerprint_sha256": "wFJnEP8g/2R25wwFr2NDSJ9YvsCu8OnJ+fkLCkobWTY=", + "hpkp_pin": "bhmwkLYwGyUDDhzos11UGJYAKGwR9wyxC/knLZzlkSs=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2022-02-21T02:21:39", + "not_valid_before": "2021-11-29T02:21:40", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 21888924785274671114212116798050489332058235941353934902816769603495162665725679579497244893212144953326782028588961935836208966504939320851802356955522834236195422537512627825798044971454314657647167856689142212031986940520202670028347541469889913737417086406535223731863751331155005571533908422639151265622861795192396361132263839721684170695529639757796817496945872409990350759925660522031382698065998695811983379259440878375311544679808296292938648598818902795405337007199137231174780159959136437972758527521905452372035990081824985079550831699188850043309540405746993861062800363226186126946878862482768494007361 + }, + "serial_number": 159411829818832564016018738286296431893, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.google.com", + "value": "*.google.com" + } + ], + "rfc4514_string": "CN=*.google.com" + }, + "subject_alternative_name": { + "dns": [ + "*.google.com", + "*.appengine.google.com", + "*.bdn.dev", + "*.cloud.google.com", + "*.crowdsource.google.com", + "*.datacompute.google.com", + "*.google.ca", + "*.google.cl", + "*.google.co.in", + "*.google.co.jp", + "*.google.co.uk", + "*.google.com.ar", + "*.google.com.au", + "*.google.com.br", + "*.google.com.co", + "*.google.com.mx", + "*.google.com.tr", + "*.google.com.vn", + "*.google.de", + "*.google.es", + "*.google.fr", + "*.google.hu", + "*.google.it", + "*.google.nl", + "*.google.pl", + "*.google.pt", + "*.googleadapis.com", + "*.googleapis.cn", + "*.googlevideo.com", + "*.gstatic.cn", + "*.gstatic-cn.com", + "googlecnapps.cn", + "*.googlecnapps.cn", + "googleapps-cn.com", + "*.googleapps-cn.com", + "gkecnapps.cn", + "*.gkecnapps.cn", + "googledownloads.cn", + "*.googledownloads.cn", + "recaptcha.net.cn", + "*.recaptcha.net.cn", + "widevine.cn", + "*.widevine.cn", + "ampproject.org.cn", + "*.ampproject.org.cn", + "ampproject.net.cn", + "*.ampproject.net.cn", + "google-analytics-cn.com", + "*.google-analytics-cn.com", + "googleadservices-cn.com", + "*.googleadservices-cn.com", + "googlevads-cn.com", + "*.googlevads-cn.com", + "googleapis-cn.com", + "*.googleapis-cn.com", + "googleoptimize-cn.com", + "*.googleoptimize-cn.com", + "doubleclick-cn.net", + "*.doubleclick-cn.net", + "*.fls.doubleclick-cn.net", + "*.g.doubleclick-cn.net", + "doubleclick.cn", + "*.doubleclick.cn", + "*.fls.doubleclick.cn", + "*.g.doubleclick.cn", + "dartsearch-cn.net", + "*.dartsearch-cn.net", + "googletraveladservices-cn.com", + "*.googletraveladservices-cn.com", + "googletagservices-cn.com", + "*.googletagservices-cn.com", + "googletagmanager-cn.com", + "*.googletagmanager-cn.com", + "googlesyndication-cn.com", + "*.googlesyndication-cn.com", + "*.safeframe.googlesyndication-cn.com", + "app-measurement-cn.com", + "*.app-measurement-cn.com", + "gvt1-cn.com", + "*.gvt1-cn.com", + "gvt2-cn.com", + "*.gvt2-cn.com", + "2mdn-cn.net", + "*.2mdn-cn.net", + "googleflights-cn.net", + "*.googleflights-cn.net", + "admob-cn.com", + "*.admob-cn.com", + "*.gstatic.com", + "*.metric.gstatic.com", + "*.gvt1.com", + "*.gcpcdn.gvt1.com", + "*.gvt2.com", + "*.gcp.gvt2.com", + "*.url.google.com", + "*.youtube-nocookie.com", + "*.ytimg.com", + "android.com", + "*.android.com", + "*.flash.android.com", + "g.cn", + "*.g.cn", + "g.co", + "*.g.co", + "goo.gl", + "www.goo.gl", + "google-analytics.com", + "*.google-analytics.com", + "google.com", + "googlecommerce.com", + "*.googlecommerce.com", + "ggpht.cn", + "*.ggpht.cn", + "urchin.com", + "*.urchin.com", + "youtu.be", + "youtube.com", + "*.youtube.com", + "youtubeeducation.com", + "*.youtubeeducation.com", + "youtubekids.com", + "*.youtubekids.com", + "yt.be", + "*.yt.be", + "android.clients.google.com", + "developer.android.google.cn", + "developers.android.google.cn", + "source.android.google.cn" + ] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\nMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\nY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\nkgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\nlOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\nBA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\ngOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\ntmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\nDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\nAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\nVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\nCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\nAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\nMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\nA1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\naS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\nAQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\ncSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\nRklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\nPxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\nlQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\nYye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\nz23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\nAJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\njuDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "Hn72R8uhUCgcYIlyVxAoeMS9jNw=", + "fingerprint_sha256": "I+ywPuwXM4xOM6a0ikHcPNoSKBu8P/gTwFidbMI4dSI=", + "hpkp_pin": "zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "not_valid_after": "2027-09-30T00:00:42", + "not_valid_before": "2020-08-13T00:00:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 30995880109565792614038176941751088135524247043439812371864857329016610849883633822596171414264552468644155172755150995257949777148653095459728927907138739241654491608822338075743427821191661764250287295656611948106201114365608000972321287659897229953717432102592181449518049182921200542765545762294376450108947856717771624793550566932679836968338277388866794860157562567649425969798767591459126611348174818678847093442686862232453257639143782367346020522909129605571170209081750012813144244287974245873723227894091145486902996955721055370213897895430991903926890488971365639790304291348558310704289342533622383610269 + }, + "serial_number": 159612451717983579589660725350, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS CA 1C3", + "value": "GTS CA 1C3" + } + ], + "rfc4514_string": "CN=GTS CA 1C3,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\nMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\nQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\nMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\ncnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\nf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\nmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\nzUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\nfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\nvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\nZor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\nzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\nRc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\nk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\nDVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\nlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\nHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\nCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\nd5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\nXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\ngyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\nd8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\nJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\nDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\nF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\nSQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\nE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "4clQ5u8i+ExWRXKLkiBg19Wno+g=", + "fingerprint_sha256": "KldUceMTQLwhWBy9LPE+FYRjID7OlLz508wZa/CaVHI=", + "hpkp_pin": "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" }, - "status": "COMPLETED" - }, - "tls_1_3_early_data": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "tls_compression": { - "error_reason": null, - "error_trace": null, - "result": { - "supports_compression": false + "not_valid_after": "2036-06-22T00:00:00", + "not_valid_before": "2016-06-22T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 742766292573789461138430713106656498577482106105452767343211753017973550878861638590047246174848574634573720584492944669558785810905825702100325794803983120697401526210439826606874730300903862093323398754125584892080731234772626570955922576399434033022944334623029747454371697865218999618129768679013891932765999545116374192173968985738129135224425889467654431372779943313524100225335793262665132039441111162352797240438393795570253671786791600672076401253164614309929080014895216439462173458352253266568535919120175826866378039177020829725517356783703110010084715777806343235841345264684364598708732655710904078855499605447884872767583987312177520332134164321746982952420498393591583416464199126272682424674947720461866762624768163777784559646117979893432692133818266724658906066075396922419161138847526583266030290937955148683298741803605463007526904924936746018546134099068479370078440023459839544052468222048449819089106832452146002755336956394669648596035188293917750838002531358091511944112847917218550963597247358780879029417872466325821996717925086546502702016501643824750668459565101211439428003662613442032518886622942136328590823063627643918273848803884791311375697313014431195473178892344923166262358299334827234064598421 }, - "status": "COMPLETED" + "serial_number": 146587175971765017618439757810265552097, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.12", + "name": "sha384WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 48, + "name": "sha384" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Google Trust Services LLC", + "value": "Google Trust Services LLC" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=GTS Root R1", + "value": "GTS Root R1" + } + ], + "rfc4514_string": "CN=GTS Root R1,O=Google Trust Services LLC,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "verified_chain_has_legacy_symantec_anchor": false, + "verified_chain_has_sha1_signature": false + } + ], + "hostname_used_for_server_name_indication": "google.com" + }, + "status": "COMPLETED" + }, + "elliptic_curves": { + "error_reason": null, + "error_trace": null, + "result": { + "rejected_curves": [ + { + "name": "X448", + "openssl_nid": 1035 + }, + { + "name": "prime192v1", + "openssl_nid": 409 + }, + { + "name": "secp160k1", + "openssl_nid": 708 + }, + { + "name": "secp160r1", + "openssl_nid": 709 + }, + { + "name": "secp160r2", + "openssl_nid": 710 + }, + { + "name": "secp192k1", + "openssl_nid": 711 + }, + { + "name": "secp224k1", + "openssl_nid": 712 + }, + { + "name": "secp224r1", + "openssl_nid": 713 + }, + { + "name": "secp256k1", + "openssl_nid": 714 + }, + { + "name": "secp384r1", + "openssl_nid": 715 + }, + { + "name": "secp521r1", + "openssl_nid": 716 + }, + { + "name": "sect163k1", + "openssl_nid": 721 + }, + { + "name": "sect163r1", + "openssl_nid": 722 + }, + { + "name": "sect163r2", + "openssl_nid": 723 + }, + { + "name": "sect193r1", + "openssl_nid": 724 + }, + { + "name": "sect193r2", + "openssl_nid": 725 + }, + { + "name": "sect233k1", + "openssl_nid": 726 + }, + { + "name": "sect233r1", + "openssl_nid": 727 + }, + { + "name": "sect239k1", + "openssl_nid": 728 + }, + { + "name": "sect283k1", + "openssl_nid": 729 + }, + { + "name": "sect283r1", + "openssl_nid": 730 + }, + { + "name": "sect409k1", + "openssl_nid": 731 + }, + { + "name": "sect409r1", + "openssl_nid": 732 + }, + { + "name": "sect571k1", + "openssl_nid": 733 + }, + { + "name": "sect571r1", + "openssl_nid": 734 + } + ], + "supported_curves": [ + { + "name": "X25519", + "openssl_nid": 1034 + }, + { + "name": "prime256v1", + "openssl_nid": 415 + } + ], + "supports_ecdh_key_exchange": true + }, + "status": "COMPLETED" + }, + "heartbleed": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_heartbleed": false + }, + "status": "COMPLETED" + }, + "http_headers": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "openssl_ccs_injection": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_ccs_injection": false + }, + "status": "COMPLETED" + }, + "robot": { + "error_reason": null, + "error_trace": null, + "result": { + "robot_result": "NOT_VULNERABLE_NO_ORACLE" + }, + "status": "COMPLETED" + }, + "session_renegotiation": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_client_renegotiation_dos": false, + "supports_secure_renegotiation": true + }, + "status": "COMPLETED" + }, + "session_resumption": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "ssl_2_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_RC4_128_WITH_MD5", + "openssl_name": "RC4-MD5" }, - "tls_fallback_scsv": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - } - }, - "scan_status": "COMPLETED", - "server_location": { - "connection_type": "DIRECT", - "hostname": "google.com", - "http_proxy_settings": null, - "ip_address": "142.250.181.238", - "port": 443 - }, - "uuid": "83c15e1f-a198-4670-903e-3d7dd3210199" + "error_message": "Server interrupted the TLS handshake" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "SSL_CK_RC4_128_EXPORT40_WITH_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "Server interrupted the TLS handshake" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_RC2_128_CBC_WITH_MD5", + "openssl_name": "RC2-CBC-MD5" + }, + "error_message": "Server interrupted the TLS handshake" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "Server interrupted the TLS handshake" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_IDEA_128_CBC_WITH_MD5", + "openssl_name": "IDEA-CBC-MD5" + }, + "error_message": "Server interrupted the TLS handshake" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "SSL_CK_DES_64_CBC_WITH_MD5", + "openssl_name": "DES-CBC-MD5" + }, + "error_message": "Server interrupted the TLS handshake" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "SSL_CK_DES_192_EDE3_CBC_WITH_MD5", + "openssl_name": "DES-CBC3-MD5" + }, + "error_message": "Server interrupted the TLS handshake" + } + ], + "tls_version_used": "SSL_2_0" + }, + "status": "COMPLETED" + }, + "ssl_3_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS error: wrong version number" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS error: wrong version number" + } + ], + "tls_version_used": "SSL_3_0" + }, + "status": "COMPLETED" + }, + "tls_1_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BLiPjeb1BEe7q2netSMbHnNQ4fS/aDS+XnUnhE+boa2EFqQJeirizSfkD7dYMJ1Q7vNU7X+49Pw6YNGZZb1hjRI=", + "size": 256, + "type_name": "ECDH", + "x": "uI+N5vUER7urad61Ixsec1Dh9L9oNL5edSeET5uhrYQ=", + "y": "FqQJeirizSfkD7dYMJ1Q7vNU7X+49Pw6YNGZZb1hjRI=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BMvQsJ6twgPYHWLcO+Mm9bJyzC9AYXhKIqL2QgL/OwKZ7wai0ql043INjn8QzJf9KenGKDQ9y5MX9Kzg2WbjoYA=", + "size": 256, + "type_name": "ECDH", + "x": "y9Cwnq3CA9gdYtw74yb1snLML0BheEoiovZCAv87Apk=", + "y": "7wai0ql043INjn8QzJf9KenGKDQ9y5MX9Kzg2WbjoYA=" + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_0" + }, + "status": "COMPLETED" + }, + "tls_1_1_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BOp0jEFB0z9uE6CalMowVr0qdLwt4GZLeez9stQ3o2XHKTd21NbGKwaqYuB1z0i625wT28vO3xRkCxNq+4Nmo0Q=", + "size": 256, + "type_name": "ECDH", + "x": "6nSMQUHTP24ToJqUyjBWvSp0vC3gZkt57P2y1DejZcc=", + "y": "KTd21NbGKwaqYuB1z0i625wT28vO3xRkCxNq+4Nmo0Q=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BEzMjBhYe8xWtm2YGMGuO5txPeOcc83sqyaU5T//IWdOZTpcu8awhuDmvgj0c9wZdxIqGVUXiE4XzwtjtQIJc50=", + "size": 256, + "type_name": "ECDH", + "x": "TMyMGFh7zFa2bZgYwa47m3E945xzzeyrJpTlP/8hZ04=", + "y": "ZTpcu8awhuDmvgj0c9wZdxIqGVUXiE4XzwtjtQIJc50=" + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_1" + }, + "status": "COMPLETED" + }, + "tls_1_2_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "AES256-GCM-SHA384" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "AES128-GCM-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "ECDHE-RSA-CHACHA20-POLY1305" + }, + "ephemeral_key": { + "curve_name": "X25519", + "generator": null, + "prime": null, + "public_bytes": "V2BQ/K9aJEXhTJ1yduc2gMiQCaIBB58SHR8eK1o6WFY=", + "size": 253, + "type_name": "ECDH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDHE-RSA-AES256-GCM-SHA384" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BNOBRDferroQWvBT9KDFkb8MQ8dEdjVpBJxouconh+UuCx1Va2bJ2rwktGpLIfy5ExtfmssTHXw3iWXy88pOMkA=", + "size": 256, + "type_name": "ECDH", + "x": "04FEN96uuhBa8FP0oMWRvwxDx0R2NWkEnGi5yieH5S4=", + "y": "Cx1Va2bJ2rwktGpLIfy5ExtfmssTHXw3iWXy88pOMkA=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BBA6G3DOEZg20aBFjZQ1gRLVl5hpc3fiZyNOEQM+lIjuGAHr1lL+Y4+jnNWaZQhTHSTko6dqlB380Du6PN2MHAw=", + "size": 256, + "type_name": "ECDH", + "x": "EDobcM4RmDbRoEWNlDWBEtWXmGlzd+JnI04RAz6UiO4=", + "y": "GAHr1lL+Y4+jnNWaZQhTHSTko6dqlB380Du6PN2MHAw=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDHE-RSA-AES128-GCM-SHA256" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BCD4eSNHhcC+3rJQCPgrD1nmkFZ/AnSzAqs0MwzwDav64Dd9dm5tWJQm8x9uy77e0e4PImQW0QEEh62oSTdaiMk=", + "size": 256, + "type_name": "ECDH", + "x": "IPh5I0eFwL7eslAI+CsPWeaQVn8CdLMCqzQzDPANq/o=", + "y": "4Dd9dm5tWJQm8x9uy77e0e4PImQW0QEEh62oSTdaiMk=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BKom4s43jhPyjtXSo/yjPZmgzVWmxtHijLUmnQ6noAgQ3feG/hPSd5+Xmf3Q8Fzv08WPdfQFM45hYsYAE2QX1fs=", + "size": 256, + "type_name": "ECDH", + "x": "qibizjeOE/KO1dKj/KM9maDNVabG0eKMtSadDqegCBA=", + "y": "3feG/hPSd5+Xmf3Q8Fzv08WPdfQFM45hYsYAE2QX1fs=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "ECDHE-ECDSA-CHACHA20-POLY1305" + }, + "ephemeral_key": { + "curve_name": "X25519", + "generator": null, + "prime": null, + "public_bytes": "habWXrR8ID+8jbm6bgeog7aWIRUS6ejCUElNVoC5ElM=", + "size": 253, + "type_name": "ECDH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA256", + "openssl_name": "NULL-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_256_CCM_8", + "openssl_name": "AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CCM", + "openssl_name": "AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CCM_8", + "openssl_name": "AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CCM", + "openssl_name": "AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDH-RSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDH-RSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDH-RSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDH-RSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDH-ECDSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDH-ECDSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDH-ECDSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDH-ECDSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", + "openssl_name": "ECDHE-RSA-CAMELLIA256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "ECDHE-RSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ECDHE-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ECDHE-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDHE-RSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDHE-RSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", + "openssl_name": "ECDHE-ECDSA-CAMELLIA256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "ECDHE-ECDSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ECDHE-ECDSA-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ECDHE-ECDSA-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDHE-ECDSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", + "openssl_name": "ECDHE-ECDSA-AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", + "openssl_name": "ECDHE-ECDSA-AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDHE-ECDSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDHE-ECDSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", + "openssl_name": "ECDHE-ECDSA-AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", + "openssl_name": "ECDHE-ECDSA-AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDHE-ECDSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_GCM_SHA384", + "openssl_name": "ADH-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA256", + "openssl_name": "ADH-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_GCM_SHA256", + "openssl_name": "ADH-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA256", + "openssl_name": "ADH-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "DH-RSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "DH-RSA-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "DH-RSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "DH-RSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", + "openssl_name": "DH-DSS-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", + "openssl_name": "DH-DSS-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", + "openssl_name": "DH-DSS-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", + "openssl_name": "DH-DSS-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "DHE-RSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "DHE-RSA-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "DHE-RSA-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "DHE-RSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CCM_8", + "openssl_name": "DHE-RSA-AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CCM", + "openssl_name": "DHE-RSA-AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "DHE-RSA-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "DHE-RSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CCM_8", + "openssl_name": "DHE-RSA-AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CCM", + "openssl_name": "DHE-RSA-AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "DHE-RSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "DHE-DSS-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "DHE-DSS-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", + "openssl_name": "DHE-DSS-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", + "openssl_name": "DHE-DSS-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", + "openssl_name": "DHE-DSS-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", + "openssl_name": "DHE-DSS-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DHE-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_2" + }, + "status": "COMPLETED" + }, + "tls_1_3_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_CHACHA20_POLY1305_SHA256", + "openssl_name": "TLS_CHACHA20_POLY1305_SHA256" + }, + "ephemeral_key": { + "curve_name": "X25519", + "generator": null, + "prime": null, + "public_bytes": "IibNefIeWakQYBwJVCKeGnlJDzGeXiPYhHG3xP50qiM=", + "size": 253, + "type_name": "ECDH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_AES_256_GCM_SHA384", + "openssl_name": "TLS_AES_256_GCM_SHA384" + }, + "ephemeral_key": { + "curve_name": "X25519", + "generator": null, + "prime": null, + "public_bytes": "Fxtiun40toNvzH09ceGUWiGYoCzhnn3L3vXmnk8GYmI=", + "size": 253, + "type_name": "ECDH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_GCM_SHA256", + "openssl_name": "TLS_AES_128_GCM_SHA256" + }, + "ephemeral_key": { + "curve_name": "X25519", + "generator": null, + "prime": null, + "public_bytes": "131nzOuxHWngA4/69FkSzZ+f55TKzYCTyG0MlR2JBQc=", + "size": 253, + "type_name": "ECDH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_CCM_SHA256", + "openssl_name": "TLS_AES_128_CCM_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_CCM_8_SHA256", + "openssl_name": "TLS_AES_128_CCM_8_SHA256" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_3" + }, + "status": "COMPLETED" + }, + "tls_1_3_early_data": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "tls_compression": { + "error_reason": null, + "error_trace": null, + "result": { + "supports_compression": false + }, + "status": "COMPLETED" + }, + "tls_fallback_scsv": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" } - ], - "sslyze_url": "https://github.com/nabla-c0d3/sslyze", - "sslyze_version": "5.0.0" -} \ No newline at end of file + }, + "scan_status": "COMPLETED", + "server_location": { + "connection_type": "DIRECT", + "hostname": "google.com", + "http_proxy_settings": null, + "ip_address": "142.250.181.238", + "port": 443 + }, + "uuid": "83c15e1f-a198-4670-903e-3d7dd3210199" + } + ], + "sslyze_url": "https://github.com/nabla-c0d3/sslyze", + "sslyze_version": "5.0.0" +} diff --git a/scanners/sslyze/parser/__testFiles__/mixed-connectivity-result.json b/scanners/sslyze/parser/__testFiles__/mixed-connectivity-result.json index 22db3eb4db..b72c415dec 100644 --- a/scanners/sslyze/parser/__testFiles__/mixed-connectivity-result.json +++ b/scanners/sslyze/parser/__testFiles__/mixed-connectivity-result.json @@ -1,212 +1,212 @@ { - "server_connectivity_errors": [], - "server_scan_results": [ - { - "scan_commands": [ - "tls_fallback_scsv", - "heartbleed", - "certificate_info", - "tls_1_1_cipher_suites", - "ssl_2_0_cipher_suites", - "tls_1_0_cipher_suites", - "tls_1_2_cipher_suites", - "session_resumption", - "session_renegotiation", - "tls_compression", - "ssl_3_0_cipher_suites", - "robot", - "openssl_ccs_injection", - "tls_1_3_cipher_suites" - ], - "scan_commands_errors": { - "certificate_info": { - "exception_trace": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.7/site-packages/sslyze/scanner.py\", line 224, in get_results\n server_info, server_and_scan_cmd_to_completed_futures[server_and_scan_cmd]\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/certificate_info/implementation.py\", line 100, in result_for_completed_scan_jobs\n received_chain_as_pem, ocsp_response, custom_ca_file = completed_job.result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 428, in result\n return self.__get_result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 384, in __get_result\n raise self._exception\n File \"/usr/local/lib/python3.7/concurrent/futures/thread.py\", line 57, in run\n result = self.fn(*self.args, **self.kwargs)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/certificate_info/_get_cert_chain.py\", line 26, in get_certificate_chain\n ssl_connection.connect()\n File \"/usr/local/lib/python3.7/site-packages/sslyze/connection_helpers/tls_connection.py\", line 292, in connect\n error_message=\"Connection to server timed out\",\nsslyze.errors.ConnectionToServerTimedOut\n", - "reason": "CONNECTIVITY_ISSUE" - }, - "openssl_ccs_injection": { - "exception_trace": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.7/site-packages/sslyze/scanner.py\", line 224, in get_results\n server_info, server_and_scan_cmd_to_completed_futures[server_and_scan_cmd]\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_ccs_injection_plugin.py\", line 78, in result_for_completed_scan_jobs\n return OpenSslCcsInjectionScanResult(is_vulnerable_to_ccs_injection=completed_scan_jobs[0].result())\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 428, in result\n return self.__get_result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 384, in __get_result\n raise self._exception\n File \"/usr/local/lib/python3.7/concurrent/futures/thread.py\", line 57, in run\n result = self.fn(*self.args, **self.kwargs)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_ccs_injection_plugin.py\", line 96, in _test_for_ccs_injection\n ssl_connection.connect()\n File \"/usr/local/lib/python3.7/site-packages/sslyze/connection_helpers/tls_connection.py\", line 292, in connect\n error_message=\"Connection to server timed out\",\nsslyze.errors.ConnectionToServerTimedOut\n", - "reason": "CONNECTIVITY_ISSUE" - }, - "session_renegotiation": { - "exception_trace": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.7/site-packages/sslyze/scanner.py\", line 224, in get_results\n server_info, server_and_scan_cmd_to_completed_futures[server_and_scan_cmd]\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/session_renegotiation_plugin.py\", line 100, in result_for_completed_scan_jobs\n result_enum, value = job.result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 428, in result\n return self.__get_result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 384, in __get_result\n raise self._exception\n File \"/usr/local/lib/python3.7/concurrent/futures/thread.py\", line 57, in run\n result = self.fn(*self.args, **self.kwargs)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/session_renegotiation_plugin.py\", line 122, in _test_secure_renegotiation\n ssl_connection.connect()\n File \"/usr/local/lib/python3.7/site-packages/sslyze/connection_helpers/tls_connection.py\", line 292, in connect\n error_message=\"Connection to server timed out\",\nsslyze.errors.ConnectionToServerTimedOut\n", - "reason": "CONNECTIVITY_ISSUE" - }, - "session_resumption": { - "exception_trace": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.7/site-packages/sslyze/scanner.py\", line 224, in get_results\n server_info, server_and_scan_cmd_to_completed_futures[server_and_scan_cmd]\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/session_resumption/implementation.py\", line 230, in result_for_completed_scan_jobs\n result_enum, value = job.result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 428, in result\n return self.__get_result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 384, in __get_result\n raise self._exception\n File \"/usr/local/lib/python3.7/concurrent/futures/thread.py\", line 57, in run\n result = self.fn(*self.args, **self.kwargs)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/session_resumption/_resumption_with_id.py\", line 56, in resume_with_session_id\n session1 = resume_tls_session(server_info, tls_version_to_use)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/session_resumption/_resumption_with_id.py\", line 35, in resume_tls_session\n ssl_connection.connect()\n File \"/usr/local/lib/python3.7/site-packages/sslyze/connection_helpers/tls_connection.py\", line 292, in connect\n error_message=\"Connection to server timed out\",\nsslyze.errors.ConnectionToServerTimedOut\n", - "reason": "CONNECTIVITY_ISSUE" - }, - "ssl_3_0_cipher_suites": { - "exception_trace": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.7/site-packages/sslyze/scanner.py\", line 224, in get_results\n server_info, server_and_scan_cmd_to_completed_futures[server_and_scan_cmd]\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_cipher_suites/implementation.py\", line 137, in result_for_completed_scan_jobs\n cipher_suite_result = completed_job.result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 428, in result\n return self.__get_result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 384, in __get_result\n raise self._exception\n File \"/usr/local/lib/python3.7/concurrent/futures/thread.py\", line 57, in run\n result = self.fn(*self.args, **self.kwargs)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_cipher_suites/_test_cipher_suite.py\", line 78, in connect_with_cipher_suite\n ssl_connection.connect()\n File \"/usr/local/lib/python3.7/site-packages/sslyze/connection_helpers/tls_connection.py\", line 292, in connect\n error_message=\"Connection to server timed out\",\nsslyze.errors.ConnectionToServerTimedOut\n", - "reason": "CONNECTIVITY_ISSUE" - }, - "tls_1_0_cipher_suites": { - "exception_trace": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.7/site-packages/sslyze/scanner.py\", line 224, in get_results\n server_info, server_and_scan_cmd_to_completed_futures[server_and_scan_cmd]\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_cipher_suites/implementation.py\", line 137, in result_for_completed_scan_jobs\n cipher_suite_result = completed_job.result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 428, in result\n return self.__get_result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 384, in __get_result\n raise self._exception\n File \"/usr/local/lib/python3.7/concurrent/futures/thread.py\", line 57, in run\n result = self.fn(*self.args, **self.kwargs)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_cipher_suites/_test_cipher_suite.py\", line 78, in connect_with_cipher_suite\n ssl_connection.connect()\n File \"/usr/local/lib/python3.7/site-packages/sslyze/connection_helpers/tls_connection.py\", line 292, in connect\n error_message=\"Connection to server timed out\",\nsslyze.errors.ConnectionToServerTimedOut\n", - "reason": "CONNECTIVITY_ISSUE" - }, - "tls_1_1_cipher_suites": { - "exception_trace": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.7/site-packages/sslyze/scanner.py\", line 224, in get_results\n server_info, server_and_scan_cmd_to_completed_futures[server_and_scan_cmd]\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_cipher_suites/implementation.py\", line 137, in result_for_completed_scan_jobs\n cipher_suite_result = completed_job.result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 428, in result\n return self.__get_result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 384, in __get_result\n raise self._exception\n File \"/usr/local/lib/python3.7/concurrent/futures/thread.py\", line 57, in run\n result = self.fn(*self.args, **self.kwargs)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_cipher_suites/_test_cipher_suite.py\", line 78, in connect_with_cipher_suite\n ssl_connection.connect()\n File \"/usr/local/lib/python3.7/site-packages/sslyze/connection_helpers/tls_connection.py\", line 292, in connect\n error_message=\"Connection to server timed out\",\nsslyze.errors.ConnectionToServerTimedOut\n", - "reason": "CONNECTIVITY_ISSUE" - }, - "tls_1_2_cipher_suites": { - "exception_trace": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.7/site-packages/sslyze/scanner.py\", line 224, in get_results\n server_info, server_and_scan_cmd_to_completed_futures[server_and_scan_cmd]\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_cipher_suites/implementation.py\", line 137, in result_for_completed_scan_jobs\n cipher_suite_result = completed_job.result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 428, in result\n return self.__get_result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 384, in __get_result\n raise self._exception\n File \"/usr/local/lib/python3.7/concurrent/futures/thread.py\", line 57, in run\n result = self.fn(*self.args, **self.kwargs)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_cipher_suites/_test_cipher_suite.py\", line 78, in connect_with_cipher_suite\n ssl_connection.connect()\n File \"/usr/local/lib/python3.7/site-packages/sslyze/connection_helpers/tls_connection.py\", line 292, in connect\n error_message=\"Connection to server timed out\",\nsslyze.errors.ConnectionToServerTimedOut\n", - "reason": "CONNECTIVITY_ISSUE" - }, - "tls_compression": { - "exception_trace": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.7/site-packages/sslyze/scanner.py\", line 224, in get_results\n server_info, server_and_scan_cmd_to_completed_futures[server_and_scan_cmd]\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/compression_plugin.py\", line 68, in result_for_completed_scan_jobs\n return CompressionScanResult(supports_compression=completed_scan_jobs[0].result())\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 428, in result\n return self.__get_result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 384, in __get_result\n raise self._exception\n File \"/usr/local/lib/python3.7/concurrent/futures/thread.py\", line 57, in run\n result = self.fn(*self.args, **self.kwargs)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/compression_plugin.py\", line 91, in _test_compression_support\n ssl_connection.connect()\n File \"/usr/local/lib/python3.7/site-packages/sslyze/connection_helpers/tls_connection.py\", line 292, in connect\n error_message=\"Connection to server timed out\",\nsslyze.errors.ConnectionToServerTimedOut\n", - "reason": "CONNECTIVITY_ISSUE" - } + "server_connectivity_errors": [], + "server_scan_results": [ + { + "scan_commands": [ + "tls_fallback_scsv", + "heartbleed", + "certificate_info", + "tls_1_1_cipher_suites", + "ssl_2_0_cipher_suites", + "tls_1_0_cipher_suites", + "tls_1_2_cipher_suites", + "session_resumption", + "session_renegotiation", + "tls_compression", + "ssl_3_0_cipher_suites", + "robot", + "openssl_ccs_injection", + "tls_1_3_cipher_suites" + ], + "scan_commands_errors": { + "certificate_info": { + "exception_trace": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.7/site-packages/sslyze/scanner.py\", line 224, in get_results\n server_info, server_and_scan_cmd_to_completed_futures[server_and_scan_cmd]\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/certificate_info/implementation.py\", line 100, in result_for_completed_scan_jobs\n received_chain_as_pem, ocsp_response, custom_ca_file = completed_job.result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 428, in result\n return self.__get_result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 384, in __get_result\n raise self._exception\n File \"/usr/local/lib/python3.7/concurrent/futures/thread.py\", line 57, in run\n result = self.fn(*self.args, **self.kwargs)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/certificate_info/_get_cert_chain.py\", line 26, in get_certificate_chain\n ssl_connection.connect()\n File \"/usr/local/lib/python3.7/site-packages/sslyze/connection_helpers/tls_connection.py\", line 292, in connect\n error_message=\"Connection to server timed out\",\nsslyze.errors.ConnectionToServerTimedOut\n", + "reason": "CONNECTIVITY_ISSUE" + }, + "openssl_ccs_injection": { + "exception_trace": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.7/site-packages/sslyze/scanner.py\", line 224, in get_results\n server_info, server_and_scan_cmd_to_completed_futures[server_and_scan_cmd]\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_ccs_injection_plugin.py\", line 78, in result_for_completed_scan_jobs\n return OpenSslCcsInjectionScanResult(is_vulnerable_to_ccs_injection=completed_scan_jobs[0].result())\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 428, in result\n return self.__get_result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 384, in __get_result\n raise self._exception\n File \"/usr/local/lib/python3.7/concurrent/futures/thread.py\", line 57, in run\n result = self.fn(*self.args, **self.kwargs)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_ccs_injection_plugin.py\", line 96, in _test_for_ccs_injection\n ssl_connection.connect()\n File \"/usr/local/lib/python3.7/site-packages/sslyze/connection_helpers/tls_connection.py\", line 292, in connect\n error_message=\"Connection to server timed out\",\nsslyze.errors.ConnectionToServerTimedOut\n", + "reason": "CONNECTIVITY_ISSUE" + }, + "session_renegotiation": { + "exception_trace": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.7/site-packages/sslyze/scanner.py\", line 224, in get_results\n server_info, server_and_scan_cmd_to_completed_futures[server_and_scan_cmd]\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/session_renegotiation_plugin.py\", line 100, in result_for_completed_scan_jobs\n result_enum, value = job.result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 428, in result\n return self.__get_result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 384, in __get_result\n raise self._exception\n File \"/usr/local/lib/python3.7/concurrent/futures/thread.py\", line 57, in run\n result = self.fn(*self.args, **self.kwargs)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/session_renegotiation_plugin.py\", line 122, in _test_secure_renegotiation\n ssl_connection.connect()\n File \"/usr/local/lib/python3.7/site-packages/sslyze/connection_helpers/tls_connection.py\", line 292, in connect\n error_message=\"Connection to server timed out\",\nsslyze.errors.ConnectionToServerTimedOut\n", + "reason": "CONNECTIVITY_ISSUE" + }, + "session_resumption": { + "exception_trace": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.7/site-packages/sslyze/scanner.py\", line 224, in get_results\n server_info, server_and_scan_cmd_to_completed_futures[server_and_scan_cmd]\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/session_resumption/implementation.py\", line 230, in result_for_completed_scan_jobs\n result_enum, value = job.result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 428, in result\n return self.__get_result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 384, in __get_result\n raise self._exception\n File \"/usr/local/lib/python3.7/concurrent/futures/thread.py\", line 57, in run\n result = self.fn(*self.args, **self.kwargs)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/session_resumption/_resumption_with_id.py\", line 56, in resume_with_session_id\n session1 = resume_tls_session(server_info, tls_version_to_use)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/session_resumption/_resumption_with_id.py\", line 35, in resume_tls_session\n ssl_connection.connect()\n File \"/usr/local/lib/python3.7/site-packages/sslyze/connection_helpers/tls_connection.py\", line 292, in connect\n error_message=\"Connection to server timed out\",\nsslyze.errors.ConnectionToServerTimedOut\n", + "reason": "CONNECTIVITY_ISSUE" + }, + "ssl_3_0_cipher_suites": { + "exception_trace": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.7/site-packages/sslyze/scanner.py\", line 224, in get_results\n server_info, server_and_scan_cmd_to_completed_futures[server_and_scan_cmd]\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_cipher_suites/implementation.py\", line 137, in result_for_completed_scan_jobs\n cipher_suite_result = completed_job.result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 428, in result\n return self.__get_result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 384, in __get_result\n raise self._exception\n File \"/usr/local/lib/python3.7/concurrent/futures/thread.py\", line 57, in run\n result = self.fn(*self.args, **self.kwargs)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_cipher_suites/_test_cipher_suite.py\", line 78, in connect_with_cipher_suite\n ssl_connection.connect()\n File \"/usr/local/lib/python3.7/site-packages/sslyze/connection_helpers/tls_connection.py\", line 292, in connect\n error_message=\"Connection to server timed out\",\nsslyze.errors.ConnectionToServerTimedOut\n", + "reason": "CONNECTIVITY_ISSUE" + }, + "tls_1_0_cipher_suites": { + "exception_trace": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.7/site-packages/sslyze/scanner.py\", line 224, in get_results\n server_info, server_and_scan_cmd_to_completed_futures[server_and_scan_cmd]\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_cipher_suites/implementation.py\", line 137, in result_for_completed_scan_jobs\n cipher_suite_result = completed_job.result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 428, in result\n return self.__get_result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 384, in __get_result\n raise self._exception\n File \"/usr/local/lib/python3.7/concurrent/futures/thread.py\", line 57, in run\n result = self.fn(*self.args, **self.kwargs)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_cipher_suites/_test_cipher_suite.py\", line 78, in connect_with_cipher_suite\n ssl_connection.connect()\n File \"/usr/local/lib/python3.7/site-packages/sslyze/connection_helpers/tls_connection.py\", line 292, in connect\n error_message=\"Connection to server timed out\",\nsslyze.errors.ConnectionToServerTimedOut\n", + "reason": "CONNECTIVITY_ISSUE" + }, + "tls_1_1_cipher_suites": { + "exception_trace": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.7/site-packages/sslyze/scanner.py\", line 224, in get_results\n server_info, server_and_scan_cmd_to_completed_futures[server_and_scan_cmd]\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_cipher_suites/implementation.py\", line 137, in result_for_completed_scan_jobs\n cipher_suite_result = completed_job.result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 428, in result\n return self.__get_result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 384, in __get_result\n raise self._exception\n File \"/usr/local/lib/python3.7/concurrent/futures/thread.py\", line 57, in run\n result = self.fn(*self.args, **self.kwargs)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_cipher_suites/_test_cipher_suite.py\", line 78, in connect_with_cipher_suite\n ssl_connection.connect()\n File \"/usr/local/lib/python3.7/site-packages/sslyze/connection_helpers/tls_connection.py\", line 292, in connect\n error_message=\"Connection to server timed out\",\nsslyze.errors.ConnectionToServerTimedOut\n", + "reason": "CONNECTIVITY_ISSUE" + }, + "tls_1_2_cipher_suites": { + "exception_trace": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.7/site-packages/sslyze/scanner.py\", line 224, in get_results\n server_info, server_and_scan_cmd_to_completed_futures[server_and_scan_cmd]\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_cipher_suites/implementation.py\", line 137, in result_for_completed_scan_jobs\n cipher_suite_result = completed_job.result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 428, in result\n return self.__get_result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 384, in __get_result\n raise self._exception\n File \"/usr/local/lib/python3.7/concurrent/futures/thread.py\", line 57, in run\n result = self.fn(*self.args, **self.kwargs)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/openssl_cipher_suites/_test_cipher_suite.py\", line 78, in connect_with_cipher_suite\n ssl_connection.connect()\n File \"/usr/local/lib/python3.7/site-packages/sslyze/connection_helpers/tls_connection.py\", line 292, in connect\n error_message=\"Connection to server timed out\",\nsslyze.errors.ConnectionToServerTimedOut\n", + "reason": "CONNECTIVITY_ISSUE" + }, + "tls_compression": { + "exception_trace": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.7/site-packages/sslyze/scanner.py\", line 224, in get_results\n server_info, server_and_scan_cmd_to_completed_futures[server_and_scan_cmd]\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/compression_plugin.py\", line 68, in result_for_completed_scan_jobs\n return CompressionScanResult(supports_compression=completed_scan_jobs[0].result())\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 428, in result\n return self.__get_result()\n File \"/usr/local/lib/python3.7/concurrent/futures/_base.py\", line 384, in __get_result\n raise self._exception\n File \"/usr/local/lib/python3.7/concurrent/futures/thread.py\", line 57, in run\n result = self.fn(*self.args, **self.kwargs)\n File \"/usr/local/lib/python3.7/site-packages/sslyze/plugins/compression_plugin.py\", line 91, in _test_compression_support\n ssl_connection.connect()\n File \"/usr/local/lib/python3.7/site-packages/sslyze/connection_helpers/tls_connection.py\", line 292, in connect\n error_message=\"Connection to server timed out\",\nsslyze.errors.ConnectionToServerTimedOut\n", + "reason": "CONNECTIVITY_ISSUE" + } + }, + "scan_commands_extra_arguments": {}, + "scan_commands_results": { + "heartbleed": { "is_vulnerable_to_heartbleed": false }, + "robot": { "robot_result": "NOT_VULNERABLE_NO_ORACLE" }, + "ssl_2_0_cipher_suites": { + "accepted_cipher_suites": [], + "cipher_suite_preferred_by_server": null, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_RC4_128_WITH_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "Server closed the connection: unexpected EOF" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "SSL_CK_RC4_128_EXPORT40_WITH_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "Server closed the connection: unexpected EOF" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_RC2_128_CBC_WITH_MD5", + "openssl_name": "RC2-CBC-MD5" + }, + "error_message": "Server closed the connection: unexpected EOF" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "Server closed the connection: unexpected EOF" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_IDEA_128_CBC_WITH_MD5", + "openssl_name": "IDEA-CBC-MD5" + }, + "error_message": "Server closed the connection: unexpected EOF" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "SSL_CK_DES_64_CBC_WITH_MD5", + "openssl_name": "DES-CBC-MD5" + }, + "error_message": "Server closed the connection: unexpected EOF" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "SSL_CK_DES_192_EDE3_CBC_WITH_MD5", + "openssl_name": "DES-CBC3-MD5" + }, + "error_message": "Server closed the connection: unexpected EOF" + } + ], + "tls_version_used": "SSL_2_0" + }, + "tls_1_3_cipher_suites": { + "accepted_cipher_suites": [], + "cipher_suite_preferred_by_server": null, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_CHACHA20_POLY1305_SHA256", + "openssl_name": "TLS_CHACHA20_POLY1305_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_AES_256_GCM_SHA384", + "openssl_name": "TLS_AES_256_GCM_SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_GCM_SHA256", + "openssl_name": "TLS_AES_128_GCM_SHA256" + }, + "error_message": "TLS alert: handshake failure" }, - "scan_commands_extra_arguments": {}, - "scan_commands_results": { - "heartbleed": { "is_vulnerable_to_heartbleed": false }, - "robot": { "robot_result": "NOT_VULNERABLE_NO_ORACLE" }, - "ssl_2_0_cipher_suites": { - "accepted_cipher_suites": [], - "cipher_suite_preferred_by_server": null, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_RC4_128_WITH_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "Server closed the connection: unexpected EOF" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "SSL_CK_RC4_128_EXPORT40_WITH_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "Server closed the connection: unexpected EOF" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_RC2_128_CBC_WITH_MD5", - "openssl_name": "RC2-CBC-MD5" - }, - "error_message": "Server closed the connection: unexpected EOF" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "Server closed the connection: unexpected EOF" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_IDEA_128_CBC_WITH_MD5", - "openssl_name": "IDEA-CBC-MD5" - }, - "error_message": "Server closed the connection: unexpected EOF" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "SSL_CK_DES_64_CBC_WITH_MD5", - "openssl_name": "DES-CBC-MD5" - }, - "error_message": "Server closed the connection: unexpected EOF" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "SSL_CK_DES_192_EDE3_CBC_WITH_MD5", - "openssl_name": "DES-CBC3-MD5" - }, - "error_message": "Server closed the connection: unexpected EOF" - } - ], - "tls_version_used": "SSL_2_0" - }, - "tls_1_3_cipher_suites": { - "accepted_cipher_suites": [], - "cipher_suite_preferred_by_server": null, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_CHACHA20_POLY1305_SHA256", - "openssl_name": "TLS_CHACHA20_POLY1305_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_AES_256_GCM_SHA384", - "openssl_name": "TLS_AES_256_GCM_SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_GCM_SHA256", - "openssl_name": "TLS_AES_128_GCM_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_CCM_SHA256", - "openssl_name": "TLS_AES_128_CCM_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_CCM_8_SHA256", - "openssl_name": "TLS_AES_128_CCM_8_SHA256" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_3" - }, - "tls_fallback_scsv": { "supports_fallback_scsv": true } + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_CCM_SHA256", + "openssl_name": "TLS_AES_128_CCM_SHA256" + }, + "error_message": "TLS alert: handshake failure" }, - "server_info": { - "network_configuration": { - "network_max_retries": 3, - "network_timeout": 5, - "tls_client_auth_credentials": null, - "tls_opportunistic_encryption": null, - "tls_server_name_indication": "192.168.0.48", - "xmpp_to_hostname": null - }, - "server_location": { - "hostname": "192.168.0.48", - "ip_address": "192.168.0.48", - "port": 443 - }, - "tls_probing_result": { - "cipher_suite_supported": "DHE-RSA-AES256-GCM-SHA384", - "client_auth_requirement": "DISABLED", - "highest_tls_version_supported": "TLS_1_2" - } + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_CCM_8_SHA256", + "openssl_name": "TLS_AES_128_CCM_8_SHA256" + }, + "error_message": "TLS alert: handshake failure" } + ], + "tls_version_used": "TLS_1_3" + }, + "tls_fallback_scsv": { "supports_fallback_scsv": true } + }, + "server_info": { + "network_configuration": { + "network_max_retries": 3, + "network_timeout": 5, + "tls_client_auth_credentials": null, + "tls_opportunistic_encryption": null, + "tls_server_name_indication": "192.168.0.48", + "xmpp_to_hostname": null + }, + "server_location": { + "hostname": "192.168.0.48", + "ip_address": "192.168.0.48", + "port": 443 + }, + "tls_probing_result": { + "cipher_suite_supported": "DHE-RSA-AES256-GCM-SHA384", + "client_auth_requirement": "DISABLED", + "highest_tls_version_supported": "TLS_1_2" } - ], - "sslyze_url": "https://github.com/nabla-c0d3/sslyze", - "sslyze_version": "3.0.0", - "total_scan_time": 89.70373797416687 + } + } + ], + "sslyze_url": "https://github.com/nabla-c0d3/sslyze", + "sslyze_version": "3.0.0", + "total_scan_time": 89.70373797416687 } diff --git a/scanners/sslyze/parser/__testFiles__/revoked.badssl.com.json b/scanners/sslyze/parser/__testFiles__/revoked.badssl.com.json index 2e47d5e631..7bc6f7675e 100644 --- a/scanners/sslyze/parser/__testFiles__/revoked.badssl.com.json +++ b/scanners/sslyze/parser/__testFiles__/revoked.badssl.com.json @@ -1,6293 +1,6279 @@ { - "date_scans_completed": "2021-12-22T12:56:13.259283", - "date_scans_started": "2021-12-22T12:55:23.830874", - "server_scan_results": [ - { - "connectivity_error_trace": null, - "connectivity_result": { - "cipher_suite_supported": "ECDHE-RSA-AES128-GCM-SHA256", - "client_auth_requirement": "DISABLED", - "highest_tls_version_supported": "TLS_1_2", - "supports_ecdh_key_exchange": true - }, - "connectivity_status": "COMPLETED", - "network_configuration": { - "network_max_retries": 3, - "network_timeout": 5, - "tls_client_auth_credentials": null, - "tls_opportunistic_encryption": null, - "tls_server_name_indication": "revoked.badssl.com", - "xmpp_to_hostname": null - }, - "scan_result": { - "certificate_info": { - "error_reason": null, - "error_trace": null, - "result": { - "certificate_deployments": [ - { - "leaf_certificate_has_must_staple_extension": false, - "leaf_certificate_is_ev": false, - "leaf_certificate_signed_certificate_timestamps_count": 3, - "leaf_certificate_subject_matches_hostname": true, - "ocsp_response": null, - "ocsp_response_is_trusted": null, - "path_validation_results": [ - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Android", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/google_aosp.pem", - "version": "12.0.0_r3" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGhjCCBW6gAwIBAgIQDS5nopiFO5pUUuOihaRXLzANBgkqhkiG9w0BAQsFADBZ\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypS\nYXBpZFNTTCBUTFMgRFYgUlNBIE1peGVkIFNIQTI1NiAyMDIwIENBLTEwHhcNMjEx\nMDI3MDAwMDAwWhcNMjIxMDI3MjM1OTU5WjAdMRswGQYDVQQDExJyZXZva2VkLmJh\nZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwdi1VZtxy\niqCehZI4f1vhk42tBsit6Ym07x53WzNFFmB9MzhoBNfJg0KD2TBLVEkUyu2+DHa6\nX6ZcM3g/OfJJqIgy7lMhFNOqXFg8Ocz3gLEnH1R5e2yL/0GqOSSVX3G8Sb85O6XV\n4aXeHUCBJdyKR4L+zXxLLAS70ydWUaBh8tLLVQglKoXbLAaNDWHCWz6bRtxY/xMn\nvgpEHmj+4fa33p+ObMS1GfrX009VqGF522Evapws8cSBu57SAgW6nBSg+fNUeX1p\n2bpmHIeVQVAO+V7ht731MSTFISEDis9teFje2TB9A0JS1rAbuclUG1royFPwrCuC\nECemqXAlrvinAgMBAAGjggOEMIIDgDAfBgNVHSMEGDAWgBSkjeW+fHnkcCNtLik0\nrSNY3PUxfzAdBgNVHQ4EFgQUsMjOILJ4zB0j7/D+1g4pS6wVcjwwHQYDVR0RBBYw\nFIIScmV2b2tlZC5iYWRzc2wuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU\nBggrBgEFBQcDAQYIKwYBBQUHAwIwgZsGA1UdHwSBkzCBkDBGoESgQoZAaHR0cDov\nL2NybDMuZGlnaWNlcnQuY29tL1JhcGlkU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIw\nMjBDQS0xLmNybDBGoESgQoZAaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1JhcGlk\nU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIwMjBDQS0xLmNybDA+BgNVHSAENzA1MDMG\nBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D\nUFMwgYUGCCsGAQUFBwEBBHkwdzAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln\naWNlcnQuY29tME8GCCsGAQUFBzAChkNodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5j\nb20vUmFwaWRTU0xUTFNEVlJTQU1peGVkU0hBMjU2MjAyMENBLTEuY3J0MAkGA1Ud\nEwQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2ACl5vvCeOTkh8FZzn2Ol\nd+W+V32cYAr4+U1dJlwlXceEAAABfMOk9zcAAAQDAEcwRQIgd7B5GPPeNHD68hvC\nMjnIyJWwyHqPYiNY3a35G76Ele0CIQDdJWhHo4RflbHq57wKCZL5WlZyMewH1saX\nTUx7kHVkrgB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfMOk\n92QAAAQDAEcwRQIgTCL/ZTlrfnsVIXlEwuu4TCrJpceszl9qXei3JMV27BkCIQCU\nXgLuFGCAlrwOORYBqDefFbm5ug+iDFoXkKXhMzZF8gB1AEHIyrHfIkZKEMahOglC\nh15OMYsbA+vrS8do8JBilgb2AAABfMOk9t8AAAQDAEYwRAIgaIpfULd22n40MqV3\nAqb6p4e720FcgEAsBeUJ3T/MbZ8CIHsdZEhhGXW2N9E8Hjh4hnryeRQIQujdD/84\nOjw22b/ZMA0GCSqGSIb3DQEBCwUAA4IBAQDVjL2+5NyUpLfzSa/EmSbaJ2ja6LjB\nusYwthaqUP70dwfrmfLa3XcdGYL3JCo7oGPg2wm+EH/FH4G6r55JzjIwSRePdMbW\nzWrYO0d78OAMu8COOh2jf5Ksfo3cpLUwKlcTI6fuJcY37UiyStAB/IXlweLg3Ixh\ndKqvaCgmRZSjsUzJXMeSomxKgG/dSPpPBLJKcxfy+R6OXOkj7FP/PseKthiJvHdF\nZ0uac3VrV8jAasuEHfTt73AWd47zGo67lfPr+FrkqbHfHTarCt2Rry1xPKuXGAPc\nXBqpsdu2SEDHGaeBFAsNzjhv2s/OD2QTKPNNZxss0RZUGW+qCFSjTWdk\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "XJ2IQM3u0vmEwi8+TTi8/MxApkw=", - "fingerprint_sha256": "Kav2FLKHDtcN8RIl6a4gaOMHTrmEWuJSwgZOMc6f6KE=", - "hpkp_pin": "pqyh7JgJzFtIIf+dKcXr5lGWC5Gx8ZzIm1Xvh4GKlQk=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", - "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" - } - ], - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-10-27T23:59:59", - "not_valid_before": "2021-10-27T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 22276216966283030678055450622429095259655482490801253859521388339587092043916960592293828501663092481444939036256933327788743707040341446186460580053972979131138573354545656566555913653054072564319924976938875745449848947009029792492804775145074960290227009479767679347927002336194892590128735938801262210422876350625989065935462395638218473700563621332998057220860942397070674003249654537033377227233962202262589488761550454921292328524235889492104187696547138887099864380496004638641698264065011383194643805299801245131763147533900478336257180018486034010809849631779268436440252990514941880172279259846725814122663 - }, - "serial_number": 17520911571050801944888693256974784303, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=revoked.badssl.com", - "value": "revoked.badssl.com" - } - ], - "rfc4514_string": "CN=revoked.badssl.com" - }, - "subject_alternative_name": { - "dns": [ - "revoked.badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFUTCCBDmgAwIBAgIQB5g2A63jmQghnKAMJ7yKbDANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0yMDA3MTYxMjI1MjdaFw0yMzA1MzEyMzU5NTlaMFkxCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxMzAxBgNVBAMTKlJhcGlkU1NMIFRMUyBE\nViBSU0EgTWl4ZWQgU0hBMjU2IDIwMjAgQ0EtMTCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBANpuQ1VVmXvZlaJmxGVYotAMFzoApohbJAeNpzN+49LbgkrM\nLv2tblII8H43vN7UFumxV7lJdPwLP22qa0sV9cwCr6QZoGEobda+4pufG0aSfHQC\nQhulaqKpPcYYOPjTwgqJA84AFYj8l/IeQ8n01VyCurMIHA478ts2G6GGtEx0ucnE\nfV2QHUL64EC2yh7ybboo5v8nFWV4lx/xcfxoxkFTVnAIRgHrH2vUdOiV9slOix3z\n5KPs2rK2bbach8Sh5GSkgp2HRoS/my0tCq1vjyLJeP0aNwPd3rk5O8LiffLev9j+\nUKZo0tt0VvTLkdGmSN4h1mVY6DnGfOwp1C5SK0MCAwEAAaOCAgswggIHMB0GA1Ud\nDgQWBBSkjeW+fHnkcCNtLik0rSNY3PUxfzAfBgNVHSMEGDAWgBQD3lA1VtFMu2bw\no+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQG\nCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wewYDVR0fBHQwcjA3\noDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9v\ndENBLmNybDA3oDWgM4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0\nR2xvYmFsUm9vdENBLmNybDCBzgYDVR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsG\nAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcC\nAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNj\nZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBh\ndCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUA\nA4IBAQAi49xtSOuOygBycy50quCThG45xIdUAsQCaXFVRa9asPaB/jLINXJL3qV9\nJ0Gh2bZM0k4yOMeAMZ57smP6JkcJihhOFlfQa18aljd+xNc6b+GX6oFcCHGr+gsE\nyPM8qvlKGxc5T5eHVzV6jpjpyzl6VEKpaxH6gdGVpQVgjkOR9yY9XAUlFnzlOCpq\nsm7r2ZUKpDfrhUnVzX2nSM15XSj48rVBBAnGJWkLPijlACd3sWFMVUiKRz1C5PZy\nel2l7J/W4d99KFLSYgoy5GDmARpwLc//fXfkr40nMY8ibCmxCsjXQTe0fJbtrrLL\nyWQlk9VDV296EI/kQOJNLVEkJ54P\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "m9CKWIdvbISdtruZqLGUiSZHhg4=", - "fingerprint_sha256": "5vpISoWJQNEBl4VVRUqkZlMatsSrxK0rAAYmqqwNBPk=", - "hpkp_pin": "48hXNwn3laJAzsrIBprOcewUb097BGNL7e+MVM7Rcis=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-05-31T23:59:59", - "not_valid_before": "2020-07-16T12:25:27", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27574323204680624563828232751587726221614248135444919305107192432358158712885634902023526263476568000548956635892871232119825117569958181507625421723755440661659655382171341195513888591832987804080918992434260104963355485317095112178389837324188942874283181495696976630686075061284801124642200510841127304555323615001583090401892633316318617318068397987391334692735182696642811398335455679721283673797613937064201001202434279028751316590484836668909354002102995942171354622174974635705425910250149774710777862545946917761383109590429482046753677126173529497505985521767736455487435900636821013875344068916182447696707 - }, - "serial_number": 10094920634610845175072226827329899116, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", - "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" - } - ], - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", - "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", - "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2031-11-10T00:00:00", - "not_valid_before": "2006-11-10T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 - }, - "serial_number": 10944719598952040374951832963794454346, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Apple", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/apple.pem", - "version": "iOS 15, iPadOS 15, macOS 12, tvOS 15, and watchOS 8" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGhjCCBW6gAwIBAgIQDS5nopiFO5pUUuOihaRXLzANBgkqhkiG9w0BAQsFADBZ\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypS\nYXBpZFNTTCBUTFMgRFYgUlNBIE1peGVkIFNIQTI1NiAyMDIwIENBLTEwHhcNMjEx\nMDI3MDAwMDAwWhcNMjIxMDI3MjM1OTU5WjAdMRswGQYDVQQDExJyZXZva2VkLmJh\nZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwdi1VZtxy\niqCehZI4f1vhk42tBsit6Ym07x53WzNFFmB9MzhoBNfJg0KD2TBLVEkUyu2+DHa6\nX6ZcM3g/OfJJqIgy7lMhFNOqXFg8Ocz3gLEnH1R5e2yL/0GqOSSVX3G8Sb85O6XV\n4aXeHUCBJdyKR4L+zXxLLAS70ydWUaBh8tLLVQglKoXbLAaNDWHCWz6bRtxY/xMn\nvgpEHmj+4fa33p+ObMS1GfrX009VqGF522Evapws8cSBu57SAgW6nBSg+fNUeX1p\n2bpmHIeVQVAO+V7ht731MSTFISEDis9teFje2TB9A0JS1rAbuclUG1royFPwrCuC\nECemqXAlrvinAgMBAAGjggOEMIIDgDAfBgNVHSMEGDAWgBSkjeW+fHnkcCNtLik0\nrSNY3PUxfzAdBgNVHQ4EFgQUsMjOILJ4zB0j7/D+1g4pS6wVcjwwHQYDVR0RBBYw\nFIIScmV2b2tlZC5iYWRzc2wuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU\nBggrBgEFBQcDAQYIKwYBBQUHAwIwgZsGA1UdHwSBkzCBkDBGoESgQoZAaHR0cDov\nL2NybDMuZGlnaWNlcnQuY29tL1JhcGlkU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIw\nMjBDQS0xLmNybDBGoESgQoZAaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1JhcGlk\nU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIwMjBDQS0xLmNybDA+BgNVHSAENzA1MDMG\nBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D\nUFMwgYUGCCsGAQUFBwEBBHkwdzAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln\naWNlcnQuY29tME8GCCsGAQUFBzAChkNodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5j\nb20vUmFwaWRTU0xUTFNEVlJTQU1peGVkU0hBMjU2MjAyMENBLTEuY3J0MAkGA1Ud\nEwQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2ACl5vvCeOTkh8FZzn2Ol\nd+W+V32cYAr4+U1dJlwlXceEAAABfMOk9zcAAAQDAEcwRQIgd7B5GPPeNHD68hvC\nMjnIyJWwyHqPYiNY3a35G76Ele0CIQDdJWhHo4RflbHq57wKCZL5WlZyMewH1saX\nTUx7kHVkrgB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfMOk\n92QAAAQDAEcwRQIgTCL/ZTlrfnsVIXlEwuu4TCrJpceszl9qXei3JMV27BkCIQCU\nXgLuFGCAlrwOORYBqDefFbm5ug+iDFoXkKXhMzZF8gB1AEHIyrHfIkZKEMahOglC\nh15OMYsbA+vrS8do8JBilgb2AAABfMOk9t8AAAQDAEYwRAIgaIpfULd22n40MqV3\nAqb6p4e720FcgEAsBeUJ3T/MbZ8CIHsdZEhhGXW2N9E8Hjh4hnryeRQIQujdD/84\nOjw22b/ZMA0GCSqGSIb3DQEBCwUAA4IBAQDVjL2+5NyUpLfzSa/EmSbaJ2ja6LjB\nusYwthaqUP70dwfrmfLa3XcdGYL3JCo7oGPg2wm+EH/FH4G6r55JzjIwSRePdMbW\nzWrYO0d78OAMu8COOh2jf5Ksfo3cpLUwKlcTI6fuJcY37UiyStAB/IXlweLg3Ixh\ndKqvaCgmRZSjsUzJXMeSomxKgG/dSPpPBLJKcxfy+R6OXOkj7FP/PseKthiJvHdF\nZ0uac3VrV8jAasuEHfTt73AWd47zGo67lfPr+FrkqbHfHTarCt2Rry1xPKuXGAPc\nXBqpsdu2SEDHGaeBFAsNzjhv2s/OD2QTKPNNZxss0RZUGW+qCFSjTWdk\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "XJ2IQM3u0vmEwi8+TTi8/MxApkw=", - "fingerprint_sha256": "Kav2FLKHDtcN8RIl6a4gaOMHTrmEWuJSwgZOMc6f6KE=", - "hpkp_pin": "pqyh7JgJzFtIIf+dKcXr5lGWC5Gx8ZzIm1Xvh4GKlQk=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", - "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" - } - ], - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-10-27T23:59:59", - "not_valid_before": "2021-10-27T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 22276216966283030678055450622429095259655482490801253859521388339587092043916960592293828501663092481444939036256933327788743707040341446186460580053972979131138573354545656566555913653054072564319924976938875745449848947009029792492804775145074960290227009479767679347927002336194892590128735938801262210422876350625989065935462395638218473700563621332998057220860942397070674003249654537033377227233962202262589488761550454921292328524235889492104187696547138887099864380496004638641698264065011383194643805299801245131763147533900478336257180018486034010809849631779268436440252990514941880172279259846725814122663 - }, - "serial_number": 17520911571050801944888693256974784303, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=revoked.badssl.com", - "value": "revoked.badssl.com" - } - ], - "rfc4514_string": "CN=revoked.badssl.com" - }, - "subject_alternative_name": { - "dns": [ - "revoked.badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFUTCCBDmgAwIBAgIQB5g2A63jmQghnKAMJ7yKbDANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0yMDA3MTYxMjI1MjdaFw0yMzA1MzEyMzU5NTlaMFkxCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxMzAxBgNVBAMTKlJhcGlkU1NMIFRMUyBE\nViBSU0EgTWl4ZWQgU0hBMjU2IDIwMjAgQ0EtMTCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBANpuQ1VVmXvZlaJmxGVYotAMFzoApohbJAeNpzN+49LbgkrM\nLv2tblII8H43vN7UFumxV7lJdPwLP22qa0sV9cwCr6QZoGEobda+4pufG0aSfHQC\nQhulaqKpPcYYOPjTwgqJA84AFYj8l/IeQ8n01VyCurMIHA478ts2G6GGtEx0ucnE\nfV2QHUL64EC2yh7ybboo5v8nFWV4lx/xcfxoxkFTVnAIRgHrH2vUdOiV9slOix3z\n5KPs2rK2bbach8Sh5GSkgp2HRoS/my0tCq1vjyLJeP0aNwPd3rk5O8LiffLev9j+\nUKZo0tt0VvTLkdGmSN4h1mVY6DnGfOwp1C5SK0MCAwEAAaOCAgswggIHMB0GA1Ud\nDgQWBBSkjeW+fHnkcCNtLik0rSNY3PUxfzAfBgNVHSMEGDAWgBQD3lA1VtFMu2bw\no+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQG\nCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wewYDVR0fBHQwcjA3\noDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9v\ndENBLmNybDA3oDWgM4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0\nR2xvYmFsUm9vdENBLmNybDCBzgYDVR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsG\nAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcC\nAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNj\nZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBh\ndCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUA\nA4IBAQAi49xtSOuOygBycy50quCThG45xIdUAsQCaXFVRa9asPaB/jLINXJL3qV9\nJ0Gh2bZM0k4yOMeAMZ57smP6JkcJihhOFlfQa18aljd+xNc6b+GX6oFcCHGr+gsE\nyPM8qvlKGxc5T5eHVzV6jpjpyzl6VEKpaxH6gdGVpQVgjkOR9yY9XAUlFnzlOCpq\nsm7r2ZUKpDfrhUnVzX2nSM15XSj48rVBBAnGJWkLPijlACd3sWFMVUiKRz1C5PZy\nel2l7J/W4d99KFLSYgoy5GDmARpwLc//fXfkr40nMY8ibCmxCsjXQTe0fJbtrrLL\nyWQlk9VDV296EI/kQOJNLVEkJ54P\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "m9CKWIdvbISdtruZqLGUiSZHhg4=", - "fingerprint_sha256": "5vpISoWJQNEBl4VVRUqkZlMatsSrxK0rAAYmqqwNBPk=", - "hpkp_pin": "48hXNwn3laJAzsrIBprOcewUb097BGNL7e+MVM7Rcis=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-05-31T23:59:59", - "not_valid_before": "2020-07-16T12:25:27", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27574323204680624563828232751587726221614248135444919305107192432358158712885634902023526263476568000548956635892871232119825117569958181507625421723755440661659655382171341195513888591832987804080918992434260104963355485317095112178389837324188942874283181495696976630686075061284801124642200510841127304555323615001583090401892633316318617318068397987391334692735182696642811398335455679721283673797613937064201001202434279028751316590484836668909354002102995942171354622174974635705425910250149774710777862545946917761383109590429482046753677126173529497505985521767736455487435900636821013875344068916182447696707 - }, - "serial_number": 10094920634610845175072226827329899116, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", - "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" - } - ], - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", - "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", - "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2031-11-10T00:00:00", - "not_valid_before": "2006-11-10T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 - }, - "serial_number": 10944719598952040374951832963794454346, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Java", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/oracle_java.pem", - "version": "jdk-13.0.2" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGhjCCBW6gAwIBAgIQDS5nopiFO5pUUuOihaRXLzANBgkqhkiG9w0BAQsFADBZ\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypS\nYXBpZFNTTCBUTFMgRFYgUlNBIE1peGVkIFNIQTI1NiAyMDIwIENBLTEwHhcNMjEx\nMDI3MDAwMDAwWhcNMjIxMDI3MjM1OTU5WjAdMRswGQYDVQQDExJyZXZva2VkLmJh\nZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwdi1VZtxy\niqCehZI4f1vhk42tBsit6Ym07x53WzNFFmB9MzhoBNfJg0KD2TBLVEkUyu2+DHa6\nX6ZcM3g/OfJJqIgy7lMhFNOqXFg8Ocz3gLEnH1R5e2yL/0GqOSSVX3G8Sb85O6XV\n4aXeHUCBJdyKR4L+zXxLLAS70ydWUaBh8tLLVQglKoXbLAaNDWHCWz6bRtxY/xMn\nvgpEHmj+4fa33p+ObMS1GfrX009VqGF522Evapws8cSBu57SAgW6nBSg+fNUeX1p\n2bpmHIeVQVAO+V7ht731MSTFISEDis9teFje2TB9A0JS1rAbuclUG1royFPwrCuC\nECemqXAlrvinAgMBAAGjggOEMIIDgDAfBgNVHSMEGDAWgBSkjeW+fHnkcCNtLik0\nrSNY3PUxfzAdBgNVHQ4EFgQUsMjOILJ4zB0j7/D+1g4pS6wVcjwwHQYDVR0RBBYw\nFIIScmV2b2tlZC5iYWRzc2wuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU\nBggrBgEFBQcDAQYIKwYBBQUHAwIwgZsGA1UdHwSBkzCBkDBGoESgQoZAaHR0cDov\nL2NybDMuZGlnaWNlcnQuY29tL1JhcGlkU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIw\nMjBDQS0xLmNybDBGoESgQoZAaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1JhcGlk\nU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIwMjBDQS0xLmNybDA+BgNVHSAENzA1MDMG\nBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D\nUFMwgYUGCCsGAQUFBwEBBHkwdzAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln\naWNlcnQuY29tME8GCCsGAQUFBzAChkNodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5j\nb20vUmFwaWRTU0xUTFNEVlJTQU1peGVkU0hBMjU2MjAyMENBLTEuY3J0MAkGA1Ud\nEwQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2ACl5vvCeOTkh8FZzn2Ol\nd+W+V32cYAr4+U1dJlwlXceEAAABfMOk9zcAAAQDAEcwRQIgd7B5GPPeNHD68hvC\nMjnIyJWwyHqPYiNY3a35G76Ele0CIQDdJWhHo4RflbHq57wKCZL5WlZyMewH1saX\nTUx7kHVkrgB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfMOk\n92QAAAQDAEcwRQIgTCL/ZTlrfnsVIXlEwuu4TCrJpceszl9qXei3JMV27BkCIQCU\nXgLuFGCAlrwOORYBqDefFbm5ug+iDFoXkKXhMzZF8gB1AEHIyrHfIkZKEMahOglC\nh15OMYsbA+vrS8do8JBilgb2AAABfMOk9t8AAAQDAEYwRAIgaIpfULd22n40MqV3\nAqb6p4e720FcgEAsBeUJ3T/MbZ8CIHsdZEhhGXW2N9E8Hjh4hnryeRQIQujdD/84\nOjw22b/ZMA0GCSqGSIb3DQEBCwUAA4IBAQDVjL2+5NyUpLfzSa/EmSbaJ2ja6LjB\nusYwthaqUP70dwfrmfLa3XcdGYL3JCo7oGPg2wm+EH/FH4G6r55JzjIwSRePdMbW\nzWrYO0d78OAMu8COOh2jf5Ksfo3cpLUwKlcTI6fuJcY37UiyStAB/IXlweLg3Ixh\ndKqvaCgmRZSjsUzJXMeSomxKgG/dSPpPBLJKcxfy+R6OXOkj7FP/PseKthiJvHdF\nZ0uac3VrV8jAasuEHfTt73AWd47zGo67lfPr+FrkqbHfHTarCt2Rry1xPKuXGAPc\nXBqpsdu2SEDHGaeBFAsNzjhv2s/OD2QTKPNNZxss0RZUGW+qCFSjTWdk\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "XJ2IQM3u0vmEwi8+TTi8/MxApkw=", - "fingerprint_sha256": "Kav2FLKHDtcN8RIl6a4gaOMHTrmEWuJSwgZOMc6f6KE=", - "hpkp_pin": "pqyh7JgJzFtIIf+dKcXr5lGWC5Gx8ZzIm1Xvh4GKlQk=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", - "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" - } - ], - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-10-27T23:59:59", - "not_valid_before": "2021-10-27T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 22276216966283030678055450622429095259655482490801253859521388339587092043916960592293828501663092481444939036256933327788743707040341446186460580053972979131138573354545656566555913653054072564319924976938875745449848947009029792492804775145074960290227009479767679347927002336194892590128735938801262210422876350625989065935462395638218473700563621332998057220860942397070674003249654537033377227233962202262589488761550454921292328524235889492104187696547138887099864380496004638641698264065011383194643805299801245131763147533900478336257180018486034010809849631779268436440252990514941880172279259846725814122663 - }, - "serial_number": 17520911571050801944888693256974784303, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=revoked.badssl.com", - "value": "revoked.badssl.com" - } - ], - "rfc4514_string": "CN=revoked.badssl.com" - }, - "subject_alternative_name": { - "dns": [ - "revoked.badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFUTCCBDmgAwIBAgIQB5g2A63jmQghnKAMJ7yKbDANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0yMDA3MTYxMjI1MjdaFw0yMzA1MzEyMzU5NTlaMFkxCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxMzAxBgNVBAMTKlJhcGlkU1NMIFRMUyBE\nViBSU0EgTWl4ZWQgU0hBMjU2IDIwMjAgQ0EtMTCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBANpuQ1VVmXvZlaJmxGVYotAMFzoApohbJAeNpzN+49LbgkrM\nLv2tblII8H43vN7UFumxV7lJdPwLP22qa0sV9cwCr6QZoGEobda+4pufG0aSfHQC\nQhulaqKpPcYYOPjTwgqJA84AFYj8l/IeQ8n01VyCurMIHA478ts2G6GGtEx0ucnE\nfV2QHUL64EC2yh7ybboo5v8nFWV4lx/xcfxoxkFTVnAIRgHrH2vUdOiV9slOix3z\n5KPs2rK2bbach8Sh5GSkgp2HRoS/my0tCq1vjyLJeP0aNwPd3rk5O8LiffLev9j+\nUKZo0tt0VvTLkdGmSN4h1mVY6DnGfOwp1C5SK0MCAwEAAaOCAgswggIHMB0GA1Ud\nDgQWBBSkjeW+fHnkcCNtLik0rSNY3PUxfzAfBgNVHSMEGDAWgBQD3lA1VtFMu2bw\no+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQG\nCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wewYDVR0fBHQwcjA3\noDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9v\ndENBLmNybDA3oDWgM4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0\nR2xvYmFsUm9vdENBLmNybDCBzgYDVR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsG\nAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcC\nAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNj\nZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBh\ndCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUA\nA4IBAQAi49xtSOuOygBycy50quCThG45xIdUAsQCaXFVRa9asPaB/jLINXJL3qV9\nJ0Gh2bZM0k4yOMeAMZ57smP6JkcJihhOFlfQa18aljd+xNc6b+GX6oFcCHGr+gsE\nyPM8qvlKGxc5T5eHVzV6jpjpyzl6VEKpaxH6gdGVpQVgjkOR9yY9XAUlFnzlOCpq\nsm7r2ZUKpDfrhUnVzX2nSM15XSj48rVBBAnGJWkLPijlACd3sWFMVUiKRz1C5PZy\nel2l7J/W4d99KFLSYgoy5GDmARpwLc//fXfkr40nMY8ibCmxCsjXQTe0fJbtrrLL\nyWQlk9VDV296EI/kQOJNLVEkJ54P\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "m9CKWIdvbISdtruZqLGUiSZHhg4=", - "fingerprint_sha256": "5vpISoWJQNEBl4VVRUqkZlMatsSrxK0rAAYmqqwNBPk=", - "hpkp_pin": "48hXNwn3laJAzsrIBprOcewUb097BGNL7e+MVM7Rcis=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-05-31T23:59:59", - "not_valid_before": "2020-07-16T12:25:27", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27574323204680624563828232751587726221614248135444919305107192432358158712885634902023526263476568000548956635892871232119825117569958181507625421723755440661659655382171341195513888591832987804080918992434260104963355485317095112178389837324188942874283181495696976630686075061284801124642200510841127304555323615001583090401892633316318617318068397987391334692735182696642811398335455679721283673797613937064201001202434279028751316590484836668909354002102995942171354622174974635705425910250149774710777862545946917761383109590429482046753677126173529497505985521767736455487435900636821013875344068916182447696707 - }, - "serial_number": 10094920634610845175072226827329899116, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", - "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" - } - ], - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", - "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", - "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2031-11-10T00:00:00", - "not_valid_before": "2006-11-10T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 - }, - "serial_number": 10944719598952040374951832963794454346, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": [ - { - "dotted_string": "1.2.276.0.44.1.1.1.4", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.392.200091.100.721.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.40.0.17.1.22", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.616.1.113527.2.5.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.159.1.17.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.13177.10.1.3.10", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14370.1.6", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14777.6.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14777.6.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.14.2.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.14.2.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.8.12.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.8.12.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.22234.2.5.2.3.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.23223.1.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.29836.1.10", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.3", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.4", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.36305.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.40869.1.1.22.3", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.4146.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.4788.2.202.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.6334.1.100.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.6449.1.2.1.5.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.782.1.2.1.8.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.7879.13.24.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.8024.0.2.100.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.156.112554.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.528.1.1003.1.2.7", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.578.1.26.1.3.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.756.1.83.21.0", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.756.1.89.1.2.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.792.3.0.3.1.1.5", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.792.3.0.4.1.1.4", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.113733.1.7.23.6", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.113733.1.7.48.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114028.10.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114171.500.9", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114404.1.1.2.4.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114412.2.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114413.1.7.23.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114414.1.7.23.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114414.1.7.24.3", - "name": "Unknown OID" - } - ], - "name": "Mozilla", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/mozilla_nss.pem", - "version": "2021-09-25" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGhjCCBW6gAwIBAgIQDS5nopiFO5pUUuOihaRXLzANBgkqhkiG9w0BAQsFADBZ\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypS\nYXBpZFNTTCBUTFMgRFYgUlNBIE1peGVkIFNIQTI1NiAyMDIwIENBLTEwHhcNMjEx\nMDI3MDAwMDAwWhcNMjIxMDI3MjM1OTU5WjAdMRswGQYDVQQDExJyZXZva2VkLmJh\nZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwdi1VZtxy\niqCehZI4f1vhk42tBsit6Ym07x53WzNFFmB9MzhoBNfJg0KD2TBLVEkUyu2+DHa6\nX6ZcM3g/OfJJqIgy7lMhFNOqXFg8Ocz3gLEnH1R5e2yL/0GqOSSVX3G8Sb85O6XV\n4aXeHUCBJdyKR4L+zXxLLAS70ydWUaBh8tLLVQglKoXbLAaNDWHCWz6bRtxY/xMn\nvgpEHmj+4fa33p+ObMS1GfrX009VqGF522Evapws8cSBu57SAgW6nBSg+fNUeX1p\n2bpmHIeVQVAO+V7ht731MSTFISEDis9teFje2TB9A0JS1rAbuclUG1royFPwrCuC\nECemqXAlrvinAgMBAAGjggOEMIIDgDAfBgNVHSMEGDAWgBSkjeW+fHnkcCNtLik0\nrSNY3PUxfzAdBgNVHQ4EFgQUsMjOILJ4zB0j7/D+1g4pS6wVcjwwHQYDVR0RBBYw\nFIIScmV2b2tlZC5iYWRzc2wuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU\nBggrBgEFBQcDAQYIKwYBBQUHAwIwgZsGA1UdHwSBkzCBkDBGoESgQoZAaHR0cDov\nL2NybDMuZGlnaWNlcnQuY29tL1JhcGlkU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIw\nMjBDQS0xLmNybDBGoESgQoZAaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1JhcGlk\nU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIwMjBDQS0xLmNybDA+BgNVHSAENzA1MDMG\nBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D\nUFMwgYUGCCsGAQUFBwEBBHkwdzAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln\naWNlcnQuY29tME8GCCsGAQUFBzAChkNodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5j\nb20vUmFwaWRTU0xUTFNEVlJTQU1peGVkU0hBMjU2MjAyMENBLTEuY3J0MAkGA1Ud\nEwQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2ACl5vvCeOTkh8FZzn2Ol\nd+W+V32cYAr4+U1dJlwlXceEAAABfMOk9zcAAAQDAEcwRQIgd7B5GPPeNHD68hvC\nMjnIyJWwyHqPYiNY3a35G76Ele0CIQDdJWhHo4RflbHq57wKCZL5WlZyMewH1saX\nTUx7kHVkrgB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfMOk\n92QAAAQDAEcwRQIgTCL/ZTlrfnsVIXlEwuu4TCrJpceszl9qXei3JMV27BkCIQCU\nXgLuFGCAlrwOORYBqDefFbm5ug+iDFoXkKXhMzZF8gB1AEHIyrHfIkZKEMahOglC\nh15OMYsbA+vrS8do8JBilgb2AAABfMOk9t8AAAQDAEYwRAIgaIpfULd22n40MqV3\nAqb6p4e720FcgEAsBeUJ3T/MbZ8CIHsdZEhhGXW2N9E8Hjh4hnryeRQIQujdD/84\nOjw22b/ZMA0GCSqGSIb3DQEBCwUAA4IBAQDVjL2+5NyUpLfzSa/EmSbaJ2ja6LjB\nusYwthaqUP70dwfrmfLa3XcdGYL3JCo7oGPg2wm+EH/FH4G6r55JzjIwSRePdMbW\nzWrYO0d78OAMu8COOh2jf5Ksfo3cpLUwKlcTI6fuJcY37UiyStAB/IXlweLg3Ixh\ndKqvaCgmRZSjsUzJXMeSomxKgG/dSPpPBLJKcxfy+R6OXOkj7FP/PseKthiJvHdF\nZ0uac3VrV8jAasuEHfTt73AWd47zGo67lfPr+FrkqbHfHTarCt2Rry1xPKuXGAPc\nXBqpsdu2SEDHGaeBFAsNzjhv2s/OD2QTKPNNZxss0RZUGW+qCFSjTWdk\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "XJ2IQM3u0vmEwi8+TTi8/MxApkw=", - "fingerprint_sha256": "Kav2FLKHDtcN8RIl6a4gaOMHTrmEWuJSwgZOMc6f6KE=", - "hpkp_pin": "pqyh7JgJzFtIIf+dKcXr5lGWC5Gx8ZzIm1Xvh4GKlQk=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", - "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" - } - ], - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-10-27T23:59:59", - "not_valid_before": "2021-10-27T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 22276216966283030678055450622429095259655482490801253859521388339587092043916960592293828501663092481444939036256933327788743707040341446186460580053972979131138573354545656566555913653054072564319924976938875745449848947009029792492804775145074960290227009479767679347927002336194892590128735938801262210422876350625989065935462395638218473700563621332998057220860942397070674003249654537033377227233962202262589488761550454921292328524235889492104187696547138887099864380496004638641698264065011383194643805299801245131763147533900478336257180018486034010809849631779268436440252990514941880172279259846725814122663 - }, - "serial_number": 17520911571050801944888693256974784303, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=revoked.badssl.com", - "value": "revoked.badssl.com" - } - ], - "rfc4514_string": "CN=revoked.badssl.com" - }, - "subject_alternative_name": { - "dns": [ - "revoked.badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFUTCCBDmgAwIBAgIQB5g2A63jmQghnKAMJ7yKbDANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0yMDA3MTYxMjI1MjdaFw0yMzA1MzEyMzU5NTlaMFkxCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxMzAxBgNVBAMTKlJhcGlkU1NMIFRMUyBE\nViBSU0EgTWl4ZWQgU0hBMjU2IDIwMjAgQ0EtMTCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBANpuQ1VVmXvZlaJmxGVYotAMFzoApohbJAeNpzN+49LbgkrM\nLv2tblII8H43vN7UFumxV7lJdPwLP22qa0sV9cwCr6QZoGEobda+4pufG0aSfHQC\nQhulaqKpPcYYOPjTwgqJA84AFYj8l/IeQ8n01VyCurMIHA478ts2G6GGtEx0ucnE\nfV2QHUL64EC2yh7ybboo5v8nFWV4lx/xcfxoxkFTVnAIRgHrH2vUdOiV9slOix3z\n5KPs2rK2bbach8Sh5GSkgp2HRoS/my0tCq1vjyLJeP0aNwPd3rk5O8LiffLev9j+\nUKZo0tt0VvTLkdGmSN4h1mVY6DnGfOwp1C5SK0MCAwEAAaOCAgswggIHMB0GA1Ud\nDgQWBBSkjeW+fHnkcCNtLik0rSNY3PUxfzAfBgNVHSMEGDAWgBQD3lA1VtFMu2bw\no+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQG\nCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wewYDVR0fBHQwcjA3\noDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9v\ndENBLmNybDA3oDWgM4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0\nR2xvYmFsUm9vdENBLmNybDCBzgYDVR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsG\nAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcC\nAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNj\nZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBh\ndCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUA\nA4IBAQAi49xtSOuOygBycy50quCThG45xIdUAsQCaXFVRa9asPaB/jLINXJL3qV9\nJ0Gh2bZM0k4yOMeAMZ57smP6JkcJihhOFlfQa18aljd+xNc6b+GX6oFcCHGr+gsE\nyPM8qvlKGxc5T5eHVzV6jpjpyzl6VEKpaxH6gdGVpQVgjkOR9yY9XAUlFnzlOCpq\nsm7r2ZUKpDfrhUnVzX2nSM15XSj48rVBBAnGJWkLPijlACd3sWFMVUiKRz1C5PZy\nel2l7J/W4d99KFLSYgoy5GDmARpwLc//fXfkr40nMY8ibCmxCsjXQTe0fJbtrrLL\nyWQlk9VDV296EI/kQOJNLVEkJ54P\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "m9CKWIdvbISdtruZqLGUiSZHhg4=", - "fingerprint_sha256": "5vpISoWJQNEBl4VVRUqkZlMatsSrxK0rAAYmqqwNBPk=", - "hpkp_pin": "48hXNwn3laJAzsrIBprOcewUb097BGNL7e+MVM7Rcis=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-05-31T23:59:59", - "not_valid_before": "2020-07-16T12:25:27", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27574323204680624563828232751587726221614248135444919305107192432358158712885634902023526263476568000548956635892871232119825117569958181507625421723755440661659655382171341195513888591832987804080918992434260104963355485317095112178389837324188942874283181495696976630686075061284801124642200510841127304555323615001583090401892633316318617318068397987391334692735182696642811398335455679721283673797613937064201001202434279028751316590484836668909354002102995942171354622174974635705425910250149774710777862545946917761383109590429482046753677126173529497505985521767736455487435900636821013875344068916182447696707 - }, - "serial_number": 10094920634610845175072226827329899116, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", - "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" - } - ], - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", - "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", - "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2031-11-10T00:00:00", - "not_valid_before": "2006-11-10T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 - }, - "serial_number": 10944719598952040374951832963794454346, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Windows", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/microsoft_windows.pem", - "version": "2021-09-25" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGhjCCBW6gAwIBAgIQDS5nopiFO5pUUuOihaRXLzANBgkqhkiG9w0BAQsFADBZ\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypS\nYXBpZFNTTCBUTFMgRFYgUlNBIE1peGVkIFNIQTI1NiAyMDIwIENBLTEwHhcNMjEx\nMDI3MDAwMDAwWhcNMjIxMDI3MjM1OTU5WjAdMRswGQYDVQQDExJyZXZva2VkLmJh\nZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwdi1VZtxy\niqCehZI4f1vhk42tBsit6Ym07x53WzNFFmB9MzhoBNfJg0KD2TBLVEkUyu2+DHa6\nX6ZcM3g/OfJJqIgy7lMhFNOqXFg8Ocz3gLEnH1R5e2yL/0GqOSSVX3G8Sb85O6XV\n4aXeHUCBJdyKR4L+zXxLLAS70ydWUaBh8tLLVQglKoXbLAaNDWHCWz6bRtxY/xMn\nvgpEHmj+4fa33p+ObMS1GfrX009VqGF522Evapws8cSBu57SAgW6nBSg+fNUeX1p\n2bpmHIeVQVAO+V7ht731MSTFISEDis9teFje2TB9A0JS1rAbuclUG1royFPwrCuC\nECemqXAlrvinAgMBAAGjggOEMIIDgDAfBgNVHSMEGDAWgBSkjeW+fHnkcCNtLik0\nrSNY3PUxfzAdBgNVHQ4EFgQUsMjOILJ4zB0j7/D+1g4pS6wVcjwwHQYDVR0RBBYw\nFIIScmV2b2tlZC5iYWRzc2wuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU\nBggrBgEFBQcDAQYIKwYBBQUHAwIwgZsGA1UdHwSBkzCBkDBGoESgQoZAaHR0cDov\nL2NybDMuZGlnaWNlcnQuY29tL1JhcGlkU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIw\nMjBDQS0xLmNybDBGoESgQoZAaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1JhcGlk\nU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIwMjBDQS0xLmNybDA+BgNVHSAENzA1MDMG\nBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D\nUFMwgYUGCCsGAQUFBwEBBHkwdzAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln\naWNlcnQuY29tME8GCCsGAQUFBzAChkNodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5j\nb20vUmFwaWRTU0xUTFNEVlJTQU1peGVkU0hBMjU2MjAyMENBLTEuY3J0MAkGA1Ud\nEwQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2ACl5vvCeOTkh8FZzn2Ol\nd+W+V32cYAr4+U1dJlwlXceEAAABfMOk9zcAAAQDAEcwRQIgd7B5GPPeNHD68hvC\nMjnIyJWwyHqPYiNY3a35G76Ele0CIQDdJWhHo4RflbHq57wKCZL5WlZyMewH1saX\nTUx7kHVkrgB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfMOk\n92QAAAQDAEcwRQIgTCL/ZTlrfnsVIXlEwuu4TCrJpceszl9qXei3JMV27BkCIQCU\nXgLuFGCAlrwOORYBqDefFbm5ug+iDFoXkKXhMzZF8gB1AEHIyrHfIkZKEMahOglC\nh15OMYsbA+vrS8do8JBilgb2AAABfMOk9t8AAAQDAEYwRAIgaIpfULd22n40MqV3\nAqb6p4e720FcgEAsBeUJ3T/MbZ8CIHsdZEhhGXW2N9E8Hjh4hnryeRQIQujdD/84\nOjw22b/ZMA0GCSqGSIb3DQEBCwUAA4IBAQDVjL2+5NyUpLfzSa/EmSbaJ2ja6LjB\nusYwthaqUP70dwfrmfLa3XcdGYL3JCo7oGPg2wm+EH/FH4G6r55JzjIwSRePdMbW\nzWrYO0d78OAMu8COOh2jf5Ksfo3cpLUwKlcTI6fuJcY37UiyStAB/IXlweLg3Ixh\ndKqvaCgmRZSjsUzJXMeSomxKgG/dSPpPBLJKcxfy+R6OXOkj7FP/PseKthiJvHdF\nZ0uac3VrV8jAasuEHfTt73AWd47zGo67lfPr+FrkqbHfHTarCt2Rry1xPKuXGAPc\nXBqpsdu2SEDHGaeBFAsNzjhv2s/OD2QTKPNNZxss0RZUGW+qCFSjTWdk\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "XJ2IQM3u0vmEwi8+TTi8/MxApkw=", - "fingerprint_sha256": "Kav2FLKHDtcN8RIl6a4gaOMHTrmEWuJSwgZOMc6f6KE=", - "hpkp_pin": "pqyh7JgJzFtIIf+dKcXr5lGWC5Gx8ZzIm1Xvh4GKlQk=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", - "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" - } - ], - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-10-27T23:59:59", - "not_valid_before": "2021-10-27T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 22276216966283030678055450622429095259655482490801253859521388339587092043916960592293828501663092481444939036256933327788743707040341446186460580053972979131138573354545656566555913653054072564319924976938875745449848947009029792492804775145074960290227009479767679347927002336194892590128735938801262210422876350625989065935462395638218473700563621332998057220860942397070674003249654537033377227233962202262589488761550454921292328524235889492104187696547138887099864380496004638641698264065011383194643805299801245131763147533900478336257180018486034010809849631779268436440252990514941880172279259846725814122663 - }, - "serial_number": 17520911571050801944888693256974784303, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=revoked.badssl.com", - "value": "revoked.badssl.com" - } - ], - "rfc4514_string": "CN=revoked.badssl.com" - }, - "subject_alternative_name": { - "dns": [ - "revoked.badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFUTCCBDmgAwIBAgIQB5g2A63jmQghnKAMJ7yKbDANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0yMDA3MTYxMjI1MjdaFw0yMzA1MzEyMzU5NTlaMFkxCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxMzAxBgNVBAMTKlJhcGlkU1NMIFRMUyBE\nViBSU0EgTWl4ZWQgU0hBMjU2IDIwMjAgQ0EtMTCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBANpuQ1VVmXvZlaJmxGVYotAMFzoApohbJAeNpzN+49LbgkrM\nLv2tblII8H43vN7UFumxV7lJdPwLP22qa0sV9cwCr6QZoGEobda+4pufG0aSfHQC\nQhulaqKpPcYYOPjTwgqJA84AFYj8l/IeQ8n01VyCurMIHA478ts2G6GGtEx0ucnE\nfV2QHUL64EC2yh7ybboo5v8nFWV4lx/xcfxoxkFTVnAIRgHrH2vUdOiV9slOix3z\n5KPs2rK2bbach8Sh5GSkgp2HRoS/my0tCq1vjyLJeP0aNwPd3rk5O8LiffLev9j+\nUKZo0tt0VvTLkdGmSN4h1mVY6DnGfOwp1C5SK0MCAwEAAaOCAgswggIHMB0GA1Ud\nDgQWBBSkjeW+fHnkcCNtLik0rSNY3PUxfzAfBgNVHSMEGDAWgBQD3lA1VtFMu2bw\no+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQG\nCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wewYDVR0fBHQwcjA3\noDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9v\ndENBLmNybDA3oDWgM4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0\nR2xvYmFsUm9vdENBLmNybDCBzgYDVR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsG\nAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcC\nAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNj\nZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBh\ndCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUA\nA4IBAQAi49xtSOuOygBycy50quCThG45xIdUAsQCaXFVRa9asPaB/jLINXJL3qV9\nJ0Gh2bZM0k4yOMeAMZ57smP6JkcJihhOFlfQa18aljd+xNc6b+GX6oFcCHGr+gsE\nyPM8qvlKGxc5T5eHVzV6jpjpyzl6VEKpaxH6gdGVpQVgjkOR9yY9XAUlFnzlOCpq\nsm7r2ZUKpDfrhUnVzX2nSM15XSj48rVBBAnGJWkLPijlACd3sWFMVUiKRz1C5PZy\nel2l7J/W4d99KFLSYgoy5GDmARpwLc//fXfkr40nMY8ibCmxCsjXQTe0fJbtrrLL\nyWQlk9VDV296EI/kQOJNLVEkJ54P\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "m9CKWIdvbISdtruZqLGUiSZHhg4=", - "fingerprint_sha256": "5vpISoWJQNEBl4VVRUqkZlMatsSrxK0rAAYmqqwNBPk=", - "hpkp_pin": "48hXNwn3laJAzsrIBprOcewUb097BGNL7e+MVM7Rcis=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-05-31T23:59:59", - "not_valid_before": "2020-07-16T12:25:27", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27574323204680624563828232751587726221614248135444919305107192432358158712885634902023526263476568000548956635892871232119825117569958181507625421723755440661659655382171341195513888591832987804080918992434260104963355485317095112178389837324188942874283181495696976630686075061284801124642200510841127304555323615001583090401892633316318617318068397987391334692735182696642811398335455679721283673797613937064201001202434279028751316590484836668909354002102995942171354622174974635705425910250149774710777862545946917761383109590429482046753677126173529497505985521767736455487435900636821013875344068916182447696707 - }, - "serial_number": 10094920634610845175072226827329899116, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", - "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" - } - ], - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", - "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", - "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2031-11-10T00:00:00", - "not_valid_before": "2006-11-10T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 - }, - "serial_number": 10944719598952040374951832963794454346, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - } - ], - "received_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGhjCCBW6gAwIBAgIQDS5nopiFO5pUUuOihaRXLzANBgkqhkiG9w0BAQsFADBZ\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypS\nYXBpZFNTTCBUTFMgRFYgUlNBIE1peGVkIFNIQTI1NiAyMDIwIENBLTEwHhcNMjEx\nMDI3MDAwMDAwWhcNMjIxMDI3MjM1OTU5WjAdMRswGQYDVQQDExJyZXZva2VkLmJh\nZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwdi1VZtxy\niqCehZI4f1vhk42tBsit6Ym07x53WzNFFmB9MzhoBNfJg0KD2TBLVEkUyu2+DHa6\nX6ZcM3g/OfJJqIgy7lMhFNOqXFg8Ocz3gLEnH1R5e2yL/0GqOSSVX3G8Sb85O6XV\n4aXeHUCBJdyKR4L+zXxLLAS70ydWUaBh8tLLVQglKoXbLAaNDWHCWz6bRtxY/xMn\nvgpEHmj+4fa33p+ObMS1GfrX009VqGF522Evapws8cSBu57SAgW6nBSg+fNUeX1p\n2bpmHIeVQVAO+V7ht731MSTFISEDis9teFje2TB9A0JS1rAbuclUG1royFPwrCuC\nECemqXAlrvinAgMBAAGjggOEMIIDgDAfBgNVHSMEGDAWgBSkjeW+fHnkcCNtLik0\nrSNY3PUxfzAdBgNVHQ4EFgQUsMjOILJ4zB0j7/D+1g4pS6wVcjwwHQYDVR0RBBYw\nFIIScmV2b2tlZC5iYWRzc2wuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU\nBggrBgEFBQcDAQYIKwYBBQUHAwIwgZsGA1UdHwSBkzCBkDBGoESgQoZAaHR0cDov\nL2NybDMuZGlnaWNlcnQuY29tL1JhcGlkU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIw\nMjBDQS0xLmNybDBGoESgQoZAaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1JhcGlk\nU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIwMjBDQS0xLmNybDA+BgNVHSAENzA1MDMG\nBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D\nUFMwgYUGCCsGAQUFBwEBBHkwdzAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln\naWNlcnQuY29tME8GCCsGAQUFBzAChkNodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5j\nb20vUmFwaWRTU0xUTFNEVlJTQU1peGVkU0hBMjU2MjAyMENBLTEuY3J0MAkGA1Ud\nEwQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2ACl5vvCeOTkh8FZzn2Ol\nd+W+V32cYAr4+U1dJlwlXceEAAABfMOk9zcAAAQDAEcwRQIgd7B5GPPeNHD68hvC\nMjnIyJWwyHqPYiNY3a35G76Ele0CIQDdJWhHo4RflbHq57wKCZL5WlZyMewH1saX\nTUx7kHVkrgB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfMOk\n92QAAAQDAEcwRQIgTCL/ZTlrfnsVIXlEwuu4TCrJpceszl9qXei3JMV27BkCIQCU\nXgLuFGCAlrwOORYBqDefFbm5ug+iDFoXkKXhMzZF8gB1AEHIyrHfIkZKEMahOglC\nh15OMYsbA+vrS8do8JBilgb2AAABfMOk9t8AAAQDAEYwRAIgaIpfULd22n40MqV3\nAqb6p4e720FcgEAsBeUJ3T/MbZ8CIHsdZEhhGXW2N9E8Hjh4hnryeRQIQujdD/84\nOjw22b/ZMA0GCSqGSIb3DQEBCwUAA4IBAQDVjL2+5NyUpLfzSa/EmSbaJ2ja6LjB\nusYwthaqUP70dwfrmfLa3XcdGYL3JCo7oGPg2wm+EH/FH4G6r55JzjIwSRePdMbW\nzWrYO0d78OAMu8COOh2jf5Ksfo3cpLUwKlcTI6fuJcY37UiyStAB/IXlweLg3Ixh\ndKqvaCgmRZSjsUzJXMeSomxKgG/dSPpPBLJKcxfy+R6OXOkj7FP/PseKthiJvHdF\nZ0uac3VrV8jAasuEHfTt73AWd47zGo67lfPr+FrkqbHfHTarCt2Rry1xPKuXGAPc\nXBqpsdu2SEDHGaeBFAsNzjhv2s/OD2QTKPNNZxss0RZUGW+qCFSjTWdk\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "XJ2IQM3u0vmEwi8+TTi8/MxApkw=", - "fingerprint_sha256": "Kav2FLKHDtcN8RIl6a4gaOMHTrmEWuJSwgZOMc6f6KE=", - "hpkp_pin": "pqyh7JgJzFtIIf+dKcXr5lGWC5Gx8ZzIm1Xvh4GKlQk=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", - "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" - } - ], - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-10-27T23:59:59", - "not_valid_before": "2021-10-27T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 22276216966283030678055450622429095259655482490801253859521388339587092043916960592293828501663092481444939036256933327788743707040341446186460580053972979131138573354545656566555913653054072564319924976938875745449848947009029792492804775145074960290227009479767679347927002336194892590128735938801262210422876350625989065935462395638218473700563621332998057220860942397070674003249654537033377227233962202262589488761550454921292328524235889492104187696547138887099864380496004638641698264065011383194643805299801245131763147533900478336257180018486034010809849631779268436440252990514941880172279259846725814122663 - }, - "serial_number": 17520911571050801944888693256974784303, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=revoked.badssl.com", - "value": "revoked.badssl.com" - } - ], - "rfc4514_string": "CN=revoked.badssl.com" - }, - "subject_alternative_name": { - "dns": [ - "revoked.badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFUTCCBDmgAwIBAgIQB5g2A63jmQghnKAMJ7yKbDANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0yMDA3MTYxMjI1MjdaFw0yMzA1MzEyMzU5NTlaMFkxCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxMzAxBgNVBAMTKlJhcGlkU1NMIFRMUyBE\nViBSU0EgTWl4ZWQgU0hBMjU2IDIwMjAgQ0EtMTCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBANpuQ1VVmXvZlaJmxGVYotAMFzoApohbJAeNpzN+49LbgkrM\nLv2tblII8H43vN7UFumxV7lJdPwLP22qa0sV9cwCr6QZoGEobda+4pufG0aSfHQC\nQhulaqKpPcYYOPjTwgqJA84AFYj8l/IeQ8n01VyCurMIHA478ts2G6GGtEx0ucnE\nfV2QHUL64EC2yh7ybboo5v8nFWV4lx/xcfxoxkFTVnAIRgHrH2vUdOiV9slOix3z\n5KPs2rK2bbach8Sh5GSkgp2HRoS/my0tCq1vjyLJeP0aNwPd3rk5O8LiffLev9j+\nUKZo0tt0VvTLkdGmSN4h1mVY6DnGfOwp1C5SK0MCAwEAAaOCAgswggIHMB0GA1Ud\nDgQWBBSkjeW+fHnkcCNtLik0rSNY3PUxfzAfBgNVHSMEGDAWgBQD3lA1VtFMu2bw\no+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQG\nCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wewYDVR0fBHQwcjA3\noDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9v\ndENBLmNybDA3oDWgM4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0\nR2xvYmFsUm9vdENBLmNybDCBzgYDVR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsG\nAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcC\nAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNj\nZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBh\ndCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUA\nA4IBAQAi49xtSOuOygBycy50quCThG45xIdUAsQCaXFVRa9asPaB/jLINXJL3qV9\nJ0Gh2bZM0k4yOMeAMZ57smP6JkcJihhOFlfQa18aljd+xNc6b+GX6oFcCHGr+gsE\nyPM8qvlKGxc5T5eHVzV6jpjpyzl6VEKpaxH6gdGVpQVgjkOR9yY9XAUlFnzlOCpq\nsm7r2ZUKpDfrhUnVzX2nSM15XSj48rVBBAnGJWkLPijlACd3sWFMVUiKRz1C5PZy\nel2l7J/W4d99KFLSYgoy5GDmARpwLc//fXfkr40nMY8ibCmxCsjXQTe0fJbtrrLL\nyWQlk9VDV296EI/kQOJNLVEkJ54P\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "m9CKWIdvbISdtruZqLGUiSZHhg4=", - "fingerprint_sha256": "5vpISoWJQNEBl4VVRUqkZlMatsSrxK0rAAYmqqwNBPk=", - "hpkp_pin": "48hXNwn3laJAzsrIBprOcewUb097BGNL7e+MVM7Rcis=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-05-31T23:59:59", - "not_valid_before": "2020-07-16T12:25:27", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27574323204680624563828232751587726221614248135444919305107192432358158712885634902023526263476568000548956635892871232119825117569958181507625421723755440661659655382171341195513888591832987804080918992434260104963355485317095112178389837324188942874283181495696976630686075061284801124642200510841127304555323615001583090401892633316318617318068397987391334692735182696642811398335455679721283673797613937064201001202434279028751316590484836668909354002102995942171354622174974635705425910250149774710777862545946917761383109590429482046753677126173529497505985521767736455487435900636821013875344068916182447696707 - }, - "serial_number": 10094920634610845175072226827329899116, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", - "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" - } - ], - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "received_chain_contains_anchor_certificate": false, - "received_chain_has_valid_order": true, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGhjCCBW6gAwIBAgIQDS5nopiFO5pUUuOihaRXLzANBgkqhkiG9w0BAQsFADBZ\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypS\nYXBpZFNTTCBUTFMgRFYgUlNBIE1peGVkIFNIQTI1NiAyMDIwIENBLTEwHhcNMjEx\nMDI3MDAwMDAwWhcNMjIxMDI3MjM1OTU5WjAdMRswGQYDVQQDExJyZXZva2VkLmJh\nZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwdi1VZtxy\niqCehZI4f1vhk42tBsit6Ym07x53WzNFFmB9MzhoBNfJg0KD2TBLVEkUyu2+DHa6\nX6ZcM3g/OfJJqIgy7lMhFNOqXFg8Ocz3gLEnH1R5e2yL/0GqOSSVX3G8Sb85O6XV\n4aXeHUCBJdyKR4L+zXxLLAS70ydWUaBh8tLLVQglKoXbLAaNDWHCWz6bRtxY/xMn\nvgpEHmj+4fa33p+ObMS1GfrX009VqGF522Evapws8cSBu57SAgW6nBSg+fNUeX1p\n2bpmHIeVQVAO+V7ht731MSTFISEDis9teFje2TB9A0JS1rAbuclUG1royFPwrCuC\nECemqXAlrvinAgMBAAGjggOEMIIDgDAfBgNVHSMEGDAWgBSkjeW+fHnkcCNtLik0\nrSNY3PUxfzAdBgNVHQ4EFgQUsMjOILJ4zB0j7/D+1g4pS6wVcjwwHQYDVR0RBBYw\nFIIScmV2b2tlZC5iYWRzc2wuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU\nBggrBgEFBQcDAQYIKwYBBQUHAwIwgZsGA1UdHwSBkzCBkDBGoESgQoZAaHR0cDov\nL2NybDMuZGlnaWNlcnQuY29tL1JhcGlkU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIw\nMjBDQS0xLmNybDBGoESgQoZAaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1JhcGlk\nU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIwMjBDQS0xLmNybDA+BgNVHSAENzA1MDMG\nBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D\nUFMwgYUGCCsGAQUFBwEBBHkwdzAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln\naWNlcnQuY29tME8GCCsGAQUFBzAChkNodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5j\nb20vUmFwaWRTU0xUTFNEVlJTQU1peGVkU0hBMjU2MjAyMENBLTEuY3J0MAkGA1Ud\nEwQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2ACl5vvCeOTkh8FZzn2Ol\nd+W+V32cYAr4+U1dJlwlXceEAAABfMOk9zcAAAQDAEcwRQIgd7B5GPPeNHD68hvC\nMjnIyJWwyHqPYiNY3a35G76Ele0CIQDdJWhHo4RflbHq57wKCZL5WlZyMewH1saX\nTUx7kHVkrgB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfMOk\n92QAAAQDAEcwRQIgTCL/ZTlrfnsVIXlEwuu4TCrJpceszl9qXei3JMV27BkCIQCU\nXgLuFGCAlrwOORYBqDefFbm5ug+iDFoXkKXhMzZF8gB1AEHIyrHfIkZKEMahOglC\nh15OMYsbA+vrS8do8JBilgb2AAABfMOk9t8AAAQDAEYwRAIgaIpfULd22n40MqV3\nAqb6p4e720FcgEAsBeUJ3T/MbZ8CIHsdZEhhGXW2N9E8Hjh4hnryeRQIQujdD/84\nOjw22b/ZMA0GCSqGSIb3DQEBCwUAA4IBAQDVjL2+5NyUpLfzSa/EmSbaJ2ja6LjB\nusYwthaqUP70dwfrmfLa3XcdGYL3JCo7oGPg2wm+EH/FH4G6r55JzjIwSRePdMbW\nzWrYO0d78OAMu8COOh2jf5Ksfo3cpLUwKlcTI6fuJcY37UiyStAB/IXlweLg3Ixh\ndKqvaCgmRZSjsUzJXMeSomxKgG/dSPpPBLJKcxfy+R6OXOkj7FP/PseKthiJvHdF\nZ0uac3VrV8jAasuEHfTt73AWd47zGo67lfPr+FrkqbHfHTarCt2Rry1xPKuXGAPc\nXBqpsdu2SEDHGaeBFAsNzjhv2s/OD2QTKPNNZxss0RZUGW+qCFSjTWdk\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "XJ2IQM3u0vmEwi8+TTi8/MxApkw=", - "fingerprint_sha256": "Kav2FLKHDtcN8RIl6a4gaOMHTrmEWuJSwgZOMc6f6KE=", - "hpkp_pin": "pqyh7JgJzFtIIf+dKcXr5lGWC5Gx8ZzIm1Xvh4GKlQk=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", - "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" - } - ], - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-10-27T23:59:59", - "not_valid_before": "2021-10-27T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 22276216966283030678055450622429095259655482490801253859521388339587092043916960592293828501663092481444939036256933327788743707040341446186460580053972979131138573354545656566555913653054072564319924976938875745449848947009029792492804775145074960290227009479767679347927002336194892590128735938801262210422876350625989065935462395638218473700563621332998057220860942397070674003249654537033377227233962202262589488761550454921292328524235889492104187696547138887099864380496004638641698264065011383194643805299801245131763147533900478336257180018486034010809849631779268436440252990514941880172279259846725814122663 - }, - "serial_number": 17520911571050801944888693256974784303, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=revoked.badssl.com", - "value": "revoked.badssl.com" - } - ], - "rfc4514_string": "CN=revoked.badssl.com" - }, - "subject_alternative_name": { - "dns": [ - "revoked.badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFUTCCBDmgAwIBAgIQB5g2A63jmQghnKAMJ7yKbDANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0yMDA3MTYxMjI1MjdaFw0yMzA1MzEyMzU5NTlaMFkxCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxMzAxBgNVBAMTKlJhcGlkU1NMIFRMUyBE\nViBSU0EgTWl4ZWQgU0hBMjU2IDIwMjAgQ0EtMTCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBANpuQ1VVmXvZlaJmxGVYotAMFzoApohbJAeNpzN+49LbgkrM\nLv2tblII8H43vN7UFumxV7lJdPwLP22qa0sV9cwCr6QZoGEobda+4pufG0aSfHQC\nQhulaqKpPcYYOPjTwgqJA84AFYj8l/IeQ8n01VyCurMIHA478ts2G6GGtEx0ucnE\nfV2QHUL64EC2yh7ybboo5v8nFWV4lx/xcfxoxkFTVnAIRgHrH2vUdOiV9slOix3z\n5KPs2rK2bbach8Sh5GSkgp2HRoS/my0tCq1vjyLJeP0aNwPd3rk5O8LiffLev9j+\nUKZo0tt0VvTLkdGmSN4h1mVY6DnGfOwp1C5SK0MCAwEAAaOCAgswggIHMB0GA1Ud\nDgQWBBSkjeW+fHnkcCNtLik0rSNY3PUxfzAfBgNVHSMEGDAWgBQD3lA1VtFMu2bw\no+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQG\nCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wewYDVR0fBHQwcjA3\noDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9v\ndENBLmNybDA3oDWgM4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0\nR2xvYmFsUm9vdENBLmNybDCBzgYDVR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsG\nAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcC\nAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNj\nZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBh\ndCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUA\nA4IBAQAi49xtSOuOygBycy50quCThG45xIdUAsQCaXFVRa9asPaB/jLINXJL3qV9\nJ0Gh2bZM0k4yOMeAMZ57smP6JkcJihhOFlfQa18aljd+xNc6b+GX6oFcCHGr+gsE\nyPM8qvlKGxc5T5eHVzV6jpjpyzl6VEKpaxH6gdGVpQVgjkOR9yY9XAUlFnzlOCpq\nsm7r2ZUKpDfrhUnVzX2nSM15XSj48rVBBAnGJWkLPijlACd3sWFMVUiKRz1C5PZy\nel2l7J/W4d99KFLSYgoy5GDmARpwLc//fXfkr40nMY8ibCmxCsjXQTe0fJbtrrLL\nyWQlk9VDV296EI/kQOJNLVEkJ54P\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "m9CKWIdvbISdtruZqLGUiSZHhg4=", - "fingerprint_sha256": "5vpISoWJQNEBl4VVRUqkZlMatsSrxK0rAAYmqqwNBPk=", - "hpkp_pin": "48hXNwn3laJAzsrIBprOcewUb097BGNL7e+MVM7Rcis=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-05-31T23:59:59", - "not_valid_before": "2020-07-16T12:25:27", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27574323204680624563828232751587726221614248135444919305107192432358158712885634902023526263476568000548956635892871232119825117569958181507625421723755440661659655382171341195513888591832987804080918992434260104963355485317095112178389837324188942874283181495696976630686075061284801124642200510841127304555323615001583090401892633316318617318068397987391334692735182696642811398335455679721283673797613937064201001202434279028751316590484836668909354002102995942171354622174974635705425910250149774710777862545946917761383109590429482046753677126173529497505985521767736455487435900636821013875344068916182447696707 - }, - "serial_number": 10094920634610845175072226827329899116, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", - "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" - } - ], - "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", - "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", - "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2031-11-10T00:00:00", - "not_valid_before": "2006-11-10T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 - }, - "serial_number": 10944719598952040374951832963794454346, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "verified_chain_has_legacy_symantec_anchor": false, - "verified_chain_has_sha1_signature": false + "date_scans_completed": "2021-12-22T12:56:13.259283", + "date_scans_started": "2021-12-22T12:55:23.830874", + "server_scan_results": [ + { + "connectivity_error_trace": null, + "connectivity_result": { + "cipher_suite_supported": "ECDHE-RSA-AES128-GCM-SHA256", + "client_auth_requirement": "DISABLED", + "highest_tls_version_supported": "TLS_1_2", + "supports_ecdh_key_exchange": true + }, + "connectivity_status": "COMPLETED", + "network_configuration": { + "network_max_retries": 3, + "network_timeout": 5, + "tls_client_auth_credentials": null, + "tls_opportunistic_encryption": null, + "tls_server_name_indication": "revoked.badssl.com", + "xmpp_to_hostname": null + }, + "scan_result": { + "certificate_info": { + "error_reason": null, + "error_trace": null, + "result": { + "certificate_deployments": [ + { + "leaf_certificate_has_must_staple_extension": false, + "leaf_certificate_is_ev": false, + "leaf_certificate_signed_certificate_timestamps_count": 3, + "leaf_certificate_subject_matches_hostname": true, + "ocsp_response": null, + "ocsp_response_is_trusted": null, + "path_validation_results": [ + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Android", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/google_aosp.pem", + "version": "12.0.0_r3" + }, + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGhjCCBW6gAwIBAgIQDS5nopiFO5pUUuOihaRXLzANBgkqhkiG9w0BAQsFADBZ\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypS\nYXBpZFNTTCBUTFMgRFYgUlNBIE1peGVkIFNIQTI1NiAyMDIwIENBLTEwHhcNMjEx\nMDI3MDAwMDAwWhcNMjIxMDI3MjM1OTU5WjAdMRswGQYDVQQDExJyZXZva2VkLmJh\nZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwdi1VZtxy\niqCehZI4f1vhk42tBsit6Ym07x53WzNFFmB9MzhoBNfJg0KD2TBLVEkUyu2+DHa6\nX6ZcM3g/OfJJqIgy7lMhFNOqXFg8Ocz3gLEnH1R5e2yL/0GqOSSVX3G8Sb85O6XV\n4aXeHUCBJdyKR4L+zXxLLAS70ydWUaBh8tLLVQglKoXbLAaNDWHCWz6bRtxY/xMn\nvgpEHmj+4fa33p+ObMS1GfrX009VqGF522Evapws8cSBu57SAgW6nBSg+fNUeX1p\n2bpmHIeVQVAO+V7ht731MSTFISEDis9teFje2TB9A0JS1rAbuclUG1royFPwrCuC\nECemqXAlrvinAgMBAAGjggOEMIIDgDAfBgNVHSMEGDAWgBSkjeW+fHnkcCNtLik0\nrSNY3PUxfzAdBgNVHQ4EFgQUsMjOILJ4zB0j7/D+1g4pS6wVcjwwHQYDVR0RBBYw\nFIIScmV2b2tlZC5iYWRzc2wuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU\nBggrBgEFBQcDAQYIKwYBBQUHAwIwgZsGA1UdHwSBkzCBkDBGoESgQoZAaHR0cDov\nL2NybDMuZGlnaWNlcnQuY29tL1JhcGlkU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIw\nMjBDQS0xLmNybDBGoESgQoZAaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1JhcGlk\nU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIwMjBDQS0xLmNybDA+BgNVHSAENzA1MDMG\nBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D\nUFMwgYUGCCsGAQUFBwEBBHkwdzAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln\naWNlcnQuY29tME8GCCsGAQUFBzAChkNodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5j\nb20vUmFwaWRTU0xUTFNEVlJTQU1peGVkU0hBMjU2MjAyMENBLTEuY3J0MAkGA1Ud\nEwQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2ACl5vvCeOTkh8FZzn2Ol\nd+W+V32cYAr4+U1dJlwlXceEAAABfMOk9zcAAAQDAEcwRQIgd7B5GPPeNHD68hvC\nMjnIyJWwyHqPYiNY3a35G76Ele0CIQDdJWhHo4RflbHq57wKCZL5WlZyMewH1saX\nTUx7kHVkrgB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfMOk\n92QAAAQDAEcwRQIgTCL/ZTlrfnsVIXlEwuu4TCrJpceszl9qXei3JMV27BkCIQCU\nXgLuFGCAlrwOORYBqDefFbm5ug+iDFoXkKXhMzZF8gB1AEHIyrHfIkZKEMahOglC\nh15OMYsbA+vrS8do8JBilgb2AAABfMOk9t8AAAQDAEYwRAIgaIpfULd22n40MqV3\nAqb6p4e720FcgEAsBeUJ3T/MbZ8CIHsdZEhhGXW2N9E8Hjh4hnryeRQIQujdD/84\nOjw22b/ZMA0GCSqGSIb3DQEBCwUAA4IBAQDVjL2+5NyUpLfzSa/EmSbaJ2ja6LjB\nusYwthaqUP70dwfrmfLa3XcdGYL3JCo7oGPg2wm+EH/FH4G6r55JzjIwSRePdMbW\nzWrYO0d78OAMu8COOh2jf5Ksfo3cpLUwKlcTI6fuJcY37UiyStAB/IXlweLg3Ixh\ndKqvaCgmRZSjsUzJXMeSomxKgG/dSPpPBLJKcxfy+R6OXOkj7FP/PseKthiJvHdF\nZ0uac3VrV8jAasuEHfTt73AWd47zGo67lfPr+FrkqbHfHTarCt2Rry1xPKuXGAPc\nXBqpsdu2SEDHGaeBFAsNzjhv2s/OD2QTKPNNZxss0RZUGW+qCFSjTWdk\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "XJ2IQM3u0vmEwi8+TTi8/MxApkw=", + "fingerprint_sha256": "Kav2FLKHDtcN8RIl6a4gaOMHTrmEWuJSwgZOMc6f6KE=", + "hpkp_pin": "pqyh7JgJzFtIIf+dKcXr5lGWC5Gx8ZzIm1Xvh4GKlQk=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", + "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" + } + ], + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2022-10-27T23:59:59", + "not_valid_before": "2021-10-27T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 22276216966283030678055450622429095259655482490801253859521388339587092043916960592293828501663092481444939036256933327788743707040341446186460580053972979131138573354545656566555913653054072564319924976938875745449848947009029792492804775145074960290227009479767679347927002336194892590128735938801262210422876350625989065935462395638218473700563621332998057220860942397070674003249654537033377227233962202262589488761550454921292328524235889492104187696547138887099864380496004638641698264065011383194643805299801245131763147533900478336257180018486034010809849631779268436440252990514941880172279259846725814122663 + }, + "serial_number": 17520911571050801944888693256974784303, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=revoked.badssl.com", + "value": "revoked.badssl.com" + } + ], + "rfc4514_string": "CN=revoked.badssl.com" + }, + "subject_alternative_name": { + "dns": ["revoked.badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFUTCCBDmgAwIBAgIQB5g2A63jmQghnKAMJ7yKbDANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0yMDA3MTYxMjI1MjdaFw0yMzA1MzEyMzU5NTlaMFkxCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxMzAxBgNVBAMTKlJhcGlkU1NMIFRMUyBE\nViBSU0EgTWl4ZWQgU0hBMjU2IDIwMjAgQ0EtMTCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBANpuQ1VVmXvZlaJmxGVYotAMFzoApohbJAeNpzN+49LbgkrM\nLv2tblII8H43vN7UFumxV7lJdPwLP22qa0sV9cwCr6QZoGEobda+4pufG0aSfHQC\nQhulaqKpPcYYOPjTwgqJA84AFYj8l/IeQ8n01VyCurMIHA478ts2G6GGtEx0ucnE\nfV2QHUL64EC2yh7ybboo5v8nFWV4lx/xcfxoxkFTVnAIRgHrH2vUdOiV9slOix3z\n5KPs2rK2bbach8Sh5GSkgp2HRoS/my0tCq1vjyLJeP0aNwPd3rk5O8LiffLev9j+\nUKZo0tt0VvTLkdGmSN4h1mVY6DnGfOwp1C5SK0MCAwEAAaOCAgswggIHMB0GA1Ud\nDgQWBBSkjeW+fHnkcCNtLik0rSNY3PUxfzAfBgNVHSMEGDAWgBQD3lA1VtFMu2bw\no+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQG\nCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wewYDVR0fBHQwcjA3\noDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9v\ndENBLmNybDA3oDWgM4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0\nR2xvYmFsUm9vdENBLmNybDCBzgYDVR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsG\nAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcC\nAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNj\nZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBh\ndCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUA\nA4IBAQAi49xtSOuOygBycy50quCThG45xIdUAsQCaXFVRa9asPaB/jLINXJL3qV9\nJ0Gh2bZM0k4yOMeAMZ57smP6JkcJihhOFlfQa18aljd+xNc6b+GX6oFcCHGr+gsE\nyPM8qvlKGxc5T5eHVzV6jpjpyzl6VEKpaxH6gdGVpQVgjkOR9yY9XAUlFnzlOCpq\nsm7r2ZUKpDfrhUnVzX2nSM15XSj48rVBBAnGJWkLPijlACd3sWFMVUiKRz1C5PZy\nel2l7J/W4d99KFLSYgoy5GDmARpwLc//fXfkr40nMY8ibCmxCsjXQTe0fJbtrrLL\nyWQlk9VDV296EI/kQOJNLVEkJ54P\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "m9CKWIdvbISdtruZqLGUiSZHhg4=", + "fingerprint_sha256": "5vpISoWJQNEBl4VVRUqkZlMatsSrxK0rAAYmqqwNBPk=", + "hpkp_pin": "48hXNwn3laJAzsrIBprOcewUb097BGNL7e+MVM7Rcis=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" } - ], - "hostname_used_for_server_name_indication": "revoked.badssl.com" + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-05-31T23:59:59", + "not_valid_before": "2020-07-16T12:25:27", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27574323204680624563828232751587726221614248135444919305107192432358158712885634902023526263476568000548956635892871232119825117569958181507625421723755440661659655382171341195513888591832987804080918992434260104963355485317095112178389837324188942874283181495696976630686075061284801124642200510841127304555323615001583090401892633316318617318068397987391334692735182696642811398335455679721283673797613937064201001202434279028751316590484836668909354002102995942171354622174974635705425910250149774710777862545946917761383109590429482046753677126173529497505985521767736455487435900636821013875344068916182447696707 + }, + "serial_number": 10094920634610845175072226827329899116, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", + "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" + } + ], + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", + "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", + "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2031-11-10T00:00:00", + "not_valid_before": "2006-11-10T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 + }, + "serial_number": 10944719598952040374951832963794454346, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Apple", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/apple.pem", + "version": "iOS 15, iPadOS 15, macOS 12, tvOS 15, and watchOS 8" }, - "status": "COMPLETED" - }, - "elliptic_curves": { - "error_reason": null, - "error_trace": null, - "result": { - "rejected_curves": [ - { - "name": "X25519", - "openssl_nid": 1034 - }, - { - "name": "X448", - "openssl_nid": 1035 - }, - { - "name": "prime192v1", - "openssl_nid": 409 - }, - { - "name": "secp160k1", - "openssl_nid": 708 - }, - { - "name": "secp160r1", - "openssl_nid": 709 - }, - { - "name": "secp160r2", - "openssl_nid": 710 - }, - { - "name": "secp192k1", - "openssl_nid": 711 - }, - { - "name": "secp224k1", - "openssl_nid": 712 - }, - { - "name": "secp224r1", - "openssl_nid": 713 - }, - { - "name": "secp256k1", - "openssl_nid": 714 - }, - { - "name": "secp384r1", - "openssl_nid": 715 - }, - { - "name": "secp521r1", - "openssl_nid": 716 - }, - { - "name": "sect163k1", - "openssl_nid": 721 - }, - { - "name": "sect163r1", - "openssl_nid": 722 - }, - { - "name": "sect163r2", - "openssl_nid": 723 - }, - { - "name": "sect193r1", - "openssl_nid": 724 - }, - { - "name": "sect193r2", - "openssl_nid": 725 - }, - { - "name": "sect233k1", - "openssl_nid": 726 - }, - { - "name": "sect233r1", - "openssl_nid": 727 - }, - { - "name": "sect239k1", - "openssl_nid": 728 - }, - { - "name": "sect283k1", - "openssl_nid": 729 - }, - { - "name": "sect283r1", - "openssl_nid": 730 - }, - { - "name": "sect409k1", - "openssl_nid": 731 - }, - { - "name": "sect409r1", - "openssl_nid": 732 - }, - { - "name": "sect571k1", - "openssl_nid": 733 - }, - { - "name": "sect571r1", - "openssl_nid": 734 + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGhjCCBW6gAwIBAgIQDS5nopiFO5pUUuOihaRXLzANBgkqhkiG9w0BAQsFADBZ\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypS\nYXBpZFNTTCBUTFMgRFYgUlNBIE1peGVkIFNIQTI1NiAyMDIwIENBLTEwHhcNMjEx\nMDI3MDAwMDAwWhcNMjIxMDI3MjM1OTU5WjAdMRswGQYDVQQDExJyZXZva2VkLmJh\nZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwdi1VZtxy\niqCehZI4f1vhk42tBsit6Ym07x53WzNFFmB9MzhoBNfJg0KD2TBLVEkUyu2+DHa6\nX6ZcM3g/OfJJqIgy7lMhFNOqXFg8Ocz3gLEnH1R5e2yL/0GqOSSVX3G8Sb85O6XV\n4aXeHUCBJdyKR4L+zXxLLAS70ydWUaBh8tLLVQglKoXbLAaNDWHCWz6bRtxY/xMn\nvgpEHmj+4fa33p+ObMS1GfrX009VqGF522Evapws8cSBu57SAgW6nBSg+fNUeX1p\n2bpmHIeVQVAO+V7ht731MSTFISEDis9teFje2TB9A0JS1rAbuclUG1royFPwrCuC\nECemqXAlrvinAgMBAAGjggOEMIIDgDAfBgNVHSMEGDAWgBSkjeW+fHnkcCNtLik0\nrSNY3PUxfzAdBgNVHQ4EFgQUsMjOILJ4zB0j7/D+1g4pS6wVcjwwHQYDVR0RBBYw\nFIIScmV2b2tlZC5iYWRzc2wuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU\nBggrBgEFBQcDAQYIKwYBBQUHAwIwgZsGA1UdHwSBkzCBkDBGoESgQoZAaHR0cDov\nL2NybDMuZGlnaWNlcnQuY29tL1JhcGlkU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIw\nMjBDQS0xLmNybDBGoESgQoZAaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1JhcGlk\nU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIwMjBDQS0xLmNybDA+BgNVHSAENzA1MDMG\nBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D\nUFMwgYUGCCsGAQUFBwEBBHkwdzAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln\naWNlcnQuY29tME8GCCsGAQUFBzAChkNodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5j\nb20vUmFwaWRTU0xUTFNEVlJTQU1peGVkU0hBMjU2MjAyMENBLTEuY3J0MAkGA1Ud\nEwQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2ACl5vvCeOTkh8FZzn2Ol\nd+W+V32cYAr4+U1dJlwlXceEAAABfMOk9zcAAAQDAEcwRQIgd7B5GPPeNHD68hvC\nMjnIyJWwyHqPYiNY3a35G76Ele0CIQDdJWhHo4RflbHq57wKCZL5WlZyMewH1saX\nTUx7kHVkrgB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfMOk\n92QAAAQDAEcwRQIgTCL/ZTlrfnsVIXlEwuu4TCrJpceszl9qXei3JMV27BkCIQCU\nXgLuFGCAlrwOORYBqDefFbm5ug+iDFoXkKXhMzZF8gB1AEHIyrHfIkZKEMahOglC\nh15OMYsbA+vrS8do8JBilgb2AAABfMOk9t8AAAQDAEYwRAIgaIpfULd22n40MqV3\nAqb6p4e720FcgEAsBeUJ3T/MbZ8CIHsdZEhhGXW2N9E8Hjh4hnryeRQIQujdD/84\nOjw22b/ZMA0GCSqGSIb3DQEBCwUAA4IBAQDVjL2+5NyUpLfzSa/EmSbaJ2ja6LjB\nusYwthaqUP70dwfrmfLa3XcdGYL3JCo7oGPg2wm+EH/FH4G6r55JzjIwSRePdMbW\nzWrYO0d78OAMu8COOh2jf5Ksfo3cpLUwKlcTI6fuJcY37UiyStAB/IXlweLg3Ixh\ndKqvaCgmRZSjsUzJXMeSomxKgG/dSPpPBLJKcxfy+R6OXOkj7FP/PseKthiJvHdF\nZ0uac3VrV8jAasuEHfTt73AWd47zGo67lfPr+FrkqbHfHTarCt2Rry1xPKuXGAPc\nXBqpsdu2SEDHGaeBFAsNzjhv2s/OD2QTKPNNZxss0RZUGW+qCFSjTWdk\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "XJ2IQM3u0vmEwi8+TTi8/MxApkw=", + "fingerprint_sha256": "Kav2FLKHDtcN8RIl6a4gaOMHTrmEWuJSwgZOMc6f6KE=", + "hpkp_pin": "pqyh7JgJzFtIIf+dKcXr5lGWC5Gx8ZzIm1Xvh4GKlQk=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", + "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" } - ], - "supported_curves": [ - { - "name": "prime256v1", - "openssl_nid": 415 + ], + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2022-10-27T23:59:59", + "not_valid_before": "2021-10-27T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 22276216966283030678055450622429095259655482490801253859521388339587092043916960592293828501663092481444939036256933327788743707040341446186460580053972979131138573354545656566555913653054072564319924976938875745449848947009029792492804775145074960290227009479767679347927002336194892590128735938801262210422876350625989065935462395638218473700563621332998057220860942397070674003249654537033377227233962202262589488761550454921292328524235889492104187696547138887099864380496004638641698264065011383194643805299801245131763147533900478336257180018486034010809849631779268436440252990514941880172279259846725814122663 + }, + "serial_number": 17520911571050801944888693256974784303, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=revoked.badssl.com", + "value": "revoked.badssl.com" + } + ], + "rfc4514_string": "CN=revoked.badssl.com" + }, + "subject_alternative_name": { + "dns": ["revoked.badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFUTCCBDmgAwIBAgIQB5g2A63jmQghnKAMJ7yKbDANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0yMDA3MTYxMjI1MjdaFw0yMzA1MzEyMzU5NTlaMFkxCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxMzAxBgNVBAMTKlJhcGlkU1NMIFRMUyBE\nViBSU0EgTWl4ZWQgU0hBMjU2IDIwMjAgQ0EtMTCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBANpuQ1VVmXvZlaJmxGVYotAMFzoApohbJAeNpzN+49LbgkrM\nLv2tblII8H43vN7UFumxV7lJdPwLP22qa0sV9cwCr6QZoGEobda+4pufG0aSfHQC\nQhulaqKpPcYYOPjTwgqJA84AFYj8l/IeQ8n01VyCurMIHA478ts2G6GGtEx0ucnE\nfV2QHUL64EC2yh7ybboo5v8nFWV4lx/xcfxoxkFTVnAIRgHrH2vUdOiV9slOix3z\n5KPs2rK2bbach8Sh5GSkgp2HRoS/my0tCq1vjyLJeP0aNwPd3rk5O8LiffLev9j+\nUKZo0tt0VvTLkdGmSN4h1mVY6DnGfOwp1C5SK0MCAwEAAaOCAgswggIHMB0GA1Ud\nDgQWBBSkjeW+fHnkcCNtLik0rSNY3PUxfzAfBgNVHSMEGDAWgBQD3lA1VtFMu2bw\no+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQG\nCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wewYDVR0fBHQwcjA3\noDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9v\ndENBLmNybDA3oDWgM4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0\nR2xvYmFsUm9vdENBLmNybDCBzgYDVR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsG\nAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcC\nAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNj\nZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBh\ndCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUA\nA4IBAQAi49xtSOuOygBycy50quCThG45xIdUAsQCaXFVRa9asPaB/jLINXJL3qV9\nJ0Gh2bZM0k4yOMeAMZ57smP6JkcJihhOFlfQa18aljd+xNc6b+GX6oFcCHGr+gsE\nyPM8qvlKGxc5T5eHVzV6jpjpyzl6VEKpaxH6gdGVpQVgjkOR9yY9XAUlFnzlOCpq\nsm7r2ZUKpDfrhUnVzX2nSM15XSj48rVBBAnGJWkLPijlACd3sWFMVUiKRz1C5PZy\nel2l7J/W4d99KFLSYgoy5GDmARpwLc//fXfkr40nMY8ibCmxCsjXQTe0fJbtrrLL\nyWQlk9VDV296EI/kQOJNLVEkJ54P\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "m9CKWIdvbISdtruZqLGUiSZHhg4=", + "fingerprint_sha256": "5vpISoWJQNEBl4VVRUqkZlMatsSrxK0rAAYmqqwNBPk=", + "hpkp_pin": "48hXNwn3laJAzsrIBprOcewUb097BGNL7e+MVM7Rcis=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-05-31T23:59:59", + "not_valid_before": "2020-07-16T12:25:27", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27574323204680624563828232751587726221614248135444919305107192432358158712885634902023526263476568000548956635892871232119825117569958181507625421723755440661659655382171341195513888591832987804080918992434260104963355485317095112178389837324188942874283181495696976630686075061284801124642200510841127304555323615001583090401892633316318617318068397987391334692735182696642811398335455679721283673797613937064201001202434279028751316590484836668909354002102995942171354622174974635705425910250149774710777862545946917761383109590429482046753677126173529497505985521767736455487435900636821013875344068916182447696707 + }, + "serial_number": 10094920634610845175072226827329899116, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", + "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" + } + ], + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", + "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", + "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2031-11-10T00:00:00", + "not_valid_before": "2006-11-10T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 + }, + "serial_number": 10944719598952040374951832963794454346, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" } - ], - "supports_ecdh_key_exchange": true + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Java", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/oracle_java.pem", + "version": "jdk-13.0.2" }, - "status": "COMPLETED" - }, - "heartbleed": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_heartbleed": false + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGhjCCBW6gAwIBAgIQDS5nopiFO5pUUuOihaRXLzANBgkqhkiG9w0BAQsFADBZ\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypS\nYXBpZFNTTCBUTFMgRFYgUlNBIE1peGVkIFNIQTI1NiAyMDIwIENBLTEwHhcNMjEx\nMDI3MDAwMDAwWhcNMjIxMDI3MjM1OTU5WjAdMRswGQYDVQQDExJyZXZva2VkLmJh\nZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwdi1VZtxy\niqCehZI4f1vhk42tBsit6Ym07x53WzNFFmB9MzhoBNfJg0KD2TBLVEkUyu2+DHa6\nX6ZcM3g/OfJJqIgy7lMhFNOqXFg8Ocz3gLEnH1R5e2yL/0GqOSSVX3G8Sb85O6XV\n4aXeHUCBJdyKR4L+zXxLLAS70ydWUaBh8tLLVQglKoXbLAaNDWHCWz6bRtxY/xMn\nvgpEHmj+4fa33p+ObMS1GfrX009VqGF522Evapws8cSBu57SAgW6nBSg+fNUeX1p\n2bpmHIeVQVAO+V7ht731MSTFISEDis9teFje2TB9A0JS1rAbuclUG1royFPwrCuC\nECemqXAlrvinAgMBAAGjggOEMIIDgDAfBgNVHSMEGDAWgBSkjeW+fHnkcCNtLik0\nrSNY3PUxfzAdBgNVHQ4EFgQUsMjOILJ4zB0j7/D+1g4pS6wVcjwwHQYDVR0RBBYw\nFIIScmV2b2tlZC5iYWRzc2wuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU\nBggrBgEFBQcDAQYIKwYBBQUHAwIwgZsGA1UdHwSBkzCBkDBGoESgQoZAaHR0cDov\nL2NybDMuZGlnaWNlcnQuY29tL1JhcGlkU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIw\nMjBDQS0xLmNybDBGoESgQoZAaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1JhcGlk\nU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIwMjBDQS0xLmNybDA+BgNVHSAENzA1MDMG\nBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D\nUFMwgYUGCCsGAQUFBwEBBHkwdzAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln\naWNlcnQuY29tME8GCCsGAQUFBzAChkNodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5j\nb20vUmFwaWRTU0xUTFNEVlJTQU1peGVkU0hBMjU2MjAyMENBLTEuY3J0MAkGA1Ud\nEwQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2ACl5vvCeOTkh8FZzn2Ol\nd+W+V32cYAr4+U1dJlwlXceEAAABfMOk9zcAAAQDAEcwRQIgd7B5GPPeNHD68hvC\nMjnIyJWwyHqPYiNY3a35G76Ele0CIQDdJWhHo4RflbHq57wKCZL5WlZyMewH1saX\nTUx7kHVkrgB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfMOk\n92QAAAQDAEcwRQIgTCL/ZTlrfnsVIXlEwuu4TCrJpceszl9qXei3JMV27BkCIQCU\nXgLuFGCAlrwOORYBqDefFbm5ug+iDFoXkKXhMzZF8gB1AEHIyrHfIkZKEMahOglC\nh15OMYsbA+vrS8do8JBilgb2AAABfMOk9t8AAAQDAEYwRAIgaIpfULd22n40MqV3\nAqb6p4e720FcgEAsBeUJ3T/MbZ8CIHsdZEhhGXW2N9E8Hjh4hnryeRQIQujdD/84\nOjw22b/ZMA0GCSqGSIb3DQEBCwUAA4IBAQDVjL2+5NyUpLfzSa/EmSbaJ2ja6LjB\nusYwthaqUP70dwfrmfLa3XcdGYL3JCo7oGPg2wm+EH/FH4G6r55JzjIwSRePdMbW\nzWrYO0d78OAMu8COOh2jf5Ksfo3cpLUwKlcTI6fuJcY37UiyStAB/IXlweLg3Ixh\ndKqvaCgmRZSjsUzJXMeSomxKgG/dSPpPBLJKcxfy+R6OXOkj7FP/PseKthiJvHdF\nZ0uac3VrV8jAasuEHfTt73AWd47zGo67lfPr+FrkqbHfHTarCt2Rry1xPKuXGAPc\nXBqpsdu2SEDHGaeBFAsNzjhv2s/OD2QTKPNNZxss0RZUGW+qCFSjTWdk\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "XJ2IQM3u0vmEwi8+TTi8/MxApkw=", + "fingerprint_sha256": "Kav2FLKHDtcN8RIl6a4gaOMHTrmEWuJSwgZOMc6f6KE=", + "hpkp_pin": "pqyh7JgJzFtIIf+dKcXr5lGWC5Gx8ZzIm1Xvh4GKlQk=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", + "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" + } + ], + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2022-10-27T23:59:59", + "not_valid_before": "2021-10-27T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 22276216966283030678055450622429095259655482490801253859521388339587092043916960592293828501663092481444939036256933327788743707040341446186460580053972979131138573354545656566555913653054072564319924976938875745449848947009029792492804775145074960290227009479767679347927002336194892590128735938801262210422876350625989065935462395638218473700563621332998057220860942397070674003249654537033377227233962202262589488761550454921292328524235889492104187696547138887099864380496004638641698264065011383194643805299801245131763147533900478336257180018486034010809849631779268436440252990514941880172279259846725814122663 + }, + "serial_number": 17520911571050801944888693256974784303, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=revoked.badssl.com", + "value": "revoked.badssl.com" + } + ], + "rfc4514_string": "CN=revoked.badssl.com" + }, + "subject_alternative_name": { + "dns": ["revoked.badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFUTCCBDmgAwIBAgIQB5g2A63jmQghnKAMJ7yKbDANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0yMDA3MTYxMjI1MjdaFw0yMzA1MzEyMzU5NTlaMFkxCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxMzAxBgNVBAMTKlJhcGlkU1NMIFRMUyBE\nViBSU0EgTWl4ZWQgU0hBMjU2IDIwMjAgQ0EtMTCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBANpuQ1VVmXvZlaJmxGVYotAMFzoApohbJAeNpzN+49LbgkrM\nLv2tblII8H43vN7UFumxV7lJdPwLP22qa0sV9cwCr6QZoGEobda+4pufG0aSfHQC\nQhulaqKpPcYYOPjTwgqJA84AFYj8l/IeQ8n01VyCurMIHA478ts2G6GGtEx0ucnE\nfV2QHUL64EC2yh7ybboo5v8nFWV4lx/xcfxoxkFTVnAIRgHrH2vUdOiV9slOix3z\n5KPs2rK2bbach8Sh5GSkgp2HRoS/my0tCq1vjyLJeP0aNwPd3rk5O8LiffLev9j+\nUKZo0tt0VvTLkdGmSN4h1mVY6DnGfOwp1C5SK0MCAwEAAaOCAgswggIHMB0GA1Ud\nDgQWBBSkjeW+fHnkcCNtLik0rSNY3PUxfzAfBgNVHSMEGDAWgBQD3lA1VtFMu2bw\no+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQG\nCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wewYDVR0fBHQwcjA3\noDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9v\ndENBLmNybDA3oDWgM4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0\nR2xvYmFsUm9vdENBLmNybDCBzgYDVR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsG\nAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcC\nAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNj\nZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBh\ndCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUA\nA4IBAQAi49xtSOuOygBycy50quCThG45xIdUAsQCaXFVRa9asPaB/jLINXJL3qV9\nJ0Gh2bZM0k4yOMeAMZ57smP6JkcJihhOFlfQa18aljd+xNc6b+GX6oFcCHGr+gsE\nyPM8qvlKGxc5T5eHVzV6jpjpyzl6VEKpaxH6gdGVpQVgjkOR9yY9XAUlFnzlOCpq\nsm7r2ZUKpDfrhUnVzX2nSM15XSj48rVBBAnGJWkLPijlACd3sWFMVUiKRz1C5PZy\nel2l7J/W4d99KFLSYgoy5GDmARpwLc//fXfkr40nMY8ibCmxCsjXQTe0fJbtrrLL\nyWQlk9VDV296EI/kQOJNLVEkJ54P\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "m9CKWIdvbISdtruZqLGUiSZHhg4=", + "fingerprint_sha256": "5vpISoWJQNEBl4VVRUqkZlMatsSrxK0rAAYmqqwNBPk=", + "hpkp_pin": "48hXNwn3laJAzsrIBprOcewUb097BGNL7e+MVM7Rcis=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-05-31T23:59:59", + "not_valid_before": "2020-07-16T12:25:27", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27574323204680624563828232751587726221614248135444919305107192432358158712885634902023526263476568000548956635892871232119825117569958181507625421723755440661659655382171341195513888591832987804080918992434260104963355485317095112178389837324188942874283181495696976630686075061284801124642200510841127304555323615001583090401892633316318617318068397987391334692735182696642811398335455679721283673797613937064201001202434279028751316590484836668909354002102995942171354622174974635705425910250149774710777862545946917761383109590429482046753677126173529497505985521767736455487435900636821013875344068916182447696707 + }, + "serial_number": 10094920634610845175072226827329899116, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", + "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" + } + ], + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", + "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", + "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2031-11-10T00:00:00", + "not_valid_before": "2006-11-10T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 + }, + "serial_number": 10944719598952040374951832963794454346, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": [ + { + "dotted_string": "1.2.276.0.44.1.1.1.4", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.392.200091.100.721.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.40.0.17.1.22", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.616.1.113527.2.5.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.159.1.17.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.13177.10.1.3.10", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14370.1.6", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14777.6.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14777.6.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.14.2.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.14.2.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.8.12.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.8.12.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.22234.2.5.2.3.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.23223.1.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.29836.1.10", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.3", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.4", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.36305.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.40869.1.1.22.3", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.4146.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.4788.2.202.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.6334.1.100.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.6449.1.2.1.5.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.782.1.2.1.8.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.7879.13.24.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.8024.0.2.100.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.156.112554.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.528.1.1003.1.2.7", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.578.1.26.1.3.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.756.1.83.21.0", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.756.1.89.1.2.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.792.3.0.3.1.1.5", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.792.3.0.4.1.1.4", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.113733.1.7.23.6", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.113733.1.7.48.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114028.10.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114171.500.9", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114404.1.1.2.4.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114412.2.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114413.1.7.23.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114414.1.7.23.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114414.1.7.24.3", + "name": "Unknown OID" + } + ], + "name": "Mozilla", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/mozilla_nss.pem", + "version": "2021-09-25" }, - "status": "COMPLETED" - }, - "http_headers": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "openssl_ccs_injection": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_ccs_injection": false + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGhjCCBW6gAwIBAgIQDS5nopiFO5pUUuOihaRXLzANBgkqhkiG9w0BAQsFADBZ\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypS\nYXBpZFNTTCBUTFMgRFYgUlNBIE1peGVkIFNIQTI1NiAyMDIwIENBLTEwHhcNMjEx\nMDI3MDAwMDAwWhcNMjIxMDI3MjM1OTU5WjAdMRswGQYDVQQDExJyZXZva2VkLmJh\nZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwdi1VZtxy\niqCehZI4f1vhk42tBsit6Ym07x53WzNFFmB9MzhoBNfJg0KD2TBLVEkUyu2+DHa6\nX6ZcM3g/OfJJqIgy7lMhFNOqXFg8Ocz3gLEnH1R5e2yL/0GqOSSVX3G8Sb85O6XV\n4aXeHUCBJdyKR4L+zXxLLAS70ydWUaBh8tLLVQglKoXbLAaNDWHCWz6bRtxY/xMn\nvgpEHmj+4fa33p+ObMS1GfrX009VqGF522Evapws8cSBu57SAgW6nBSg+fNUeX1p\n2bpmHIeVQVAO+V7ht731MSTFISEDis9teFje2TB9A0JS1rAbuclUG1royFPwrCuC\nECemqXAlrvinAgMBAAGjggOEMIIDgDAfBgNVHSMEGDAWgBSkjeW+fHnkcCNtLik0\nrSNY3PUxfzAdBgNVHQ4EFgQUsMjOILJ4zB0j7/D+1g4pS6wVcjwwHQYDVR0RBBYw\nFIIScmV2b2tlZC5iYWRzc2wuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU\nBggrBgEFBQcDAQYIKwYBBQUHAwIwgZsGA1UdHwSBkzCBkDBGoESgQoZAaHR0cDov\nL2NybDMuZGlnaWNlcnQuY29tL1JhcGlkU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIw\nMjBDQS0xLmNybDBGoESgQoZAaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1JhcGlk\nU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIwMjBDQS0xLmNybDA+BgNVHSAENzA1MDMG\nBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D\nUFMwgYUGCCsGAQUFBwEBBHkwdzAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln\naWNlcnQuY29tME8GCCsGAQUFBzAChkNodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5j\nb20vUmFwaWRTU0xUTFNEVlJTQU1peGVkU0hBMjU2MjAyMENBLTEuY3J0MAkGA1Ud\nEwQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2ACl5vvCeOTkh8FZzn2Ol\nd+W+V32cYAr4+U1dJlwlXceEAAABfMOk9zcAAAQDAEcwRQIgd7B5GPPeNHD68hvC\nMjnIyJWwyHqPYiNY3a35G76Ele0CIQDdJWhHo4RflbHq57wKCZL5WlZyMewH1saX\nTUx7kHVkrgB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfMOk\n92QAAAQDAEcwRQIgTCL/ZTlrfnsVIXlEwuu4TCrJpceszl9qXei3JMV27BkCIQCU\nXgLuFGCAlrwOORYBqDefFbm5ug+iDFoXkKXhMzZF8gB1AEHIyrHfIkZKEMahOglC\nh15OMYsbA+vrS8do8JBilgb2AAABfMOk9t8AAAQDAEYwRAIgaIpfULd22n40MqV3\nAqb6p4e720FcgEAsBeUJ3T/MbZ8CIHsdZEhhGXW2N9E8Hjh4hnryeRQIQujdD/84\nOjw22b/ZMA0GCSqGSIb3DQEBCwUAA4IBAQDVjL2+5NyUpLfzSa/EmSbaJ2ja6LjB\nusYwthaqUP70dwfrmfLa3XcdGYL3JCo7oGPg2wm+EH/FH4G6r55JzjIwSRePdMbW\nzWrYO0d78OAMu8COOh2jf5Ksfo3cpLUwKlcTI6fuJcY37UiyStAB/IXlweLg3Ixh\ndKqvaCgmRZSjsUzJXMeSomxKgG/dSPpPBLJKcxfy+R6OXOkj7FP/PseKthiJvHdF\nZ0uac3VrV8jAasuEHfTt73AWd47zGo67lfPr+FrkqbHfHTarCt2Rry1xPKuXGAPc\nXBqpsdu2SEDHGaeBFAsNzjhv2s/OD2QTKPNNZxss0RZUGW+qCFSjTWdk\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "XJ2IQM3u0vmEwi8+TTi8/MxApkw=", + "fingerprint_sha256": "Kav2FLKHDtcN8RIl6a4gaOMHTrmEWuJSwgZOMc6f6KE=", + "hpkp_pin": "pqyh7JgJzFtIIf+dKcXr5lGWC5Gx8ZzIm1Xvh4GKlQk=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", + "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" + } + ], + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2022-10-27T23:59:59", + "not_valid_before": "2021-10-27T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 22276216966283030678055450622429095259655482490801253859521388339587092043916960592293828501663092481444939036256933327788743707040341446186460580053972979131138573354545656566555913653054072564319924976938875745449848947009029792492804775145074960290227009479767679347927002336194892590128735938801262210422876350625989065935462395638218473700563621332998057220860942397070674003249654537033377227233962202262589488761550454921292328524235889492104187696547138887099864380496004638641698264065011383194643805299801245131763147533900478336257180018486034010809849631779268436440252990514941880172279259846725814122663 + }, + "serial_number": 17520911571050801944888693256974784303, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=revoked.badssl.com", + "value": "revoked.badssl.com" + } + ], + "rfc4514_string": "CN=revoked.badssl.com" + }, + "subject_alternative_name": { + "dns": ["revoked.badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFUTCCBDmgAwIBAgIQB5g2A63jmQghnKAMJ7yKbDANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0yMDA3MTYxMjI1MjdaFw0yMzA1MzEyMzU5NTlaMFkxCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxMzAxBgNVBAMTKlJhcGlkU1NMIFRMUyBE\nViBSU0EgTWl4ZWQgU0hBMjU2IDIwMjAgQ0EtMTCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBANpuQ1VVmXvZlaJmxGVYotAMFzoApohbJAeNpzN+49LbgkrM\nLv2tblII8H43vN7UFumxV7lJdPwLP22qa0sV9cwCr6QZoGEobda+4pufG0aSfHQC\nQhulaqKpPcYYOPjTwgqJA84AFYj8l/IeQ8n01VyCurMIHA478ts2G6GGtEx0ucnE\nfV2QHUL64EC2yh7ybboo5v8nFWV4lx/xcfxoxkFTVnAIRgHrH2vUdOiV9slOix3z\n5KPs2rK2bbach8Sh5GSkgp2HRoS/my0tCq1vjyLJeP0aNwPd3rk5O8LiffLev9j+\nUKZo0tt0VvTLkdGmSN4h1mVY6DnGfOwp1C5SK0MCAwEAAaOCAgswggIHMB0GA1Ud\nDgQWBBSkjeW+fHnkcCNtLik0rSNY3PUxfzAfBgNVHSMEGDAWgBQD3lA1VtFMu2bw\no+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQG\nCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wewYDVR0fBHQwcjA3\noDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9v\ndENBLmNybDA3oDWgM4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0\nR2xvYmFsUm9vdENBLmNybDCBzgYDVR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsG\nAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcC\nAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNj\nZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBh\ndCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUA\nA4IBAQAi49xtSOuOygBycy50quCThG45xIdUAsQCaXFVRa9asPaB/jLINXJL3qV9\nJ0Gh2bZM0k4yOMeAMZ57smP6JkcJihhOFlfQa18aljd+xNc6b+GX6oFcCHGr+gsE\nyPM8qvlKGxc5T5eHVzV6jpjpyzl6VEKpaxH6gdGVpQVgjkOR9yY9XAUlFnzlOCpq\nsm7r2ZUKpDfrhUnVzX2nSM15XSj48rVBBAnGJWkLPijlACd3sWFMVUiKRz1C5PZy\nel2l7J/W4d99KFLSYgoy5GDmARpwLc//fXfkr40nMY8ibCmxCsjXQTe0fJbtrrLL\nyWQlk9VDV296EI/kQOJNLVEkJ54P\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "m9CKWIdvbISdtruZqLGUiSZHhg4=", + "fingerprint_sha256": "5vpISoWJQNEBl4VVRUqkZlMatsSrxK0rAAYmqqwNBPk=", + "hpkp_pin": "48hXNwn3laJAzsrIBprOcewUb097BGNL7e+MVM7Rcis=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-05-31T23:59:59", + "not_valid_before": "2020-07-16T12:25:27", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27574323204680624563828232751587726221614248135444919305107192432358158712885634902023526263476568000548956635892871232119825117569958181507625421723755440661659655382171341195513888591832987804080918992434260104963355485317095112178389837324188942874283181495696976630686075061284801124642200510841127304555323615001583090401892633316318617318068397987391334692735182696642811398335455679721283673797613937064201001202434279028751316590484836668909354002102995942171354622174974635705425910250149774710777862545946917761383109590429482046753677126173529497505985521767736455487435900636821013875344068916182447696707 + }, + "serial_number": 10094920634610845175072226827329899116, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", + "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" + } + ], + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", + "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", + "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2031-11-10T00:00:00", + "not_valid_before": "2006-11-10T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 + }, + "serial_number": 10944719598952040374951832963794454346, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Windows", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/microsoft_windows.pem", + "version": "2021-09-25" }, - "status": "COMPLETED" - }, - "robot": { - "error_reason": null, - "error_trace": null, - "result": { - "robot_result": "NOT_VULNERABLE_NO_ORACLE" + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGhjCCBW6gAwIBAgIQDS5nopiFO5pUUuOihaRXLzANBgkqhkiG9w0BAQsFADBZ\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypS\nYXBpZFNTTCBUTFMgRFYgUlNBIE1peGVkIFNIQTI1NiAyMDIwIENBLTEwHhcNMjEx\nMDI3MDAwMDAwWhcNMjIxMDI3MjM1OTU5WjAdMRswGQYDVQQDExJyZXZva2VkLmJh\nZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwdi1VZtxy\niqCehZI4f1vhk42tBsit6Ym07x53WzNFFmB9MzhoBNfJg0KD2TBLVEkUyu2+DHa6\nX6ZcM3g/OfJJqIgy7lMhFNOqXFg8Ocz3gLEnH1R5e2yL/0GqOSSVX3G8Sb85O6XV\n4aXeHUCBJdyKR4L+zXxLLAS70ydWUaBh8tLLVQglKoXbLAaNDWHCWz6bRtxY/xMn\nvgpEHmj+4fa33p+ObMS1GfrX009VqGF522Evapws8cSBu57SAgW6nBSg+fNUeX1p\n2bpmHIeVQVAO+V7ht731MSTFISEDis9teFje2TB9A0JS1rAbuclUG1royFPwrCuC\nECemqXAlrvinAgMBAAGjggOEMIIDgDAfBgNVHSMEGDAWgBSkjeW+fHnkcCNtLik0\nrSNY3PUxfzAdBgNVHQ4EFgQUsMjOILJ4zB0j7/D+1g4pS6wVcjwwHQYDVR0RBBYw\nFIIScmV2b2tlZC5iYWRzc2wuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU\nBggrBgEFBQcDAQYIKwYBBQUHAwIwgZsGA1UdHwSBkzCBkDBGoESgQoZAaHR0cDov\nL2NybDMuZGlnaWNlcnQuY29tL1JhcGlkU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIw\nMjBDQS0xLmNybDBGoESgQoZAaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1JhcGlk\nU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIwMjBDQS0xLmNybDA+BgNVHSAENzA1MDMG\nBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D\nUFMwgYUGCCsGAQUFBwEBBHkwdzAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln\naWNlcnQuY29tME8GCCsGAQUFBzAChkNodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5j\nb20vUmFwaWRTU0xUTFNEVlJTQU1peGVkU0hBMjU2MjAyMENBLTEuY3J0MAkGA1Ud\nEwQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2ACl5vvCeOTkh8FZzn2Ol\nd+W+V32cYAr4+U1dJlwlXceEAAABfMOk9zcAAAQDAEcwRQIgd7B5GPPeNHD68hvC\nMjnIyJWwyHqPYiNY3a35G76Ele0CIQDdJWhHo4RflbHq57wKCZL5WlZyMewH1saX\nTUx7kHVkrgB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfMOk\n92QAAAQDAEcwRQIgTCL/ZTlrfnsVIXlEwuu4TCrJpceszl9qXei3JMV27BkCIQCU\nXgLuFGCAlrwOORYBqDefFbm5ug+iDFoXkKXhMzZF8gB1AEHIyrHfIkZKEMahOglC\nh15OMYsbA+vrS8do8JBilgb2AAABfMOk9t8AAAQDAEYwRAIgaIpfULd22n40MqV3\nAqb6p4e720FcgEAsBeUJ3T/MbZ8CIHsdZEhhGXW2N9E8Hjh4hnryeRQIQujdD/84\nOjw22b/ZMA0GCSqGSIb3DQEBCwUAA4IBAQDVjL2+5NyUpLfzSa/EmSbaJ2ja6LjB\nusYwthaqUP70dwfrmfLa3XcdGYL3JCo7oGPg2wm+EH/FH4G6r55JzjIwSRePdMbW\nzWrYO0d78OAMu8COOh2jf5Ksfo3cpLUwKlcTI6fuJcY37UiyStAB/IXlweLg3Ixh\ndKqvaCgmRZSjsUzJXMeSomxKgG/dSPpPBLJKcxfy+R6OXOkj7FP/PseKthiJvHdF\nZ0uac3VrV8jAasuEHfTt73AWd47zGo67lfPr+FrkqbHfHTarCt2Rry1xPKuXGAPc\nXBqpsdu2SEDHGaeBFAsNzjhv2s/OD2QTKPNNZxss0RZUGW+qCFSjTWdk\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "XJ2IQM3u0vmEwi8+TTi8/MxApkw=", + "fingerprint_sha256": "Kav2FLKHDtcN8RIl6a4gaOMHTrmEWuJSwgZOMc6f6KE=", + "hpkp_pin": "pqyh7JgJzFtIIf+dKcXr5lGWC5Gx8ZzIm1Xvh4GKlQk=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", + "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" + } + ], + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2022-10-27T23:59:59", + "not_valid_before": "2021-10-27T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 22276216966283030678055450622429095259655482490801253859521388339587092043916960592293828501663092481444939036256933327788743707040341446186460580053972979131138573354545656566555913653054072564319924976938875745449848947009029792492804775145074960290227009479767679347927002336194892590128735938801262210422876350625989065935462395638218473700563621332998057220860942397070674003249654537033377227233962202262589488761550454921292328524235889492104187696547138887099864380496004638641698264065011383194643805299801245131763147533900478336257180018486034010809849631779268436440252990514941880172279259846725814122663 + }, + "serial_number": 17520911571050801944888693256974784303, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=revoked.badssl.com", + "value": "revoked.badssl.com" + } + ], + "rfc4514_string": "CN=revoked.badssl.com" + }, + "subject_alternative_name": { + "dns": ["revoked.badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFUTCCBDmgAwIBAgIQB5g2A63jmQghnKAMJ7yKbDANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0yMDA3MTYxMjI1MjdaFw0yMzA1MzEyMzU5NTlaMFkxCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxMzAxBgNVBAMTKlJhcGlkU1NMIFRMUyBE\nViBSU0EgTWl4ZWQgU0hBMjU2IDIwMjAgQ0EtMTCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBANpuQ1VVmXvZlaJmxGVYotAMFzoApohbJAeNpzN+49LbgkrM\nLv2tblII8H43vN7UFumxV7lJdPwLP22qa0sV9cwCr6QZoGEobda+4pufG0aSfHQC\nQhulaqKpPcYYOPjTwgqJA84AFYj8l/IeQ8n01VyCurMIHA478ts2G6GGtEx0ucnE\nfV2QHUL64EC2yh7ybboo5v8nFWV4lx/xcfxoxkFTVnAIRgHrH2vUdOiV9slOix3z\n5KPs2rK2bbach8Sh5GSkgp2HRoS/my0tCq1vjyLJeP0aNwPd3rk5O8LiffLev9j+\nUKZo0tt0VvTLkdGmSN4h1mVY6DnGfOwp1C5SK0MCAwEAAaOCAgswggIHMB0GA1Ud\nDgQWBBSkjeW+fHnkcCNtLik0rSNY3PUxfzAfBgNVHSMEGDAWgBQD3lA1VtFMu2bw\no+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQG\nCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wewYDVR0fBHQwcjA3\noDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9v\ndENBLmNybDA3oDWgM4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0\nR2xvYmFsUm9vdENBLmNybDCBzgYDVR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsG\nAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcC\nAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNj\nZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBh\ndCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUA\nA4IBAQAi49xtSOuOygBycy50quCThG45xIdUAsQCaXFVRa9asPaB/jLINXJL3qV9\nJ0Gh2bZM0k4yOMeAMZ57smP6JkcJihhOFlfQa18aljd+xNc6b+GX6oFcCHGr+gsE\nyPM8qvlKGxc5T5eHVzV6jpjpyzl6VEKpaxH6gdGVpQVgjkOR9yY9XAUlFnzlOCpq\nsm7r2ZUKpDfrhUnVzX2nSM15XSj48rVBBAnGJWkLPijlACd3sWFMVUiKRz1C5PZy\nel2l7J/W4d99KFLSYgoy5GDmARpwLc//fXfkr40nMY8ibCmxCsjXQTe0fJbtrrLL\nyWQlk9VDV296EI/kQOJNLVEkJ54P\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "m9CKWIdvbISdtruZqLGUiSZHhg4=", + "fingerprint_sha256": "5vpISoWJQNEBl4VVRUqkZlMatsSrxK0rAAYmqqwNBPk=", + "hpkp_pin": "48hXNwn3laJAzsrIBprOcewUb097BGNL7e+MVM7Rcis=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-05-31T23:59:59", + "not_valid_before": "2020-07-16T12:25:27", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27574323204680624563828232751587726221614248135444919305107192432358158712885634902023526263476568000548956635892871232119825117569958181507625421723755440661659655382171341195513888591832987804080918992434260104963355485317095112178389837324188942874283181495696976630686075061284801124642200510841127304555323615001583090401892633316318617318068397987391334692735182696642811398335455679721283673797613937064201001202434279028751316590484836668909354002102995942171354622174974635705425910250149774710777862545946917761383109590429482046753677126173529497505985521767736455487435900636821013875344068916182447696707 + }, + "serial_number": 10094920634610845175072226827329899116, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", + "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" + } + ], + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", + "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", + "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2031-11-10T00:00:00", + "not_valid_before": "2006-11-10T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 + }, + "serial_number": 10944719598952040374951832963794454346, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + } + ], + "received_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGhjCCBW6gAwIBAgIQDS5nopiFO5pUUuOihaRXLzANBgkqhkiG9w0BAQsFADBZ\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypS\nYXBpZFNTTCBUTFMgRFYgUlNBIE1peGVkIFNIQTI1NiAyMDIwIENBLTEwHhcNMjEx\nMDI3MDAwMDAwWhcNMjIxMDI3MjM1OTU5WjAdMRswGQYDVQQDExJyZXZva2VkLmJh\nZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwdi1VZtxy\niqCehZI4f1vhk42tBsit6Ym07x53WzNFFmB9MzhoBNfJg0KD2TBLVEkUyu2+DHa6\nX6ZcM3g/OfJJqIgy7lMhFNOqXFg8Ocz3gLEnH1R5e2yL/0GqOSSVX3G8Sb85O6XV\n4aXeHUCBJdyKR4L+zXxLLAS70ydWUaBh8tLLVQglKoXbLAaNDWHCWz6bRtxY/xMn\nvgpEHmj+4fa33p+ObMS1GfrX009VqGF522Evapws8cSBu57SAgW6nBSg+fNUeX1p\n2bpmHIeVQVAO+V7ht731MSTFISEDis9teFje2TB9A0JS1rAbuclUG1royFPwrCuC\nECemqXAlrvinAgMBAAGjggOEMIIDgDAfBgNVHSMEGDAWgBSkjeW+fHnkcCNtLik0\nrSNY3PUxfzAdBgNVHQ4EFgQUsMjOILJ4zB0j7/D+1g4pS6wVcjwwHQYDVR0RBBYw\nFIIScmV2b2tlZC5iYWRzc2wuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU\nBggrBgEFBQcDAQYIKwYBBQUHAwIwgZsGA1UdHwSBkzCBkDBGoESgQoZAaHR0cDov\nL2NybDMuZGlnaWNlcnQuY29tL1JhcGlkU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIw\nMjBDQS0xLmNybDBGoESgQoZAaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1JhcGlk\nU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIwMjBDQS0xLmNybDA+BgNVHSAENzA1MDMG\nBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D\nUFMwgYUGCCsGAQUFBwEBBHkwdzAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln\naWNlcnQuY29tME8GCCsGAQUFBzAChkNodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5j\nb20vUmFwaWRTU0xUTFNEVlJTQU1peGVkU0hBMjU2MjAyMENBLTEuY3J0MAkGA1Ud\nEwQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2ACl5vvCeOTkh8FZzn2Ol\nd+W+V32cYAr4+U1dJlwlXceEAAABfMOk9zcAAAQDAEcwRQIgd7B5GPPeNHD68hvC\nMjnIyJWwyHqPYiNY3a35G76Ele0CIQDdJWhHo4RflbHq57wKCZL5WlZyMewH1saX\nTUx7kHVkrgB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfMOk\n92QAAAQDAEcwRQIgTCL/ZTlrfnsVIXlEwuu4TCrJpceszl9qXei3JMV27BkCIQCU\nXgLuFGCAlrwOORYBqDefFbm5ug+iDFoXkKXhMzZF8gB1AEHIyrHfIkZKEMahOglC\nh15OMYsbA+vrS8do8JBilgb2AAABfMOk9t8AAAQDAEYwRAIgaIpfULd22n40MqV3\nAqb6p4e720FcgEAsBeUJ3T/MbZ8CIHsdZEhhGXW2N9E8Hjh4hnryeRQIQujdD/84\nOjw22b/ZMA0GCSqGSIb3DQEBCwUAA4IBAQDVjL2+5NyUpLfzSa/EmSbaJ2ja6LjB\nusYwthaqUP70dwfrmfLa3XcdGYL3JCo7oGPg2wm+EH/FH4G6r55JzjIwSRePdMbW\nzWrYO0d78OAMu8COOh2jf5Ksfo3cpLUwKlcTI6fuJcY37UiyStAB/IXlweLg3Ixh\ndKqvaCgmRZSjsUzJXMeSomxKgG/dSPpPBLJKcxfy+R6OXOkj7FP/PseKthiJvHdF\nZ0uac3VrV8jAasuEHfTt73AWd47zGo67lfPr+FrkqbHfHTarCt2Rry1xPKuXGAPc\nXBqpsdu2SEDHGaeBFAsNzjhv2s/OD2QTKPNNZxss0RZUGW+qCFSjTWdk\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "XJ2IQM3u0vmEwi8+TTi8/MxApkw=", + "fingerprint_sha256": "Kav2FLKHDtcN8RIl6a4gaOMHTrmEWuJSwgZOMc6f6KE=", + "hpkp_pin": "pqyh7JgJzFtIIf+dKcXr5lGWC5Gx8ZzIm1Xvh4GKlQk=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", + "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" + } + ], + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" }, - "status": "COMPLETED" - }, - "session_renegotiation": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_client_renegotiation_dos": false, - "supports_secure_renegotiation": true + "not_valid_after": "2022-10-27T23:59:59", + "not_valid_before": "2021-10-27T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 22276216966283030678055450622429095259655482490801253859521388339587092043916960592293828501663092481444939036256933327788743707040341446186460580053972979131138573354545656566555913653054072564319924976938875745449848947009029792492804775145074960290227009479767679347927002336194892590128735938801262210422876350625989065935462395638218473700563621332998057220860942397070674003249654537033377227233962202262589488761550454921292328524235889492104187696547138887099864380496004638641698264065011383194643805299801245131763147533900478336257180018486034010809849631779268436440252990514941880172279259846725814122663 }, - "status": "COMPLETED" - }, - "session_resumption": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "ssl_2_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_RC4_128_WITH_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "SSL_CK_RC4_128_EXPORT40_WITH_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_RC2_128_CBC_WITH_MD5", - "openssl_name": "RC2-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_IDEA_128_CBC_WITH_MD5", - "openssl_name": "IDEA-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "SSL_CK_DES_64_CBC_WITH_MD5", - "openssl_name": "DES-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "SSL_CK_DES_192_EDE3_CBC_WITH_MD5", - "openssl_name": "DES-CBC3-MD5" - }, - "error_message": "Server rejected the connection" - } - ], - "tls_version_used": "SSL_2_0" + "serial_number": 17520911571050801944888693256974784303, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" }, - "status": "COMPLETED" - }, - "ssl_3_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "SSL_3_0" + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" }, - "status": "COMPLETED" - }, - "tls_1_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BCm1CDxgix97tXtSsepnlzB4TAmVp7aqyEJjjbKNGto2OYQClBqNcNiJHLdW6wU6zYcBmXCi7Z3Z7c9EIsA+Pmw=", - "size": 256, - "type_name": "ECDH", - "x": "KbUIPGCLH3u1e1Kx6meXMHhMCZWntqrIQmONso0a2jY=", - "y": "OYQClBqNcNiJHLdW6wU6zYcBmXCi7Z3Z7c9EIsA+Pmw=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BFMVPrOQwmvHwntE1n19GRiUfCps4Yy7jbdx9FYHfV/+xoX8XyqHORDKx3bM134hjGqoo3uqNYgzMUfM/KbkWW0=", - "size": 256, - "type_name": "ECDH", - "x": "UxU+s5DCa8fCe0TWfX0ZGJR8KmzhjLuNt3H0Vgd9X/4=", - "y": "xoX8XyqHORDKx3bM134hjGqoo3uqNYgzMUfM/KbkWW0=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BMOeTbWgf7k8Db/judjSti8TaqIo3/56iqz+7/lfoxp9pZpOQCSIL/2RIwpy+cZDFkl5cxMOfjN0H4Uv6IDWR9Q=", - "size": 256, - "type_name": "ECDH", - "x": "w55NtaB/uTwNv+O52NK2LxNqoijf/nqKrP7v+V+jGn0=", - "y": "pZpOQCSIL/2RIwpy+cZDFkl5cxMOfjN0H4Uv6IDWR9Q=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "SUNh1g1ca2vo9yaolpgxsK5tOIasMDx7LgFMQEsP1VfYuWtoDqn8SaK3B30eJl8z0PEwC/6bdxFDbMnGkQ4pdlX5uLres3/vloQX13Dn5IhxFdIzIPYhhxxa+yVbErnMHD8faMa23fOjlxkfkbND63iOgrC/zxBuCXnArqwJqhm+t+XQh+qdM3G7qT5JOv/nelx5JksWkBo9Cz4mV9MgJOF8xNW16pNBtC73CiDxPxJtKcBPVzj6OhYVMJw+NB6MP0jSD5o5vKo7e20gYoP3msO6l8MoZdquS3xU/CWRMlWOpGn7fFszgAczIxpGIYm1JhpVQoSuu7mfmwJvgfBxeA==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "jDl/DZTL+89gZQYiqlgveTMz4zxAPt+w1QucvkxAw9rialenm8tAAjW2rmJq6O1R7DziDXoDmjDauVBgpRkSCN/HgcyLQTjhaqa4gBF9dT5UcIIKZRbjnHrlfAbPmM5GiiVmUgzfOEuG5fDnTbDAnf8WkVtDctmIai+cbi1kQBQWhZi8gWjhU13vUnRJt7RY1Cg08lzZhPcKpeS7EFIK8YqZWWPq9UHoSP4HI49F2pHtE2Gt6SPTomGfP7QFlQeEhwAnu00IwigpAr0qx3HiQzIHiVXgSrHMbaiW4oOYRJCkOv7pO4VVGFZToPMi+35ycXMFfgRWODWTh+6E76IVJw==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "ZrbEZ1f3Dw+mV395yBzqiggePAweTwxZ9qDk3TYBq+iuSnlxDSE9rPy9c2Z0l0qs49zF3hOkoZxQqT/oQXuldkxXbP1cwWUDfXLvvJBRlAb2RNdDtHpYan0xMtb6BkCjsZ5EYI/PxsVq8pAqtASpj7UJn1be+MjvwtNR0i4ETGdrsD+XjDF8P8illYQ98vTvLdvHoqfID5+qKOkOnxLQVNLJ6NacbTeTNnX79Sh8U6fLh0Tb66jynb1rRZjdW3BjS0cpy97I/79hRsXfu2J/ANHi/hV8nEhV1LEVfD2ONJzdtJ0BIJJ0axizCVVYkesArEaSotAHCY5EvufITtD92g==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "bzVffvBaFT9rPB5pS7WJPnn/A5chS8QogiyF2hawQ7pIwMIoEbqhkXsSJPbaKCfGlx+4SfrWuyyK6Kv0lGUsC4jVIX536dVoDhZU0oW5CEdvjwLq9ySE39vXZPb1xHRTvhRQcRJr72REqP5cG7iU+4sng3XMrm4VJ7gvBtVYgPnOcb9IgQbu3Y/HrtMXbQvO9gnA5RairT28OEuBXXN4WI5bcKZNvizmOpV3t+He8iqsk0fzzd+R/7XftunCndQbHpJB7XcT0/ce53mB85nS09XSJTzshQ8ndj0sO6X3DrohTv+8eMsMvRe6CSYwS1en54p/tl4jnKRPFAz4iI6QRQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_0" + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=revoked.badssl.com", + "value": "revoked.badssl.com" + } + ], + "rfc4514_string": "CN=revoked.badssl.com" + }, + "subject_alternative_name": { + "dns": ["revoked.badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFUTCCBDmgAwIBAgIQB5g2A63jmQghnKAMJ7yKbDANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0yMDA3MTYxMjI1MjdaFw0yMzA1MzEyMzU5NTlaMFkxCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxMzAxBgNVBAMTKlJhcGlkU1NMIFRMUyBE\nViBSU0EgTWl4ZWQgU0hBMjU2IDIwMjAgQ0EtMTCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBANpuQ1VVmXvZlaJmxGVYotAMFzoApohbJAeNpzN+49LbgkrM\nLv2tblII8H43vN7UFumxV7lJdPwLP22qa0sV9cwCr6QZoGEobda+4pufG0aSfHQC\nQhulaqKpPcYYOPjTwgqJA84AFYj8l/IeQ8n01VyCurMIHA478ts2G6GGtEx0ucnE\nfV2QHUL64EC2yh7ybboo5v8nFWV4lx/xcfxoxkFTVnAIRgHrH2vUdOiV9slOix3z\n5KPs2rK2bbach8Sh5GSkgp2HRoS/my0tCq1vjyLJeP0aNwPd3rk5O8LiffLev9j+\nUKZo0tt0VvTLkdGmSN4h1mVY6DnGfOwp1C5SK0MCAwEAAaOCAgswggIHMB0GA1Ud\nDgQWBBSkjeW+fHnkcCNtLik0rSNY3PUxfzAfBgNVHSMEGDAWgBQD3lA1VtFMu2bw\no+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQG\nCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wewYDVR0fBHQwcjA3\noDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9v\ndENBLmNybDA3oDWgM4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0\nR2xvYmFsUm9vdENBLmNybDCBzgYDVR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsG\nAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcC\nAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNj\nZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBh\ndCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUA\nA4IBAQAi49xtSOuOygBycy50quCThG45xIdUAsQCaXFVRa9asPaB/jLINXJL3qV9\nJ0Gh2bZM0k4yOMeAMZ57smP6JkcJihhOFlfQa18aljd+xNc6b+GX6oFcCHGr+gsE\nyPM8qvlKGxc5T5eHVzV6jpjpyzl6VEKpaxH6gdGVpQVgjkOR9yY9XAUlFnzlOCpq\nsm7r2ZUKpDfrhUnVzX2nSM15XSj48rVBBAnGJWkLPijlACd3sWFMVUiKRz1C5PZy\nel2l7J/W4d99KFLSYgoy5GDmARpwLc//fXfkr40nMY8ibCmxCsjXQTe0fJbtrrLL\nyWQlk9VDV296EI/kQOJNLVEkJ54P\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "m9CKWIdvbISdtruZqLGUiSZHhg4=", + "fingerprint_sha256": "5vpISoWJQNEBl4VVRUqkZlMatsSrxK0rAAYmqqwNBPk=", + "hpkp_pin": "48hXNwn3laJAzsrIBprOcewUb097BGNL7e+MVM7Rcis=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-05-31T23:59:59", + "not_valid_before": "2020-07-16T12:25:27", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27574323204680624563828232751587726221614248135444919305107192432358158712885634902023526263476568000548956635892871232119825117569958181507625421723755440661659655382171341195513888591832987804080918992434260104963355485317095112178389837324188942874283181495696976630686075061284801124642200510841127304555323615001583090401892633316318617318068397987391334692735182696642811398335455679721283673797613937064201001202434279028751316590484836668909354002102995942171354622174974635705425910250149774710777862545946917761383109590429482046753677126173529497505985521767736455487435900636821013875344068916182447696707 + }, + "serial_number": 10094920634610845175072226827329899116, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", + "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" + } + ], + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "received_chain_contains_anchor_certificate": false, + "received_chain_has_valid_order": true, + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGhjCCBW6gAwIBAgIQDS5nopiFO5pUUuOihaRXLzANBgkqhkiG9w0BAQsFADBZ\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypS\nYXBpZFNTTCBUTFMgRFYgUlNBIE1peGVkIFNIQTI1NiAyMDIwIENBLTEwHhcNMjEx\nMDI3MDAwMDAwWhcNMjIxMDI3MjM1OTU5WjAdMRswGQYDVQQDExJyZXZva2VkLmJh\nZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwdi1VZtxy\niqCehZI4f1vhk42tBsit6Ym07x53WzNFFmB9MzhoBNfJg0KD2TBLVEkUyu2+DHa6\nX6ZcM3g/OfJJqIgy7lMhFNOqXFg8Ocz3gLEnH1R5e2yL/0GqOSSVX3G8Sb85O6XV\n4aXeHUCBJdyKR4L+zXxLLAS70ydWUaBh8tLLVQglKoXbLAaNDWHCWz6bRtxY/xMn\nvgpEHmj+4fa33p+ObMS1GfrX009VqGF522Evapws8cSBu57SAgW6nBSg+fNUeX1p\n2bpmHIeVQVAO+V7ht731MSTFISEDis9teFje2TB9A0JS1rAbuclUG1royFPwrCuC\nECemqXAlrvinAgMBAAGjggOEMIIDgDAfBgNVHSMEGDAWgBSkjeW+fHnkcCNtLik0\nrSNY3PUxfzAdBgNVHQ4EFgQUsMjOILJ4zB0j7/D+1g4pS6wVcjwwHQYDVR0RBBYw\nFIIScmV2b2tlZC5iYWRzc2wuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU\nBggrBgEFBQcDAQYIKwYBBQUHAwIwgZsGA1UdHwSBkzCBkDBGoESgQoZAaHR0cDov\nL2NybDMuZGlnaWNlcnQuY29tL1JhcGlkU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIw\nMjBDQS0xLmNybDBGoESgQoZAaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1JhcGlk\nU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIwMjBDQS0xLmNybDA+BgNVHSAENzA1MDMG\nBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D\nUFMwgYUGCCsGAQUFBwEBBHkwdzAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln\naWNlcnQuY29tME8GCCsGAQUFBzAChkNodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5j\nb20vUmFwaWRTU0xUTFNEVlJTQU1peGVkU0hBMjU2MjAyMENBLTEuY3J0MAkGA1Ud\nEwQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2ACl5vvCeOTkh8FZzn2Ol\nd+W+V32cYAr4+U1dJlwlXceEAAABfMOk9zcAAAQDAEcwRQIgd7B5GPPeNHD68hvC\nMjnIyJWwyHqPYiNY3a35G76Ele0CIQDdJWhHo4RflbHq57wKCZL5WlZyMewH1saX\nTUx7kHVkrgB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfMOk\n92QAAAQDAEcwRQIgTCL/ZTlrfnsVIXlEwuu4TCrJpceszl9qXei3JMV27BkCIQCU\nXgLuFGCAlrwOORYBqDefFbm5ug+iDFoXkKXhMzZF8gB1AEHIyrHfIkZKEMahOglC\nh15OMYsbA+vrS8do8JBilgb2AAABfMOk9t8AAAQDAEYwRAIgaIpfULd22n40MqV3\nAqb6p4e720FcgEAsBeUJ3T/MbZ8CIHsdZEhhGXW2N9E8Hjh4hnryeRQIQujdD/84\nOjw22b/ZMA0GCSqGSIb3DQEBCwUAA4IBAQDVjL2+5NyUpLfzSa/EmSbaJ2ja6LjB\nusYwthaqUP70dwfrmfLa3XcdGYL3JCo7oGPg2wm+EH/FH4G6r55JzjIwSRePdMbW\nzWrYO0d78OAMu8COOh2jf5Ksfo3cpLUwKlcTI6fuJcY37UiyStAB/IXlweLg3Ixh\ndKqvaCgmRZSjsUzJXMeSomxKgG/dSPpPBLJKcxfy+R6OXOkj7FP/PseKthiJvHdF\nZ0uac3VrV8jAasuEHfTt73AWd47zGo67lfPr+FrkqbHfHTarCt2Rry1xPKuXGAPc\nXBqpsdu2SEDHGaeBFAsNzjhv2s/OD2QTKPNNZxss0RZUGW+qCFSjTWdk\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "XJ2IQM3u0vmEwi8+TTi8/MxApkw=", + "fingerprint_sha256": "Kav2FLKHDtcN8RIl6a4gaOMHTrmEWuJSwgZOMc6f6KE=", + "hpkp_pin": "pqyh7JgJzFtIIf+dKcXr5lGWC5Gx8ZzIm1Xvh4GKlQk=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", + "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" + } + ], + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2022-10-27T23:59:59", + "not_valid_before": "2021-10-27T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 22276216966283030678055450622429095259655482490801253859521388339587092043916960592293828501663092481444939036256933327788743707040341446186460580053972979131138573354545656566555913653054072564319924976938875745449848947009029792492804775145074960290227009479767679347927002336194892590128735938801262210422876350625989065935462395638218473700563621332998057220860942397070674003249654537033377227233962202262589488761550454921292328524235889492104187696547138887099864380496004638641698264065011383194643805299801245131763147533900478336257180018486034010809849631779268436440252990514941880172279259846725814122663 + }, + "serial_number": 17520911571050801944888693256974784303, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=revoked.badssl.com", + "value": "revoked.badssl.com" + } + ], + "rfc4514_string": "CN=revoked.badssl.com" + }, + "subject_alternative_name": { + "dns": ["revoked.badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFUTCCBDmgAwIBAgIQB5g2A63jmQghnKAMJ7yKbDANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0yMDA3MTYxMjI1MjdaFw0yMzA1MzEyMzU5NTlaMFkxCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxMzAxBgNVBAMTKlJhcGlkU1NMIFRMUyBE\nViBSU0EgTWl4ZWQgU0hBMjU2IDIwMjAgQ0EtMTCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBANpuQ1VVmXvZlaJmxGVYotAMFzoApohbJAeNpzN+49LbgkrM\nLv2tblII8H43vN7UFumxV7lJdPwLP22qa0sV9cwCr6QZoGEobda+4pufG0aSfHQC\nQhulaqKpPcYYOPjTwgqJA84AFYj8l/IeQ8n01VyCurMIHA478ts2G6GGtEx0ucnE\nfV2QHUL64EC2yh7ybboo5v8nFWV4lx/xcfxoxkFTVnAIRgHrH2vUdOiV9slOix3z\n5KPs2rK2bbach8Sh5GSkgp2HRoS/my0tCq1vjyLJeP0aNwPd3rk5O8LiffLev9j+\nUKZo0tt0VvTLkdGmSN4h1mVY6DnGfOwp1C5SK0MCAwEAAaOCAgswggIHMB0GA1Ud\nDgQWBBSkjeW+fHnkcCNtLik0rSNY3PUxfzAfBgNVHSMEGDAWgBQD3lA1VtFMu2bw\no+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQG\nCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wewYDVR0fBHQwcjA3\noDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9v\ndENBLmNybDA3oDWgM4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0\nR2xvYmFsUm9vdENBLmNybDCBzgYDVR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsG\nAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcC\nAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNj\nZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBh\ndCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUA\nA4IBAQAi49xtSOuOygBycy50quCThG45xIdUAsQCaXFVRa9asPaB/jLINXJL3qV9\nJ0Gh2bZM0k4yOMeAMZ57smP6JkcJihhOFlfQa18aljd+xNc6b+GX6oFcCHGr+gsE\nyPM8qvlKGxc5T5eHVzV6jpjpyzl6VEKpaxH6gdGVpQVgjkOR9yY9XAUlFnzlOCpq\nsm7r2ZUKpDfrhUnVzX2nSM15XSj48rVBBAnGJWkLPijlACd3sWFMVUiKRz1C5PZy\nel2l7J/W4d99KFLSYgoy5GDmARpwLc//fXfkr40nMY8ibCmxCsjXQTe0fJbtrrLL\nyWQlk9VDV296EI/kQOJNLVEkJ54P\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "m9CKWIdvbISdtruZqLGUiSZHhg4=", + "fingerprint_sha256": "5vpISoWJQNEBl4VVRUqkZlMatsSrxK0rAAYmqqwNBPk=", + "hpkp_pin": "48hXNwn3laJAzsrIBprOcewUb097BGNL7e+MVM7Rcis=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-05-31T23:59:59", + "not_valid_before": "2020-07-16T12:25:27", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27574323204680624563828232751587726221614248135444919305107192432358158712885634902023526263476568000548956635892871232119825117569958181507625421723755440661659655382171341195513888591832987804080918992434260104963355485317095112178389837324188942874283181495696976630686075061284801124642200510841127304555323615001583090401892633316318617318068397987391334692735182696642811398335455679721283673797613937064201001202434279028751316590484836668909354002102995942171354622174974635705425910250149774710777862545946917761383109590429482046753677126173529497505985521767736455487435900636821013875344068916182447696707 + }, + "serial_number": 10094920634610845175072226827329899116, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" }, - "status": "COMPLETED" + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", + "value": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" + } + ], + "rfc4514_string": "CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", + "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", + "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2031-11-10T00:00:00", + "not_valid_before": "2006-11-10T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 + }, + "serial_number": 10944719598952040374951832963794454346, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "verified_chain_has_legacy_symantec_anchor": false, + "verified_chain_has_sha1_signature": false + } + ], + "hostname_used_for_server_name_indication": "revoked.badssl.com" + }, + "status": "COMPLETED" + }, + "elliptic_curves": { + "error_reason": null, + "error_trace": null, + "result": { + "rejected_curves": [ + { + "name": "X25519", + "openssl_nid": 1034 + }, + { + "name": "X448", + "openssl_nid": 1035 + }, + { + "name": "prime192v1", + "openssl_nid": 409 + }, + { + "name": "secp160k1", + "openssl_nid": 708 + }, + { + "name": "secp160r1", + "openssl_nid": 709 + }, + { + "name": "secp160r2", + "openssl_nid": 710 + }, + { + "name": "secp192k1", + "openssl_nid": 711 + }, + { + "name": "secp224k1", + "openssl_nid": 712 + }, + { + "name": "secp224r1", + "openssl_nid": 713 + }, + { + "name": "secp256k1", + "openssl_nid": 714 + }, + { + "name": "secp384r1", + "openssl_nid": 715 + }, + { + "name": "secp521r1", + "openssl_nid": 716 + }, + { + "name": "sect163k1", + "openssl_nid": 721 + }, + { + "name": "sect163r1", + "openssl_nid": 722 + }, + { + "name": "sect163r2", + "openssl_nid": 723 + }, + { + "name": "sect193r1", + "openssl_nid": 724 + }, + { + "name": "sect193r2", + "openssl_nid": 725 + }, + { + "name": "sect233k1", + "openssl_nid": 726 + }, + { + "name": "sect233r1", + "openssl_nid": 727 + }, + { + "name": "sect239k1", + "openssl_nid": 728 + }, + { + "name": "sect283k1", + "openssl_nid": 729 + }, + { + "name": "sect283r1", + "openssl_nid": 730 + }, + { + "name": "sect409k1", + "openssl_nid": 731 + }, + { + "name": "sect409r1", + "openssl_nid": 732 + }, + { + "name": "sect571k1", + "openssl_nid": 733 + }, + { + "name": "sect571r1", + "openssl_nid": 734 + } + ], + "supported_curves": [ + { + "name": "prime256v1", + "openssl_nid": 415 + } + ], + "supports_ecdh_key_exchange": true + }, + "status": "COMPLETED" + }, + "heartbleed": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_heartbleed": false + }, + "status": "COMPLETED" + }, + "http_headers": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "openssl_ccs_injection": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_ccs_injection": false + }, + "status": "COMPLETED" + }, + "robot": { + "error_reason": null, + "error_trace": null, + "result": { + "robot_result": "NOT_VULNERABLE_NO_ORACLE" + }, + "status": "COMPLETED" + }, + "session_renegotiation": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_client_renegotiation_dos": false, + "supports_secure_renegotiation": true + }, + "status": "COMPLETED" + }, + "session_resumption": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "ssl_2_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_RC4_128_WITH_MD5", + "openssl_name": "RC4-MD5" }, - "tls_1_1_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BEpXiKJwjqhsWQHniNC+thgnljkYyRazaMTx2GVlF6E1llFXjMtlPOMoA09vl7FdAZs01t3vrKtD22cdp2xXWWA=", - "size": 256, - "type_name": "ECDH", - "x": "SleIonCOqGxZAeeI0L62GCeWORjJFrNoxPHYZWUXoTU=", - "y": "llFXjMtlPOMoA09vl7FdAZs01t3vrKtD22cdp2xXWWA=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BK1hIQm0I88yfPZH7l7PJl1IX+I+anftL5Mcm8eYURd9wbngclbU8wvE2uD8uoKE7DWDVDcCrRVsu0d8V2HIQF8=", - "size": 256, - "type_name": "ECDH", - "x": "rWEhCbQjzzJ89kfuXs8mXUhf4j5qd+0vkxybx5hRF30=", - "y": "wbngclbU8wvE2uD8uoKE7DWDVDcCrRVsu0d8V2HIQF8=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BEMAGTLxGf4sKuyhzPwec3YLFi3DwlKa6owNbFXD6w0NDFIn9tcEO4wBtvQ3eLmJJ7ROxgkEytkl0QiykiwyUss=", - "size": 256, - "type_name": "ECDH", - "x": "QwAZMvEZ/iwq7KHM/B5zdgsWLcPCUprqjA1sVcPrDQ0=", - "y": "DFIn9tcEO4wBtvQ3eLmJJ7ROxgkEytkl0QiykiwyUss=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "HaE+A11+7zzYtZGPyX6Zicx4QziokQY/ieYkWYEQo63y+UNblROOtRA8mP+jai+1Tu6OKzBtjFuFRCJkPnV/nKtq4iTmXVBzrZGFY5qUf59R4JU9SbCY3ntk0Ll2lczIOXfuT7a79oyoDXoTpVIUvuRXpQL2EaU9KtXoTbQi+sF9jwNwZCmHpdNE9jVQvUrlnwQoN0QTRs9pLQn+o/68kKTsSXo9eq4/K3ePJ0Gn3z1Jjilbt1AFKZ8zXPzv3Q1EP3PL2gd0MCVsz9cQ28bEZhVkjFgyaudR5Akt/Vm2U6fZSMbmH1DqEDIC4UV0q0v8QRQE1iSXYgooqF4cmhzOFg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "Zka2TVvYSTMFsi0B1rIluIFrSwqyIfBiJsqmhJqEDEtxbogCZ5QajJhlOYEbNkKTCx3A1994DEvBey9W2quj3nWwYegWqsSIhi6z9yy2wl23upX/3R4pOmGftL4ANIEQcpZWZg9+EgVtaXr5NxjD5f62zvX2ypuRN18PfLZsczCt2C3Jruyhrpf+XFr0UfwopvrD0pysPHnyQeVx0rrIYWluzkaptPDhiUKxlNLxFeXCgPs9EXz25xloGgXSAyV4i7X6A7OwHUzckAe4L9w1Wh4UreKRQs2eDJLgCqegePOFm11ddFG5CthM1LdmVSC0gD+MZmpl2E66hl7jUupB8g==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "aqxJKtU7na46CIaNSqU7VHHvHNKyzsc/XwVuy7q/fu7W5poHP0fXOaz3IyJLb/b6N1ZiiavV7VMC+WZgG+04oHTp+0lYEf1rChPTvnGBJy/JADAnTEmOhSrOpvT2SeOZyo0yV0MJZCXxUlkqP9pdl42S77vUtDoHFtN/FmoDpGd7dp92h+VDwLZ9Dq6uo44UOqoEXMYFT+j/eHBsb2bA6j5/53MoXvrNg+3a+4wWrjiJZF/0EglhfWv5moMnTbDZfv3kqVwDkEH5xB3Xq902GRofTmE5MJ6AClT5is3PObGNO4b1fhmebYkIISb6nYGbGx7/6S4ECDi7Gv/F3fM4GQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "NUYq8lC9eom2xtuRDotXyDKi5FTLmBbmCg9SBYZqGsxk/DYkusun9JHZ4Tt9z7qQJztV8ytz3vSS2d5GLLjVFMtqAwt+9oGBoz8x+B95+gGliGmJaHB2wHQYpybXTyfw75AyAlhkoEyfXlxRLduJQYCkpRAzBD1rV8lKdqUW3JKMkwpnE4phiblYNk3QEDJlrj+FoBJFGRgB9g3MuXz6pxBm/0P7SqmJs0RTR1JrIjObfVERzM+QVL5K0ZvZp2aFXXitufsIfW4KOhC0f7pdjsi/aAW9QMPg0HQYJEZeACR3fKW2++flridpIB1TZ14eqLoDGwrAQLdchIxhEsz/xQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_1" - }, - "status": "COMPLETED" + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "SSL_CK_RC4_128_EXPORT40_WITH_MD5", + "openssl_name": "EXP-RC4-MD5" }, - "tls_1_2_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "AES256-GCM-SHA384" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "AES256-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "AES128-GCM-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "AES128-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDHE-RSA-AES256-GCM-SHA384" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BH9EfNvFiYgivKDeniuHTT3A8yN9gcPyYQZ1hvZA+TbDNgFtR58cPOTBwLh1tRpNKyBQrkZs2cnK16NVkkRbcIs=", - "size": 256, - "type_name": "ECDH", - "x": "f0R828WJiCK8oN6eK4dNPcDzI32Bw/JhBnWG9kD5NsM=", - "y": "NgFtR58cPOTBwLh1tRpNKyBQrkZs2cnK16NVkkRbcIs=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDHE-RSA-AES256-SHA384" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BOLCcP+OJC4TqPKd2Yg5RqrtjnLX5eOqVrr2AGLQZYkkgknpFthxJHZvb1GTnw8wK2ojPCuM7n8gMTe8gPjeI1k=", - "size": 256, - "type_name": "ECDH", - "x": "4sJw/44kLhOo8p3ZiDlGqu2Octfl46pWuvYAYtBliSQ=", - "y": "gknpFthxJHZvb1GTnw8wK2ojPCuM7n8gMTe8gPjeI1k=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BKtijCasn3qYIK+sqRmuD0aCe6F8PkyrVl+ArzTKCvddrw+zKx59XFYxdUGdk0t3Z0oVqd4qe9TdhEi+N4MaRXg=", - "size": 256, - "type_name": "ECDH", - "x": "q2KMJqyfepggr6ypGa4PRoJ7oXw+TKtWX4CvNMoK910=", - "y": "rw+zKx59XFYxdUGdk0t3Z0oVqd4qe9TdhEi+N4MaRXg=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDHE-RSA-AES128-GCM-SHA256" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BPyM2SlrALjPiftGK6XoYYauWoV65vaf2feu9OFWmohSSSYV2YDNBY/w8/CXz5JhPtYS1GleNRTA4OIumN6htmU=", - "size": 256, - "type_name": "ECDH", - "x": "/IzZKWsAuM+J+0Yrpehhhq5ahXrm9p/Z96704VaaiFI=", - "y": "SSYV2YDNBY/w8/CXz5JhPtYS1GleNRTA4OIumN6htmU=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDHE-RSA-AES128-SHA256" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BGy3sdA5b2LFBj2FyUYMnysMl+Ais1c3vi/Ld5EEwSM4YlXC9gBDD1PjMMAqiuLyESlGI+/14l+OPccP9/2EGvs=", - "size": 256, - "type_name": "ECDH", - "x": "bLex0DlvYsUGPYXJRgyfKwyX4CKzVze+L8t3kQTBIzg=", - "y": "YlXC9gBDD1PjMMAqiuLyESlGI+/14l+OPccP9/2EGvs=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BIZKGog2cc9NSi+Eo82B3pR5+jWZYckB8ChDD44lL1NLAd3uVO4YQjU66w+COvjk3tlMlTcBgZyntYLv7W9iul8=", - "size": 256, - "type_name": "ECDH", - "x": "hkoaiDZxz01KL4SjzYHelHn6NZlhyQHwKEMPjiUvU0s=", - "y": "Ad3uVO4YQjU66w+COvjk3tlMlTcBgZyntYLv7W9iul8=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BKZXc85vUDDxQ5wcDRZgb+URdJxY7M61qQdKLhzTqSgpZ1p61YRvwEfku9WcXeNykdU3lLBq0HZJAXdeibjbIis=", - "size": 256, - "type_name": "ECDH", - "x": "pldzzm9QMPFDnBwNFmBv5RF0nFjszrWpB0ouHNOpKCk=", - "y": "Z1p61YRvwEfku9WcXeNykdU3lLBq0HZJAXdeibjbIis=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "VSVJMehwaSAyXlr93hFhujh+PmL5+Znc/dGvCGatsWGMW5UV8jyP0N7c9Ogh+A4GqzYtlCOOEUUVrcwcyba7ogl+mDuutvvLKWMLFC0tD6q50gt6ZL11Xgx7K1yCZfttzOo0uFOHwuxfn8kSZKY3WCuMgbUUXrjNTvZJqQ2w4xsmtmXOTU1yV9qHTF72JenLgBLAVYFyK6lFBAwbGIDjE5JP7XdjTEJChT+Bb2kSJ2pGXTZnfEXswP4aobNypMmn8L/1ihbdtVRsRdRiRUo+04YIkDn0Mk9ge6fRBGUu8E79QYciFk/biTEFJTWyWPt3TTLdNlucjLXchzEHDSum7Q==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "OJZ5XTgx0SgOVipwZs6lAwrP9A2h79QabzuqjsAkqv+GNqh9pFZchF0oKajtCBbEY57dZ2Sk/NA46vtdgDFjpl14n/mtoMhR+FRLc7+hXnjjKEnBaupsQDSOeuxFGH+V1aD7QAJmYGziRFmcp66vuixhyMmyJEseeu6o8mOoH53A+lexSII3AZcxUJIomUAcUN1Sdr0zQ5xYSGS6wiKQyRS7uFBdoTBhvunDZ4wdKRkrvpaYPd9/Ishji3G7e4yfHGm4/gXNC04/k8W3JGJlyF3N0VyVEl3R4YHFxFrQcaEywskcjwLxtgh5ZPusyfIK/xLq0dfF5LkEmfYVJ6xiQg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "DHE-RSA-AES256-GCM-SHA384" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "R8qYkVcr3TKPPcsu0U3pNgQZrWqy0Wp7mMKGeYFNF0H8Vyi2K7Qgef/CSL9Dd6RkZC9PAASlD8XFwv44/ULIt3xw4Vq5Wd74NXekUP/4NLz5SjG4Fv6cZS9aXUV8h+QwqVRgruQFoYbXqJmN1X1BZbf+zuVbOfpqzjzsKQTlX4omDQu5AfWiE3xsc8G68lLieLyW92OLu4uSOAYe8+OWqNrR9cB35PoMAHEmgKPiLy3xCvMy6y5R969VyhoKPm1QTc2LWrqpowg36wDaTk6LlsPSUQsN4TlXhFIrrMdbdnNVFVxefSLWe8x0tcb1nZ6EmdBXQV/zoi/5jRyS7A92nA==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "DHE-RSA-AES256-SHA256" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "QEfXoptvUfDpC4HWtWt+25EZxmmG5rs6C+VdFiwqYTxF6eeCtT6R9nsWFS8hRhxr8kmOGSwLx5H1kthUsybbmyvYRXM3uklHrtN0otRRcfj16bO/BXVf4gVHCeKpLDucKT60ngqqKk08PPEZg1+DBqu/oCmOvq+lwqJjEKFsYfg2GCwL8cPw874TI+kysD7C55waNa4zeghpAvcikgPefmyquaDSXQoMX0BDrKAkW3G52FG/sZqo6HhzrJx10ycU9klEUOMnToMcrKDlPlnOfKob08/YnPL3VHPJZqp6yd/zPZIH5iDHkCUWg2PwctbJ1n9NgCFDuA9jOk5JqoFkig==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "pvw9BUf2amHdtpk2myCOxblQzZ+N6ezMKvZYOPP7Dz+zEscZVv1w9jT295tEK9KFDucDJ7QdB1tm7Il8OS0lTM6gt8/LvHZn3PBVPWGaaJI+g15u9pYvot/uK6XjvMrRMPl6PQeECNhhifL37th+8IXsrp6O02jPQG7N28LWNIvwrrhMG4CZFsigineG/IEIgHQwSKimJJxQOF0qbzb4B1sSn51t3iPKfYBjEQ76vJ+rjfpnKXmqRruozkFQriys+tYLihq8nM7i30RrnAzk5aPg7dtFRZ2uTkkMM+pGZtpBIKMDITXAXa2GE7xm6viLQItFfRqliBAhODBUZCV2Yg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "DHE-RSA-AES128-GCM-SHA256" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "Tb3enWXMJJ25Y8YsMajNQ95cR9SYKCoHKYYWCQID+MVNWoPrPxTxhpX87Qes0fqDye/pA0fxWN3rSV++RVSBagJ7quT7Z1BVUnBOnjRqwNe5VJOYwqCrmIGjomuhR+T34Yb/Qkdg1z4dlMEv7unGxthc/o5ZcRbK5r9FKsZ1D+Pod3tQgG8brdqjPf6zFNsTj9oKbxAXzHb7CWafOGw+v40j4rowZ0wRUnRHPNNf/w8fO0a/aj3+ef3Of9MFmMxtGU49hOt2Ez4Wvl1MQe4jNz9v6oZNiSaf1v5CSB53itD7IGmFm6qgazj2+yEt0YpurY4kh7vEAS9X2D1VC6AKvg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "DHE-RSA-AES128-SHA256" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "GsNbJSUsOSWQAW+GB27M5o2uf2qwfH6jN25jt5/pw45kKWpvYnH8K//ca8/HS9VGcKPZ1rryGSelROrKh6vvyytBtFlUIykTgVWcZ/GCbggrq3jBe8ByabOUAgZYuTKM2QugfY2jIFvx0H5mFeurET6HBx+1++j0QQaxkvBOzYWDedGPiYmvfWc0H+uyfVrQNDGgJJ8p1eC8fXHjFafRY3IPGHOOhu6DW3Xm5BBpbBbGfpvH/KDItvNz7BjPin90wy6ziFyGO1BD9+tP44BezRqar3SFMKfnnTWX9fOoENrCGVJJDBTKnAcP1j+PeeimplpVmTBNiM717S0Lfxtq2g==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "OS6ZH0iITMLN4WZUn+aqUTJsVu7kNqyaWI3LeSj4A/o/UzzWnSvUaF/lhUZsyZW3ntOUh3miS8NXmoD+aR+Uqm0A6UYNqpezLmwljISg30NFuFwSc0wx9Gx1/YzpBFRfUcG0DmJ2qTLU9AXryiYEmk9f35m/gUr8UM/RBkiDT/yfN/8rpU6SM0A+7IbAkupXbmHduXrvf0F06a2pMDh5WD2goORjAwb+sIbEQuEjuxL3OV7MzubHx276t+8CQm5XQTDc9+Eja11tz67An4cgdEbGDZp1NISDUFUAgor5dpw/mBeYHB85kTrXqgQ+4YFh77TphkACKPrkN+mVRnpWkg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA256", - "openssl_name": "NULL-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_256_CCM_8", - "openssl_name": "AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CCM", - "openssl_name": "AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CCM_8", - "openssl_name": "AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CCM", - "openssl_name": "AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDH-RSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDH-RSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDH-RSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDH-RSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDH-ECDSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDH-ECDSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDH-ECDSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDH-ECDSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "ECDHE-RSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", - "openssl_name": "ECDHE-RSA-CAMELLIA256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "ECDHE-RSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ECDHE-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ECDHE-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "ECDHE-ECDSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", - "openssl_name": "ECDHE-ECDSA-CAMELLIA256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "ECDHE-ECDSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ECDHE-ECDSA-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ECDHE-ECDSA-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDHE-ECDSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", - "openssl_name": "ECDHE-ECDSA-AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", - "openssl_name": "ECDHE-ECDSA-AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDHE-ECDSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDHE-ECDSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", - "openssl_name": "ECDHE-ECDSA-AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", - "openssl_name": "ECDHE-ECDSA-AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDHE-ECDSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "Connection to server timed out during the TLS handshake" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_GCM_SHA384", - "openssl_name": "ADH-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA256", - "openssl_name": "ADH-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_GCM_SHA256", - "openssl_name": "ADH-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA256", - "openssl_name": "ADH-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "DH-RSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "DH-RSA-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "DH-RSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "DH-RSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", - "openssl_name": "DH-DSS-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", - "openssl_name": "DH-DSS-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", - "openssl_name": "DH-DSS-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", - "openssl_name": "DH-DSS-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "DHE-RSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "DHE-RSA-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "DHE-RSA-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CCM_8", - "openssl_name": "DHE-RSA-AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CCM", - "openssl_name": "DHE-RSA-AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CCM_8", - "openssl_name": "DHE-RSA-AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CCM", - "openssl_name": "DHE-RSA-AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "DHE-DSS-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "DHE-DSS-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", - "openssl_name": "DHE-DSS-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", - "openssl_name": "DHE-DSS-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", - "openssl_name": "DHE-DSS-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", - "openssl_name": "DHE-DSS-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DHE-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_2" - }, - "status": "COMPLETED" - }, - "tls_1_3_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_CHACHA20_POLY1305_SHA256", - "openssl_name": "TLS_CHACHA20_POLY1305_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_AES_256_GCM_SHA384", - "openssl_name": "TLS_AES_256_GCM_SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_GCM_SHA256", - "openssl_name": "TLS_AES_128_GCM_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_CCM_SHA256", - "openssl_name": "TLS_AES_128_CCM_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_CCM_8_SHA256", - "openssl_name": "TLS_AES_128_CCM_8_SHA256" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_3" - }, - "status": "COMPLETED" - }, - "tls_1_3_early_data": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "tls_compression": { - "error_reason": null, - "error_trace": null, - "result": { - "supports_compression": false - }, - "status": "COMPLETED" + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_RC2_128_CBC_WITH_MD5", + "openssl_name": "RC2-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_IDEA_128_CBC_WITH_MD5", + "openssl_name": "IDEA-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "SSL_CK_DES_64_CBC_WITH_MD5", + "openssl_name": "DES-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "SSL_CK_DES_192_EDE3_CBC_WITH_MD5", + "openssl_name": "DES-CBC3-MD5" + }, + "error_message": "Server rejected the connection" + } + ], + "tls_version_used": "SSL_2_0" + }, + "status": "COMPLETED" + }, + "ssl_3_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "SSL_3_0" + }, + "status": "COMPLETED" + }, + "tls_1_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BCm1CDxgix97tXtSsepnlzB4TAmVp7aqyEJjjbKNGto2OYQClBqNcNiJHLdW6wU6zYcBmXCi7Z3Z7c9EIsA+Pmw=", + "size": 256, + "type_name": "ECDH", + "x": "KbUIPGCLH3u1e1Kx6meXMHhMCZWntqrIQmONso0a2jY=", + "y": "OYQClBqNcNiJHLdW6wU6zYcBmXCi7Z3Z7c9EIsA+Pmw=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BFMVPrOQwmvHwntE1n19GRiUfCps4Yy7jbdx9FYHfV/+xoX8XyqHORDKx3bM134hjGqoo3uqNYgzMUfM/KbkWW0=", + "size": 256, + "type_name": "ECDH", + "x": "UxU+s5DCa8fCe0TWfX0ZGJR8KmzhjLuNt3H0Vgd9X/4=", + "y": "xoX8XyqHORDKx3bM134hjGqoo3uqNYgzMUfM/KbkWW0=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BMOeTbWgf7k8Db/judjSti8TaqIo3/56iqz+7/lfoxp9pZpOQCSIL/2RIwpy+cZDFkl5cxMOfjN0H4Uv6IDWR9Q=", + "size": 256, + "type_name": "ECDH", + "x": "w55NtaB/uTwNv+O52NK2LxNqoijf/nqKrP7v+V+jGn0=", + "y": "pZpOQCSIL/2RIwpy+cZDFkl5cxMOfjN0H4Uv6IDWR9Q=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "SUNh1g1ca2vo9yaolpgxsK5tOIasMDx7LgFMQEsP1VfYuWtoDqn8SaK3B30eJl8z0PEwC/6bdxFDbMnGkQ4pdlX5uLres3/vloQX13Dn5IhxFdIzIPYhhxxa+yVbErnMHD8faMa23fOjlxkfkbND63iOgrC/zxBuCXnArqwJqhm+t+XQh+qdM3G7qT5JOv/nelx5JksWkBo9Cz4mV9MgJOF8xNW16pNBtC73CiDxPxJtKcBPVzj6OhYVMJw+NB6MP0jSD5o5vKo7e20gYoP3msO6l8MoZdquS3xU/CWRMlWOpGn7fFszgAczIxpGIYm1JhpVQoSuu7mfmwJvgfBxeA==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "jDl/DZTL+89gZQYiqlgveTMz4zxAPt+w1QucvkxAw9rialenm8tAAjW2rmJq6O1R7DziDXoDmjDauVBgpRkSCN/HgcyLQTjhaqa4gBF9dT5UcIIKZRbjnHrlfAbPmM5GiiVmUgzfOEuG5fDnTbDAnf8WkVtDctmIai+cbi1kQBQWhZi8gWjhU13vUnRJt7RY1Cg08lzZhPcKpeS7EFIK8YqZWWPq9UHoSP4HI49F2pHtE2Gt6SPTomGfP7QFlQeEhwAnu00IwigpAr0qx3HiQzIHiVXgSrHMbaiW4oOYRJCkOv7pO4VVGFZToPMi+35ycXMFfgRWODWTh+6E76IVJw==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "ZrbEZ1f3Dw+mV395yBzqiggePAweTwxZ9qDk3TYBq+iuSnlxDSE9rPy9c2Z0l0qs49zF3hOkoZxQqT/oQXuldkxXbP1cwWUDfXLvvJBRlAb2RNdDtHpYan0xMtb6BkCjsZ5EYI/PxsVq8pAqtASpj7UJn1be+MjvwtNR0i4ETGdrsD+XjDF8P8illYQ98vTvLdvHoqfID5+qKOkOnxLQVNLJ6NacbTeTNnX79Sh8U6fLh0Tb66jynb1rRZjdW3BjS0cpy97I/79hRsXfu2J/ANHi/hV8nEhV1LEVfD2ONJzdtJ0BIJJ0axizCVVYkesArEaSotAHCY5EvufITtD92g==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "bzVffvBaFT9rPB5pS7WJPnn/A5chS8QogiyF2hawQ7pIwMIoEbqhkXsSJPbaKCfGlx+4SfrWuyyK6Kv0lGUsC4jVIX536dVoDhZU0oW5CEdvjwLq9ySE39vXZPb1xHRTvhRQcRJr72REqP5cG7iU+4sng3XMrm4VJ7gvBtVYgPnOcb9IgQbu3Y/HrtMXbQvO9gnA5RairT28OEuBXXN4WI5bcKZNvizmOpV3t+He8iqsk0fzzd+R/7XftunCndQbHpJB7XcT0/ce53mB85nS09XSJTzshQ8ndj0sO6X3DrohTv+8eMsMvRe6CSYwS1en54p/tl4jnKRPFAz4iI6QRQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_0" + }, + "status": "COMPLETED" + }, + "tls_1_1_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" }, - "tls_fallback_scsv": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BEpXiKJwjqhsWQHniNC+thgnljkYyRazaMTx2GVlF6E1llFXjMtlPOMoA09vl7FdAZs01t3vrKtD22cdp2xXWWA=", + "size": 256, + "type_name": "ECDH", + "x": "SleIonCOqGxZAeeI0L62GCeWORjJFrNoxPHYZWUXoTU=", + "y": "llFXjMtlPOMoA09vl7FdAZs01t3vrKtD22cdp2xXWWA=" } - }, - "scan_status": "COMPLETED", - "server_location": { - "connection_type": "DIRECT", - "hostname": "revoked.badssl.com", - "http_proxy_settings": null, - "ip_address": "104.154.89.105", - "port": 443 - }, - "uuid": "8cffa1d2-49a0-4d86-99d2-1c76ff515688" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BK1hIQm0I88yfPZH7l7PJl1IX+I+anftL5Mcm8eYURd9wbngclbU8wvE2uD8uoKE7DWDVDcCrRVsu0d8V2HIQF8=", + "size": 256, + "type_name": "ECDH", + "x": "rWEhCbQjzzJ89kfuXs8mXUhf4j5qd+0vkxybx5hRF30=", + "y": "wbngclbU8wvE2uD8uoKE7DWDVDcCrRVsu0d8V2HIQF8=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BEMAGTLxGf4sKuyhzPwec3YLFi3DwlKa6owNbFXD6w0NDFIn9tcEO4wBtvQ3eLmJJ7ROxgkEytkl0QiykiwyUss=", + "size": 256, + "type_name": "ECDH", + "x": "QwAZMvEZ/iwq7KHM/B5zdgsWLcPCUprqjA1sVcPrDQ0=", + "y": "DFIn9tcEO4wBtvQ3eLmJJ7ROxgkEytkl0QiykiwyUss=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "HaE+A11+7zzYtZGPyX6Zicx4QziokQY/ieYkWYEQo63y+UNblROOtRA8mP+jai+1Tu6OKzBtjFuFRCJkPnV/nKtq4iTmXVBzrZGFY5qUf59R4JU9SbCY3ntk0Ll2lczIOXfuT7a79oyoDXoTpVIUvuRXpQL2EaU9KtXoTbQi+sF9jwNwZCmHpdNE9jVQvUrlnwQoN0QTRs9pLQn+o/68kKTsSXo9eq4/K3ePJ0Gn3z1Jjilbt1AFKZ8zXPzv3Q1EP3PL2gd0MCVsz9cQ28bEZhVkjFgyaudR5Akt/Vm2U6fZSMbmH1DqEDIC4UV0q0v8QRQE1iSXYgooqF4cmhzOFg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "Zka2TVvYSTMFsi0B1rIluIFrSwqyIfBiJsqmhJqEDEtxbogCZ5QajJhlOYEbNkKTCx3A1994DEvBey9W2quj3nWwYegWqsSIhi6z9yy2wl23upX/3R4pOmGftL4ANIEQcpZWZg9+EgVtaXr5NxjD5f62zvX2ypuRN18PfLZsczCt2C3Jruyhrpf+XFr0UfwopvrD0pysPHnyQeVx0rrIYWluzkaptPDhiUKxlNLxFeXCgPs9EXz25xloGgXSAyV4i7X6A7OwHUzckAe4L9w1Wh4UreKRQs2eDJLgCqegePOFm11ddFG5CthM1LdmVSC0gD+MZmpl2E66hl7jUupB8g==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "aqxJKtU7na46CIaNSqU7VHHvHNKyzsc/XwVuy7q/fu7W5poHP0fXOaz3IyJLb/b6N1ZiiavV7VMC+WZgG+04oHTp+0lYEf1rChPTvnGBJy/JADAnTEmOhSrOpvT2SeOZyo0yV0MJZCXxUlkqP9pdl42S77vUtDoHFtN/FmoDpGd7dp92h+VDwLZ9Dq6uo44UOqoEXMYFT+j/eHBsb2bA6j5/53MoXvrNg+3a+4wWrjiJZF/0EglhfWv5moMnTbDZfv3kqVwDkEH5xB3Xq902GRofTmE5MJ6AClT5is3PObGNO4b1fhmebYkIISb6nYGbGx7/6S4ECDi7Gv/F3fM4GQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "NUYq8lC9eom2xtuRDotXyDKi5FTLmBbmCg9SBYZqGsxk/DYkusun9JHZ4Tt9z7qQJztV8ytz3vSS2d5GLLjVFMtqAwt+9oGBoz8x+B95+gGliGmJaHB2wHQYpybXTyfw75AyAlhkoEyfXlxRLduJQYCkpRAzBD1rV8lKdqUW3JKMkwpnE4phiblYNk3QEDJlrj+FoBJFGRgB9g3MuXz6pxBm/0P7SqmJs0RTR1JrIjObfVERzM+QVL5K0ZvZp2aFXXitufsIfW4KOhC0f7pdjsi/aAW9QMPg0HQYJEZeACR3fKW2++flridpIB1TZ14eqLoDGwrAQLdchIxhEsz/xQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_1" + }, + "status": "COMPLETED" + }, + "tls_1_2_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "AES256-GCM-SHA384" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "AES256-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "AES128-GCM-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "AES128-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDHE-RSA-AES256-GCM-SHA384" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BH9EfNvFiYgivKDeniuHTT3A8yN9gcPyYQZ1hvZA+TbDNgFtR58cPOTBwLh1tRpNKyBQrkZs2cnK16NVkkRbcIs=", + "size": 256, + "type_name": "ECDH", + "x": "f0R828WJiCK8oN6eK4dNPcDzI32Bw/JhBnWG9kD5NsM=", + "y": "NgFtR58cPOTBwLh1tRpNKyBQrkZs2cnK16NVkkRbcIs=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDHE-RSA-AES256-SHA384" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BOLCcP+OJC4TqPKd2Yg5RqrtjnLX5eOqVrr2AGLQZYkkgknpFthxJHZvb1GTnw8wK2ojPCuM7n8gMTe8gPjeI1k=", + "size": 256, + "type_name": "ECDH", + "x": "4sJw/44kLhOo8p3ZiDlGqu2Octfl46pWuvYAYtBliSQ=", + "y": "gknpFthxJHZvb1GTnw8wK2ojPCuM7n8gMTe8gPjeI1k=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BKtijCasn3qYIK+sqRmuD0aCe6F8PkyrVl+ArzTKCvddrw+zKx59XFYxdUGdk0t3Z0oVqd4qe9TdhEi+N4MaRXg=", + "size": 256, + "type_name": "ECDH", + "x": "q2KMJqyfepggr6ypGa4PRoJ7oXw+TKtWX4CvNMoK910=", + "y": "rw+zKx59XFYxdUGdk0t3Z0oVqd4qe9TdhEi+N4MaRXg=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDHE-RSA-AES128-GCM-SHA256" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BPyM2SlrALjPiftGK6XoYYauWoV65vaf2feu9OFWmohSSSYV2YDNBY/w8/CXz5JhPtYS1GleNRTA4OIumN6htmU=", + "size": 256, + "type_name": "ECDH", + "x": "/IzZKWsAuM+J+0Yrpehhhq5ahXrm9p/Z96704VaaiFI=", + "y": "SSYV2YDNBY/w8/CXz5JhPtYS1GleNRTA4OIumN6htmU=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDHE-RSA-AES128-SHA256" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BGy3sdA5b2LFBj2FyUYMnysMl+Ais1c3vi/Ld5EEwSM4YlXC9gBDD1PjMMAqiuLyESlGI+/14l+OPccP9/2EGvs=", + "size": 256, + "type_name": "ECDH", + "x": "bLex0DlvYsUGPYXJRgyfKwyX4CKzVze+L8t3kQTBIzg=", + "y": "YlXC9gBDD1PjMMAqiuLyESlGI+/14l+OPccP9/2EGvs=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BIZKGog2cc9NSi+Eo82B3pR5+jWZYckB8ChDD44lL1NLAd3uVO4YQjU66w+COvjk3tlMlTcBgZyntYLv7W9iul8=", + "size": 256, + "type_name": "ECDH", + "x": "hkoaiDZxz01KL4SjzYHelHn6NZlhyQHwKEMPjiUvU0s=", + "y": "Ad3uVO4YQjU66w+COvjk3tlMlTcBgZyntYLv7W9iul8=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BKZXc85vUDDxQ5wcDRZgb+URdJxY7M61qQdKLhzTqSgpZ1p61YRvwEfku9WcXeNykdU3lLBq0HZJAXdeibjbIis=", + "size": 256, + "type_name": "ECDH", + "x": "pldzzm9QMPFDnBwNFmBv5RF0nFjszrWpB0ouHNOpKCk=", + "y": "Z1p61YRvwEfku9WcXeNykdU3lLBq0HZJAXdeibjbIis=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "VSVJMehwaSAyXlr93hFhujh+PmL5+Znc/dGvCGatsWGMW5UV8jyP0N7c9Ogh+A4GqzYtlCOOEUUVrcwcyba7ogl+mDuutvvLKWMLFC0tD6q50gt6ZL11Xgx7K1yCZfttzOo0uFOHwuxfn8kSZKY3WCuMgbUUXrjNTvZJqQ2w4xsmtmXOTU1yV9qHTF72JenLgBLAVYFyK6lFBAwbGIDjE5JP7XdjTEJChT+Bb2kSJ2pGXTZnfEXswP4aobNypMmn8L/1ihbdtVRsRdRiRUo+04YIkDn0Mk9ge6fRBGUu8E79QYciFk/biTEFJTWyWPt3TTLdNlucjLXchzEHDSum7Q==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "OJZ5XTgx0SgOVipwZs6lAwrP9A2h79QabzuqjsAkqv+GNqh9pFZchF0oKajtCBbEY57dZ2Sk/NA46vtdgDFjpl14n/mtoMhR+FRLc7+hXnjjKEnBaupsQDSOeuxFGH+V1aD7QAJmYGziRFmcp66vuixhyMmyJEseeu6o8mOoH53A+lexSII3AZcxUJIomUAcUN1Sdr0zQ5xYSGS6wiKQyRS7uFBdoTBhvunDZ4wdKRkrvpaYPd9/Ishji3G7e4yfHGm4/gXNC04/k8W3JGJlyF3N0VyVEl3R4YHFxFrQcaEywskcjwLxtgh5ZPusyfIK/xLq0dfF5LkEmfYVJ6xiQg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "DHE-RSA-AES256-GCM-SHA384" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "R8qYkVcr3TKPPcsu0U3pNgQZrWqy0Wp7mMKGeYFNF0H8Vyi2K7Qgef/CSL9Dd6RkZC9PAASlD8XFwv44/ULIt3xw4Vq5Wd74NXekUP/4NLz5SjG4Fv6cZS9aXUV8h+QwqVRgruQFoYbXqJmN1X1BZbf+zuVbOfpqzjzsKQTlX4omDQu5AfWiE3xsc8G68lLieLyW92OLu4uSOAYe8+OWqNrR9cB35PoMAHEmgKPiLy3xCvMy6y5R969VyhoKPm1QTc2LWrqpowg36wDaTk6LlsPSUQsN4TlXhFIrrMdbdnNVFVxefSLWe8x0tcb1nZ6EmdBXQV/zoi/5jRyS7A92nA==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "DHE-RSA-AES256-SHA256" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "QEfXoptvUfDpC4HWtWt+25EZxmmG5rs6C+VdFiwqYTxF6eeCtT6R9nsWFS8hRhxr8kmOGSwLx5H1kthUsybbmyvYRXM3uklHrtN0otRRcfj16bO/BXVf4gVHCeKpLDucKT60ngqqKk08PPEZg1+DBqu/oCmOvq+lwqJjEKFsYfg2GCwL8cPw874TI+kysD7C55waNa4zeghpAvcikgPefmyquaDSXQoMX0BDrKAkW3G52FG/sZqo6HhzrJx10ycU9klEUOMnToMcrKDlPlnOfKob08/YnPL3VHPJZqp6yd/zPZIH5iDHkCUWg2PwctbJ1n9NgCFDuA9jOk5JqoFkig==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "pvw9BUf2amHdtpk2myCOxblQzZ+N6ezMKvZYOPP7Dz+zEscZVv1w9jT295tEK9KFDucDJ7QdB1tm7Il8OS0lTM6gt8/LvHZn3PBVPWGaaJI+g15u9pYvot/uK6XjvMrRMPl6PQeECNhhifL37th+8IXsrp6O02jPQG7N28LWNIvwrrhMG4CZFsigineG/IEIgHQwSKimJJxQOF0qbzb4B1sSn51t3iPKfYBjEQ76vJ+rjfpnKXmqRruozkFQriys+tYLihq8nM7i30RrnAzk5aPg7dtFRZ2uTkkMM+pGZtpBIKMDITXAXa2GE7xm6viLQItFfRqliBAhODBUZCV2Yg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "DHE-RSA-AES128-GCM-SHA256" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "Tb3enWXMJJ25Y8YsMajNQ95cR9SYKCoHKYYWCQID+MVNWoPrPxTxhpX87Qes0fqDye/pA0fxWN3rSV++RVSBagJ7quT7Z1BVUnBOnjRqwNe5VJOYwqCrmIGjomuhR+T34Yb/Qkdg1z4dlMEv7unGxthc/o5ZcRbK5r9FKsZ1D+Pod3tQgG8brdqjPf6zFNsTj9oKbxAXzHb7CWafOGw+v40j4rowZ0wRUnRHPNNf/w8fO0a/aj3+ef3Of9MFmMxtGU49hOt2Ez4Wvl1MQe4jNz9v6oZNiSaf1v5CSB53itD7IGmFm6qgazj2+yEt0YpurY4kh7vEAS9X2D1VC6AKvg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "DHE-RSA-AES128-SHA256" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "GsNbJSUsOSWQAW+GB27M5o2uf2qwfH6jN25jt5/pw45kKWpvYnH8K//ca8/HS9VGcKPZ1rryGSelROrKh6vvyytBtFlUIykTgVWcZ/GCbggrq3jBe8ByabOUAgZYuTKM2QugfY2jIFvx0H5mFeurET6HBx+1++j0QQaxkvBOzYWDedGPiYmvfWc0H+uyfVrQNDGgJJ8p1eC8fXHjFafRY3IPGHOOhu6DW3Xm5BBpbBbGfpvH/KDItvNz7BjPin90wy6ziFyGO1BD9+tP44BezRqar3SFMKfnnTWX9fOoENrCGVJJDBTKnAcP1j+PeeimplpVmTBNiM717S0Lfxtq2g==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "OS6ZH0iITMLN4WZUn+aqUTJsVu7kNqyaWI3LeSj4A/o/UzzWnSvUaF/lhUZsyZW3ntOUh3miS8NXmoD+aR+Uqm0A6UYNqpezLmwljISg30NFuFwSc0wx9Gx1/YzpBFRfUcG0DmJ2qTLU9AXryiYEmk9f35m/gUr8UM/RBkiDT/yfN/8rpU6SM0A+7IbAkupXbmHduXrvf0F06a2pMDh5WD2goORjAwb+sIbEQuEjuxL3OV7MzubHx276t+8CQm5XQTDc9+Eja11tz67An4cgdEbGDZp1NISDUFUAgor5dpw/mBeYHB85kTrXqgQ+4YFh77TphkACKPrkN+mVRnpWkg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA256", + "openssl_name": "NULL-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_256_CCM_8", + "openssl_name": "AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CCM", + "openssl_name": "AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CCM_8", + "openssl_name": "AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CCM", + "openssl_name": "AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDH-RSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDH-RSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDH-RSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDH-RSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDH-ECDSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDH-ECDSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDH-ECDSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDH-ECDSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "ECDHE-RSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", + "openssl_name": "ECDHE-RSA-CAMELLIA256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "ECDHE-RSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ECDHE-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ECDHE-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "ECDHE-ECDSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", + "openssl_name": "ECDHE-ECDSA-CAMELLIA256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "ECDHE-ECDSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ECDHE-ECDSA-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ECDHE-ECDSA-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDHE-ECDSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", + "openssl_name": "ECDHE-ECDSA-AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", + "openssl_name": "ECDHE-ECDSA-AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDHE-ECDSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDHE-ECDSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", + "openssl_name": "ECDHE-ECDSA-AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", + "openssl_name": "ECDHE-ECDSA-AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDHE-ECDSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "Connection to server timed out during the TLS handshake" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_GCM_SHA384", + "openssl_name": "ADH-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA256", + "openssl_name": "ADH-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_GCM_SHA256", + "openssl_name": "ADH-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA256", + "openssl_name": "ADH-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "DH-RSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "DH-RSA-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "DH-RSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "DH-RSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", + "openssl_name": "DH-DSS-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", + "openssl_name": "DH-DSS-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", + "openssl_name": "DH-DSS-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", + "openssl_name": "DH-DSS-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "DHE-RSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "DHE-RSA-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "DHE-RSA-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CCM_8", + "openssl_name": "DHE-RSA-AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CCM", + "openssl_name": "DHE-RSA-AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CCM_8", + "openssl_name": "DHE-RSA-AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CCM", + "openssl_name": "DHE-RSA-AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "DHE-DSS-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "DHE-DSS-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", + "openssl_name": "DHE-DSS-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", + "openssl_name": "DHE-DSS-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", + "openssl_name": "DHE-DSS-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", + "openssl_name": "DHE-DSS-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DHE-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_2" + }, + "status": "COMPLETED" + }, + "tls_1_3_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_CHACHA20_POLY1305_SHA256", + "openssl_name": "TLS_CHACHA20_POLY1305_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_AES_256_GCM_SHA384", + "openssl_name": "TLS_AES_256_GCM_SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_GCM_SHA256", + "openssl_name": "TLS_AES_128_GCM_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_CCM_SHA256", + "openssl_name": "TLS_AES_128_CCM_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_CCM_8_SHA256", + "openssl_name": "TLS_AES_128_CCM_8_SHA256" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_3" + }, + "status": "COMPLETED" + }, + "tls_1_3_early_data": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "tls_compression": { + "error_reason": null, + "error_trace": null, + "result": { + "supports_compression": false + }, + "status": "COMPLETED" + }, + "tls_fallback_scsv": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" } - ], - "sslyze_url": "https://github.com/nabla-c0d3/sslyze", - "sslyze_version": "5.0.0" -} \ No newline at end of file + }, + "scan_status": "COMPLETED", + "server_location": { + "connection_type": "DIRECT", + "hostname": "revoked.badssl.com", + "http_proxy_settings": null, + "ip_address": "104.154.89.105", + "port": 443 + }, + "uuid": "8cffa1d2-49a0-4d86-99d2-1c76ff515688" + } + ], + "sslyze_url": "https://github.com/nabla-c0d3/sslyze", + "sslyze_version": "5.0.0" +} diff --git a/scanners/sslyze/parser/__testFiles__/self-signed.badssl.com.json b/scanners/sslyze/parser/__testFiles__/self-signed.badssl.com.json index 504d0aea5c..1a739c9f0c 100644 --- a/scanners/sslyze/parser/__testFiles__/self-signed.badssl.com.json +++ b/scanners/sslyze/parser/__testFiles__/self-signed.badssl.com.json @@ -1,4615 +1,4612 @@ { - "date_scans_completed": "2021-12-22T12:57:56.762266", - "date_scans_started": "2021-12-22T12:57:01.196445", - "server_scan_results": [ - { - "connectivity_error_trace": null, - "connectivity_result": { - "cipher_suite_supported": "ECDHE-RSA-AES128-GCM-SHA256", - "client_auth_requirement": "DISABLED", - "highest_tls_version_supported": "TLS_1_2", - "supports_ecdh_key_exchange": true - }, - "connectivity_status": "COMPLETED", - "network_configuration": { - "network_max_retries": 3, - "network_timeout": 5, - "tls_client_auth_credentials": null, - "tls_opportunistic_encryption": null, - "tls_server_name_indication": "self-signed.badssl.com", - "xmpp_to_hostname": null - }, - "scan_result": { - "certificate_info": { - "error_reason": null, - "error_trace": null, - "result": { - "certificate_deployments": [ - { - "leaf_certificate_has_must_staple_extension": false, - "leaf_certificate_is_ev": false, - "leaf_certificate_signed_certificate_timestamps_count": 0, - "leaf_certificate_subject_matches_hostname": true, - "ocsp_response": null, - "ocsp_response_is_trusted": null, - "path_validation_results": [ - { - "openssl_error_string": "self signed certificate", - "trust_store": { - "ev_oids": null, - "name": "Android", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/google_aosp.pem", - "version": "12.0.0_r3" - }, - "verified_certificate_chain": null, - "was_validation_successful": false - }, - { - "openssl_error_string": "self signed certificate", - "trust_store": { - "ev_oids": null, - "name": "Apple", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/apple.pem", - "version": "iOS 15, iPadOS 15, macOS 12, tvOS 15, and watchOS 8" - }, - "verified_certificate_chain": null, - "was_validation_successful": false - }, - { - "openssl_error_string": "self signed certificate", - "trust_store": { - "ev_oids": null, - "name": "Java", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/oracle_java.pem", - "version": "jdk-13.0.2" - }, - "verified_certificate_chain": null, - "was_validation_successful": false - }, - { - "openssl_error_string": "self signed certificate", - "trust_store": { - "ev_oids": [ - { - "dotted_string": "1.2.276.0.44.1.1.1.4", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.392.200091.100.721.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.40.0.17.1.22", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.616.1.113527.2.5.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.159.1.17.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.13177.10.1.3.10", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14370.1.6", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14777.6.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14777.6.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.14.2.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.14.2.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.8.12.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.8.12.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.22234.2.5.2.3.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.23223.1.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.29836.1.10", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.3", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.4", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.36305.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.40869.1.1.22.3", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.4146.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.4788.2.202.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.6334.1.100.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.6449.1.2.1.5.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.782.1.2.1.8.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.7879.13.24.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.8024.0.2.100.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.156.112554.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.528.1.1003.1.2.7", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.578.1.26.1.3.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.756.1.83.21.0", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.756.1.89.1.2.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.792.3.0.3.1.1.5", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.792.3.0.4.1.1.4", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.113733.1.7.23.6", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.113733.1.7.48.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114028.10.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114171.500.9", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114404.1.1.2.4.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114412.2.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114413.1.7.23.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114414.1.7.23.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114414.1.7.24.3", - "name": "Unknown OID" - } - ], - "name": "Mozilla", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/mozilla_nss.pem", - "version": "2021-09-25" - }, - "verified_certificate_chain": null, - "was_validation_successful": false - }, - { - "openssl_error_string": "self signed certificate", - "trust_store": { - "ev_oids": null, - "name": "Windows", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/microsoft_windows.pem", - "version": "2021-09-25" - }, - "verified_certificate_chain": null, - "was_validation_successful": false - } - ], - "received_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDeTCCAmGgAwIBAgIJAMnA8BB8xT6wMA0GCSqGSIb3DQEBCwUAMGIxCzAJBgNV\nBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNp\nc2NvMQ8wDQYDVQQKDAZCYWRTU0wxFTATBgNVBAMMDCouYmFkc3NsLmNvbTAeFw0y\nMTEwMTEyMDAzNTRaFw0yMzEwMTEyMDAzNTRaMGIxCzAJBgNVBAYTAlVTMRMwEQYD\nVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMQ8wDQYDVQQK\nDAZCYWRTU0wxFTATBgNVBAMMDCouYmFkc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAMIE7PiM7gTCs9hQ1XBYzJMY61yoaEmwIrX5lZ6xKyx2\nPmzAS2BMTOqytMAPgLaw+XLJhgL5XEFdEyt/ccRLvOmULlA3pmccYYz2QULFRtMW\nhyefdOsKnRFSJiFzbIRMeVXk0WvoBj1IFVKtsyjbqv9u/2CVSndrOfEk0TG23U3A\nxPxTuW1CrbV8/q71FdIzSOciccfCFHpsKOo3St/qbLVytH5aohbcabFXRNsKEqve\nww9HdFxBIuGa+RuT5q0iBikusbpJHAwnnqP7i/dAcgCskgjZjFeEU4EFy+b+a1SY\nQCeFxxC7c3DvaRhBB0VVfPlkPz0sw6l865MaTIbRyoUCAwEAAaMyMDAwCQYDVR0T\nBAIwADAjBgNVHREEHDAaggwqLmJhZHNzbC5jb22CCmJhZHNzbC5jb20wDQYJKoZI\nhvcNAQELBQADggEBAC4DensZ5tCTeCNJbHABYPwwqLUFOMITKOOgF3t8EqOan0CH\nST1NNi4jPslWrVhQ4Y3UbAhRBdqXl5N/NFfMzDosPpOjFgtifh8Z2s3w8vdlEZzf\nA4mYTC8APgdpWyNgMsp8cdXQF7QOfdnqOfdnY+pfc8a8joObR7HEaeVxhJs+XL4E\nCLByw5FR+svkYgCbQGWIgrM1cRpmXemt6Gf/XgFNP2PdubxqDEcnWlTMk8FCBVb1\nnVDSiPjYShwnWsOOshshCRCAiIBPCKPX0QwKDComQlRrgMIvddaSzFFTKPoNZjC+\nCUspSNnL7V9IIHvqKlRSmu+zIpm2VJCp1xLulk8=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "MD6r1O/jsSnla7VBMkknd9V7cRY=", - "fingerprint_sha256": "/DHMRZ+/om2V9LpDKycnXSREqIocE7bTurmacawYuWw=", - "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=San Francisco", - "value": "San Francisco" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=BadSSL", - "value": "BadSSL" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.badssl.com", - "value": "*.badssl.com" - } - ], - "rfc4514_string": "CN=*.badssl.com,O=BadSSL,L=San Francisco,ST=California,C=US" - }, - "not_valid_after": "2023-10-11T20:03:54", - "not_valid_before": "2021-10-11T20:03:54", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 - }, - "serial_number": 14537883550755405488, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=San Francisco", - "value": "San Francisco" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=BadSSL", - "value": "BadSSL" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.badssl.com", - "value": "*.badssl.com" - } - ], - "rfc4514_string": "CN=*.badssl.com,O=BadSSL,L=San Francisco,ST=California,C=US" - }, - "subject_alternative_name": { - "dns": [ - "*.badssl.com", - "badssl.com" - ] - } - } - ], - "received_chain_contains_anchor_certificate": null, - "received_chain_has_valid_order": true, - "verified_certificate_chain": null, - "verified_chain_has_legacy_symantec_anchor": null, - "verified_chain_has_sha1_signature": null - } - ], - "hostname_used_for_server_name_indication": "self-signed.badssl.com" + "date_scans_completed": "2021-12-22T12:57:56.762266", + "date_scans_started": "2021-12-22T12:57:01.196445", + "server_scan_results": [ + { + "connectivity_error_trace": null, + "connectivity_result": { + "cipher_suite_supported": "ECDHE-RSA-AES128-GCM-SHA256", + "client_auth_requirement": "DISABLED", + "highest_tls_version_supported": "TLS_1_2", + "supports_ecdh_key_exchange": true + }, + "connectivity_status": "COMPLETED", + "network_configuration": { + "network_max_retries": 3, + "network_timeout": 5, + "tls_client_auth_credentials": null, + "tls_opportunistic_encryption": null, + "tls_server_name_indication": "self-signed.badssl.com", + "xmpp_to_hostname": null + }, + "scan_result": { + "certificate_info": { + "error_reason": null, + "error_trace": null, + "result": { + "certificate_deployments": [ + { + "leaf_certificate_has_must_staple_extension": false, + "leaf_certificate_is_ev": false, + "leaf_certificate_signed_certificate_timestamps_count": 0, + "leaf_certificate_subject_matches_hostname": true, + "ocsp_response": null, + "ocsp_response_is_trusted": null, + "path_validation_results": [ + { + "openssl_error_string": "self signed certificate", + "trust_store": { + "ev_oids": null, + "name": "Android", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/google_aosp.pem", + "version": "12.0.0_r3" }, - "status": "COMPLETED" - }, - "elliptic_curves": { - "error_reason": null, - "error_trace": null, - "result": { - "rejected_curves": [ - { - "name": "X25519", - "openssl_nid": 1034 - }, - { - "name": "X448", - "openssl_nid": 1035 - }, - { - "name": "prime192v1", - "openssl_nid": 409 - }, - { - "name": "secp160k1", - "openssl_nid": 708 - }, - { - "name": "secp160r1", - "openssl_nid": 709 - }, - { - "name": "secp160r2", - "openssl_nid": 710 - }, - { - "name": "secp192k1", - "openssl_nid": 711 - }, - { - "name": "secp224k1", - "openssl_nid": 712 - }, - { - "name": "secp224r1", - "openssl_nid": 713 - }, - { - "name": "secp256k1", - "openssl_nid": 714 - }, - { - "name": "secp384r1", - "openssl_nid": 715 - }, - { - "name": "secp521r1", - "openssl_nid": 716 - }, - { - "name": "sect163k1", - "openssl_nid": 721 - }, - { - "name": "sect163r1", - "openssl_nid": 722 - }, - { - "name": "sect163r2", - "openssl_nid": 723 - }, - { - "name": "sect193r1", - "openssl_nid": 724 - }, - { - "name": "sect193r2", - "openssl_nid": 725 - }, - { - "name": "sect233k1", - "openssl_nid": 726 - }, - { - "name": "sect233r1", - "openssl_nid": 727 - }, - { - "name": "sect239k1", - "openssl_nid": 728 - }, - { - "name": "sect283k1", - "openssl_nid": 729 - }, - { - "name": "sect283r1", - "openssl_nid": 730 - }, - { - "name": "sect409k1", - "openssl_nid": 731 - }, - { - "name": "sect409r1", - "openssl_nid": 732 - }, - { - "name": "sect571k1", - "openssl_nid": 733 - }, - { - "name": "sect571r1", - "openssl_nid": 734 - } - ], - "supported_curves": [ - { - "name": "prime256v1", - "openssl_nid": 415 - } - ], - "supports_ecdh_key_exchange": true + "verified_certificate_chain": null, + "was_validation_successful": false + }, + { + "openssl_error_string": "self signed certificate", + "trust_store": { + "ev_oids": null, + "name": "Apple", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/apple.pem", + "version": "iOS 15, iPadOS 15, macOS 12, tvOS 15, and watchOS 8" }, - "status": "COMPLETED" - }, - "heartbleed": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_heartbleed": false - }, - "status": "COMPLETED" - }, - "http_headers": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "openssl_ccs_injection": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_ccs_injection": false - }, - "status": "COMPLETED" - }, - "robot": { - "error_reason": null, - "error_trace": null, - "result": { - "robot_result": "NOT_VULNERABLE_NO_ORACLE" + "verified_certificate_chain": null, + "was_validation_successful": false + }, + { + "openssl_error_string": "self signed certificate", + "trust_store": { + "ev_oids": null, + "name": "Java", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/oracle_java.pem", + "version": "jdk-13.0.2" }, - "status": "COMPLETED" - }, - "session_renegotiation": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_client_renegotiation_dos": false, - "supports_secure_renegotiation": true + "verified_certificate_chain": null, + "was_validation_successful": false + }, + { + "openssl_error_string": "self signed certificate", + "trust_store": { + "ev_oids": [ + { + "dotted_string": "1.2.276.0.44.1.1.1.4", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.392.200091.100.721.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.40.0.17.1.22", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.616.1.113527.2.5.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.159.1.17.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.13177.10.1.3.10", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14370.1.6", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14777.6.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14777.6.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.14.2.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.14.2.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.8.12.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.8.12.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.22234.2.5.2.3.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.23223.1.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.29836.1.10", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.3", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.4", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.36305.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.40869.1.1.22.3", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.4146.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.4788.2.202.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.6334.1.100.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.6449.1.2.1.5.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.782.1.2.1.8.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.7879.13.24.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.8024.0.2.100.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.156.112554.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.528.1.1003.1.2.7", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.578.1.26.1.3.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.756.1.83.21.0", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.756.1.89.1.2.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.792.3.0.3.1.1.5", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.792.3.0.4.1.1.4", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.113733.1.7.23.6", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.113733.1.7.48.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114028.10.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114171.500.9", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114404.1.1.2.4.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114412.2.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114413.1.7.23.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114414.1.7.23.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114414.1.7.24.3", + "name": "Unknown OID" + } + ], + "name": "Mozilla", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/mozilla_nss.pem", + "version": "2021-09-25" }, - "status": "COMPLETED" - }, - "session_resumption": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "ssl_2_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_RC4_128_WITH_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "SSL_CK_RC4_128_EXPORT40_WITH_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_RC2_128_CBC_WITH_MD5", - "openssl_name": "RC2-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_IDEA_128_CBC_WITH_MD5", - "openssl_name": "IDEA-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "SSL_CK_DES_64_CBC_WITH_MD5", - "openssl_name": "DES-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "SSL_CK_DES_192_EDE3_CBC_WITH_MD5", - "openssl_name": "DES-CBC3-MD5" - }, - "error_message": "Server rejected the connection" - } - ], - "tls_version_used": "SSL_2_0" + "verified_certificate_chain": null, + "was_validation_successful": false + }, + { + "openssl_error_string": "self signed certificate", + "trust_store": { + "ev_oids": null, + "name": "Windows", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/microsoft_windows.pem", + "version": "2021-09-25" }, - "status": "COMPLETED" - }, - "ssl_3_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "SSL_3_0" + "verified_certificate_chain": null, + "was_validation_successful": false + } + ], + "received_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDeTCCAmGgAwIBAgIJAMnA8BB8xT6wMA0GCSqGSIb3DQEBCwUAMGIxCzAJBgNV\nBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNp\nc2NvMQ8wDQYDVQQKDAZCYWRTU0wxFTATBgNVBAMMDCouYmFkc3NsLmNvbTAeFw0y\nMTEwMTEyMDAzNTRaFw0yMzEwMTEyMDAzNTRaMGIxCzAJBgNVBAYTAlVTMRMwEQYD\nVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMQ8wDQYDVQQK\nDAZCYWRTU0wxFTATBgNVBAMMDCouYmFkc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAMIE7PiM7gTCs9hQ1XBYzJMY61yoaEmwIrX5lZ6xKyx2\nPmzAS2BMTOqytMAPgLaw+XLJhgL5XEFdEyt/ccRLvOmULlA3pmccYYz2QULFRtMW\nhyefdOsKnRFSJiFzbIRMeVXk0WvoBj1IFVKtsyjbqv9u/2CVSndrOfEk0TG23U3A\nxPxTuW1CrbV8/q71FdIzSOciccfCFHpsKOo3St/qbLVytH5aohbcabFXRNsKEqve\nww9HdFxBIuGa+RuT5q0iBikusbpJHAwnnqP7i/dAcgCskgjZjFeEU4EFy+b+a1SY\nQCeFxxC7c3DvaRhBB0VVfPlkPz0sw6l865MaTIbRyoUCAwEAAaMyMDAwCQYDVR0T\nBAIwADAjBgNVHREEHDAaggwqLmJhZHNzbC5jb22CCmJhZHNzbC5jb20wDQYJKoZI\nhvcNAQELBQADggEBAC4DensZ5tCTeCNJbHABYPwwqLUFOMITKOOgF3t8EqOan0CH\nST1NNi4jPslWrVhQ4Y3UbAhRBdqXl5N/NFfMzDosPpOjFgtifh8Z2s3w8vdlEZzf\nA4mYTC8APgdpWyNgMsp8cdXQF7QOfdnqOfdnY+pfc8a8joObR7HEaeVxhJs+XL4E\nCLByw5FR+svkYgCbQGWIgrM1cRpmXemt6Gf/XgFNP2PdubxqDEcnWlTMk8FCBVb1\nnVDSiPjYShwnWsOOshshCRCAiIBPCKPX0QwKDComQlRrgMIvddaSzFFTKPoNZjC+\nCUspSNnL7V9IIHvqKlRSmu+zIpm2VJCp1xLulk8=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "MD6r1O/jsSnla7VBMkknd9V7cRY=", + "fingerprint_sha256": "/DHMRZ+/om2V9LpDKycnXSREqIocE7bTurmacawYuWw=", + "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=San Francisco", + "value": "San Francisco" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=BadSSL", + "value": "BadSSL" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.badssl.com", + "value": "*.badssl.com" + } + ], + "rfc4514_string": "CN=*.badssl.com,O=BadSSL,L=San Francisco,ST=California,C=US" }, - "status": "COMPLETED" - }, - "tls_1_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BCjyxA9FZUqdfiTOwOAf80F8TJoONTBnjBAYA4Qu/goh+ihCPlXMzJVdQUOrFJVecw812mOzjzlR/uueELYPDL0=", - "size": 256, - "type_name": "ECDH", - "x": "KPLED0VlSp1+JM7A4B/zQXxMmg41MGeMEBgDhC7+CiE=", - "y": "+ihCPlXMzJVdQUOrFJVecw812mOzjzlR/uueELYPDL0=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BIp7gDU5InADOXEDhbD69isO9YDvlfv7Zw1dNxN6Ba9UHg2f300giTCDpTqGjAqwKsAw9EbFX7eI9lrZbK9aBPQ=", - "size": 256, - "type_name": "ECDH", - "x": "inuANTkicAM5cQOFsPr2Kw71gO+V+/tnDV03E3oFr1Q=", - "y": "Hg2f300giTCDpTqGjAqwKsAw9EbFX7eI9lrZbK9aBPQ=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BCp1ft6xHZzDkPIw2VJQxAUWHB2lMigqQb1UbTOo5dRI13wqnq0UHM6PmRp+KO1yR4+doZGH0ha3wouxXi+XVqQ=", - "size": 256, - "type_name": "ECDH", - "x": "KnV+3rEdnMOQ8jDZUlDEBRYcHaUyKCpBvVRtM6jl1Eg=", - "y": "13wqnq0UHM6PmRp+KO1yR4+doZGH0ha3wouxXi+XVqQ=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "bWY/K6iPxxUc+2U3e0bSRZCMvRVIEhKa3ELQjiZ93LZqvlHxmjdQOHVhZVuAPT9z4gPYRkjSaJ894PzHdUUxCwz8Pg38Vc47k9o/iQYh2KzixtA19ueThMqJV3udDdvipkNbNVxPn+SJfvYISXWYUvdxx47+4nbVTxSQAQXndlnZ9w2SG1kS/N36jaXfgmPqQApTmNwB/QgFjAtu+LSYWyNBo9d/DZBMAKm7XDjeuM1QXaOzaEj8VrxMBJw0U7+WFg26sdKLpwvV2YyP5mx2o1Q4+/ZAJJZpdzv3Uj2W44xWCTEtGxFUhui3Ko0yt6PAYmXfedVfjCOOp+YE/5a72Q==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "INz7PPZrUbu3UN9X2cIXxNzgwDo3WjdqUZgD6/tbHFK0ZRjSNmouYGt5QypL/G4ZwcP1DG+EZHoDVCUjbTEe2QKWnbZ5AgoPiOY9sJA3Nd8HlQJkbtDANfamqLjl6EZG11VIAxgR99yiteT2BLoqWVQ4zg+RaVWJXJPw53EGwWTJDmNK7KPKeUsRS3DUGbdMiCKqyDiKvjw3D83orVw01ma4jBHdr2N7hh6gntwic7dsMZBIjvd+MwvswLzHjpvF/UUav7zTrs7f+rfBIFiSB2l0r/RnJEON4P1lRbS/e7CDjLCEopurWNZPhvaQAZ8GaUtZ1UeUMnHAi5Vb+GiCpw==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "Ny2nNCRzy8adR8i1wAKetSRConMDzMx4EwJg6uoZIlIon6+VxvAGeyHcks5Y+tG/lLgR3Fpavo3GJuS46UDEIET+WUBWlvZtOhhSdZZ0wPs68uWZGDzne6+alwmqKLZOs55EC+AkNyQMDPVMdRvl+bVpVBRmks94Xh4Pt6J/aTklpfYhRynDp9teCNKyq9tZNxnOg96aGpTVznEByHMsZ98LPcBwkUo9YrZUEbvzHve7UKnS3ahM6QMum8oxqiuOiY/Vx+1HE5NmsIxh/XhLGt18In19HpncqafiaNmwe4ff3FqtzNt+UlUA88Y5zUbRWA6zCUWZ5/HjJDv77gUNRA==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "C0VyFw6Gq4JBVhJQRBsMyHL4RsJauohIMDU58GWeHQdH9rkoAHW3p/JOzFr7Pgwi9Em2wrLSLz3NLxGXfz7SmV7f85ZlKIXHXl4e9TCr+7nKX5B7Re+miJq6s61I9APZcFgeYsbepE7F2NzkFKsmDAmsTYyRZ455cWrkS+FTJMCAxZfSPw/7xBd+bAKdEf8dV8S1C+qMFG9PGcPkCpjVw5t1PSKOonZgMURQSB3+JjAxOwV0qrtES34b5vFuCDUUWx1WZJdb2MYapYjb3GwsBefdhMpgqRtFn5vP3IhElgGgr29bScPeiVVS9g/8bRUzu8BcrDP54M4R71b3WcDcJg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "Connection to server timed out during the TLS handshake" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_0" + "not_valid_after": "2023-10-11T20:03:54", + "not_valid_before": "2021-10-11T20:03:54", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 }, - "status": "COMPLETED" - }, - "tls_1_1_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BDdXYOZmuc+rVQjsiS+Eai1etifgxUzAS2XCzfQheQ7xz/lBxK1dfEI6IsDtqsoQk7OyaRSOFNXSMFIM2QOjtaI=", - "size": 256, - "type_name": "ECDH", - "x": "N1dg5ma5z6tVCOyJL4RqLV62J+DFTMBLZcLN9CF5DvE=", - "y": "z/lBxK1dfEI6IsDtqsoQk7OyaRSOFNXSMFIM2QOjtaI=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BFgng3gKJ4tl3SKS5OUMFt1t9QxrA51kxkbNzxR27Q0LhWU4lHDqYxTjlMqFgmE2EuKnnlf4mZeRA8NihfNzqvc=", - "size": 256, - "type_name": "ECDH", - "x": "WCeDeAoni2XdIpLk5QwW3W31DGsDnWTGRs3PFHbtDQs=", - "y": "hWU4lHDqYxTjlMqFgmE2EuKnnlf4mZeRA8NihfNzqvc=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BKerN03XuelTe1EN7mKPXLbq1EoJeJ4aUKVynh1re9gpaH1zuXjPRNM9gJikwHKEwK1KMjbDfzebUwYTTWBVv90=", - "size": 256, - "type_name": "ECDH", - "x": "p6s3Tde56VN7UQ3uYo9cturUSgl4nhpQpXKeHWt72Ck=", - "y": "aH1zuXjPRNM9gJikwHKEwK1KMjbDfzebUwYTTWBVv90=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "EV2WsQu/v6vmTz2n5r8lQeycyZwXDTAuO8IiYCp6jm2zEYulLTBD7IpUZUvooEq0s/ktbMrIF+NgH8rG5uSiYzwYQNt8yQtAGk/pQk1idH5/N83FprrsM+LoDpd+SNydG4AGHi2uZMVdBYcVSgVXztGXhJmpKScval9q5ph5oys4FmJvWnpT3Iqtv4VFhRePmIGOmS6GiU6y1C+F/YZYWbGG093z/FsGqOYiRnrb1IVJ504UeINZCIKEIvObNKCeJIFljBGlDMhee8tQ2+E8n455rmPjCr/7DTfpT+0/ypmGkOi0dmO0dD+1w3GbnFlgDx+n7kku2iJmonknFuUquw==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "XMcCmgEBJs/E7f3/pnn9XfQbI09hqX2R2X7oXkaoiGAhjWI7O0MP9UMv2pdbh41T78yDKVDsKKNrvHzt/ZdzyBWMipJg2XD25ZWmLmcIejAm1VQJ9Ia/fcZAi1yY+cFGFMJUcVoGeIfw91gBaeWBuOGX0HvPek30qkKXXo8wz+RB1XQzzMhBv4cE5jh/soQGwBU0WFEDOgjq3/5OeZVtTHi5BsFnA0hmlcy7yYWZAbRgutBMubYza2ZcYlvBgEuRM+1DXfYkL7vvgxvEoAnFmQWxRbN4L26NgJb/Jr6As0CJJPQEmewmFyTToneAxOZ5GI9s1O0NlAENBREeiwuNsA==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "N+cOf68KoDdtXPhFZTX9T715K4PvhWuH3e4VSZD6dv/79VbE5QxMQbhfDf4fB6Z3l0zDJM034O3yhPFgmosrcX8TX8BceAR00vwo28PNJSpM/smw4pJagWaiqzq7vbF2b6GygSYELiAXla/jEZ+j3d/MUt37pIpbmu6wKbNmpH4kDE7mtb+kgKfYILtvMWiwp75ktQ1yRhEyFlyBrS75jbjDJ9+PNIE95KTjIOqSCQLpp+7PL3VcLkJb9ZA0RjZavg+c+Eju8jcm8HHKl9aIMAW4JgvT+emdLhVW+uKO8DxWqUdvXoEx9dua0Bpw/O6vt5gewZM2vITervv3qyZSNA==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "fk/K7gshCQmCNT7+SCkEJqOu5y15/gxVu6JOmElaQlluhJG4axV6Y6oBrWLp6k8oIk1nAzYSbCd6xxyhC+1x+bwgILA3KCpNBYLvQI8EGD29FTQCvtS9qYffZCq9RkqZKlE60n2PpDXmkKdnuepJ27yT3394iOnO4VrnpJA081PH+qUOexKZXxiLiXz/FIzns6Roa0hYosKrGK7hiGSH21jkZwRhGBZLP1IwXFa/8FSvm8Ib6tzCEcRHpcqD9YpqtRbZ7eGtNwvfbO9Pj8DViF8qMDnLqXc0FPzemSnX5+ypyMInvLLR0FMpCXV4KXiWmNg36gg6MU3ZUTJh3B3IbA==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_1" + "serial_number": 14537883550755405488, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" }, - "status": "COMPLETED" - }, - "tls_1_2_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "AES256-GCM-SHA384" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "AES256-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "AES128-GCM-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "AES128-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDHE-RSA-AES256-GCM-SHA384" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BJ6IBIjJeftLnR9Df6BrJ/ZW0mONgVkwn5KWxEdO2JC2NL5cDxncFr8fZLOurbWPG0cBlYd8CNZEvAVMmoiLCqE=", - "size": 256, - "type_name": "ECDH", - "x": "nogEiMl5+0udH0N/oGsn9lbSY42BWTCfkpbER07YkLY=", - "y": "NL5cDxncFr8fZLOurbWPG0cBlYd8CNZEvAVMmoiLCqE=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDHE-RSA-AES256-SHA384" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BGG8cR4eLiO5w+QHdQuNbIBZ7V6faEFVzF2sDi3yZ5qsu25FfiyYm7ZnbaQPJpFPVzsQWX1SAqXWhdDPWHFUF8U=", - "size": 256, - "type_name": "ECDH", - "x": "YbxxHh4uI7nD5Ad1C41sgFntXp9oQVXMXawOLfJnmqw=", - "y": "u25FfiyYm7ZnbaQPJpFPVzsQWX1SAqXWhdDPWHFUF8U=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BJJb4EJyyaAklJFS9wrApRSU6OsMZYRZgz9xpCXfoFMIk7Q7sPKrG6dDFcgzHJ2J8PUlTqZ+ugYaFNoGV2dtFwM=", - "size": 256, - "type_name": "ECDH", - "x": "klvgQnLJoCSUkVL3CsClFJTo6wxlhFmDP3GkJd+gUwg=", - "y": "k7Q7sPKrG6dDFcgzHJ2J8PUlTqZ+ugYaFNoGV2dtFwM=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDHE-RSA-AES128-GCM-SHA256" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BH2IF6UXeeKOEbRwNge+JHSTNom2SMkuR821XOhKrSSFRlYfPGLUrLS9LV+7Pw04ilJyefCqbcfEutNyvfebOg4=", - "size": 256, - "type_name": "ECDH", - "x": "fYgXpRd54o4RtHA2B74kdJM2ibZIyS5HzbVc6EqtJIU=", - "y": "RlYfPGLUrLS9LV+7Pw04ilJyefCqbcfEutNyvfebOg4=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDHE-RSA-AES128-SHA256" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BDtnXtPwP6T6GsTGGmLlw2C05NBDUisk30NZImy/P1tBZs0BnP5O/HDdw4Vi2qfaQBm2daSjZhW+VpQegiCbHMU=", - "size": 256, - "type_name": "ECDH", - "x": "O2de0/A/pPoaxMYaYuXDYLTk0ENSKyTfQ1kibL8/W0E=", - "y": "Zs0BnP5O/HDdw4Vi2qfaQBm2daSjZhW+VpQegiCbHMU=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BLeI0awTXV6x0fIKamxBVFkOBG/e0ROC/D+Ii6I0poIwT2eormdJGkwlziU5TQSOAY8L6xvEKPIrc48SbRfmwFY=", - "size": 256, - "type_name": "ECDH", - "x": "t4jRrBNdXrHR8gpqbEFUWQ4Eb97RE4L8P4iLojSmgjA=", - "y": "T2eormdJGkwlziU5TQSOAY8L6xvEKPIrc48SbRfmwFY=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BNBGA9Jebdb9YWTwNJ2/qftdJqz5EboPRbkH9a60Na1qy65IMWKvtsnUW99815hzaAJbhsHWAc1Z1daKA8N9VIQ=", - "size": 256, - "type_name": "ECDH", - "x": "0EYD0l5t1v1hZPA0nb+p+10mrPkRug9FuQf1rrQ1rWo=", - "y": "y65IMWKvtsnUW99815hzaAJbhsHWAc1Z1daKA8N9VIQ=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "Xi5EWMosU8Y7vyOXPKftTV81N8aistatr53VKdH5sbA+pj4/jK+/HVFy75sutkOUnfbjTxUUgizCE7Sr2um0jlbvtqfyYk12SRn5nfcnCAcyYOZY0v1choDItbt4AmfAmWt4egDziZHB1jY3KsprmJ4Xw2r+dx52qIzd60S8u8ejCJvkYDG1s8Hb9wtDtaoan4a7ESPiafkMxBMYie+KpySpkosIctKCj8mf2/6Gry07w3jkLkJIlHCnnHbrFwo+DGVUqaE5QJZ+c7enqUkoT7p4HZrGY+wtB8Jmr9WkThN9S7KzhAngi8HrMQ/Q7LU2MPjW8IMan6GNGOGD+FgiVg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "eAM7huIdaQucAmG6AP1O/rUrkFC+R/Nhgrdogimycl7c3ax8M2zt9t4BnIv0pHwyNwy10pd2iyyOjMq9JrM/gqgIDwrJH0KO1/YlTbhAw5BzErsLhKRL+Iwcemkwmu7ROs3xfQTzfb0/4bdH6sgsWdID/wdQlKJ9AwLe3kOnRvX7B2yEiVr0DViyGoedeURrlBWABnqBHjJh65YsALW/v2BRHGDS/3GYB8JerUT5zgKIJUi7CX6xuHnsPkhr0ZVP15EnixTZJndeG59XDwi3voQ1LPtAeiYxm/dUKeZUcO6CIMjygO9XWfA8uX+EFAVlREnIDNN1LJSa9T/qxNl8dg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "DHE-RSA-AES256-GCM-SHA384" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "R30B+6pfyBax5WK1U1viUg+gSyfs4qtHmysXokpGPuUVW0YWHibOu4wJtGIBDHZTCOV/9UZZz9GMWXYhiRw7R63rMX+R3cp0PDzmEze8ll/BbN4gg2QUpKEenPcpf7RPdWsvVOGugZTmZCh0VjXAHLEAMYnIjmKJUml79q0gghTNjXo1GRw9G9mdQTMf+XSiWPoQP6NLnHNedpkeCW8ym1VjaoSNu+CqiIAsIGNMTsleRGMHMDVnkLq1qqVZlf8hY4TUt/qGXR7Axog/S+KdAmiZLsFhbthp1lz8Zn7JEfI8FWrcYQDdkyMQqY6b65s7MrRf5OEyGAK25USje5Mv/Q==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "DHE-RSA-AES256-SHA256" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "bjm4RoGZqDi0GKmpxQjP14XoyzRj2q0A2I9mfFmEjCc9Fl4oQrHN6lQuVWSgYXySyowV3GNGTR/jtl38Kzun7oJewSFSm1SbPypxuZvaUwJRE2ud7SIjY7SXQij7yvAdc1F9UvEVSkKSo89TsHd0eO+EBbr/l3hMUbZOvx0QWdmxhPfVRIVboEB2q56VFSCVPFdZwFCWHicDE3tpxY89plbCkwlkMnRRaFKkYvSyAFzwUzs/lCzbm8BO0dpJ3vI3uxMe0GzbjWbYB+wnjqsjck3gR1cyI9KfXKmCYo8RpPwodb1lbAVI85bMvhXE8DsSNvG5RxUKgPWcln0u8FaRMg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "F0puTQuaqJjsBnwneauzgCf2UA2svCqQYlhseV8wTZlqj9jJTQXsihylQs4NqceB9PREQa8ouRAlGUjDNv3K/EhMjjN0l2zK0x95X8qQOq8WJmJgSm+3tYyEmMyGHDPE7w2m62+OaCvKifDpPwO1ZQ8ACU7ih1HJZC6vVYL0q3SpIavRJ1HoncIAk6+4RhMM+qDTw5IeNeSo10L1+b0dkrVdxZyyienN4bUhk7c7b2Avo4x8xVZPTU3OpggIE8MyDDpfJEysBHeZ7BmF7kFJ9Km77EtFPaTRe/U+98uxSq0zIJrOiYQjAKdxL0esBR9xiifztDxwD1xc9SQ98aJpqg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "DHE-RSA-AES128-GCM-SHA256" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "ns7TjNYpqreZNvIhpgXbUcmt3YVFIMKEVuSMMvI6qnUom2uT+djERTRbV/eED8diE8IGN/Ab76CtQigvQBnWdc6midAMRYt4RjWPtJ3OQXaQEsd/QGShWt1E0Tf6RqaiV/pHnz8uH9M+9ZU/ZPPjI5RxFL93+/HDcXQFaBhyn4LL+F35pNPtbmsgWqE5TDrbJ810d5Sdjnye+HKs3RI4JpzsuaW8fjOKCf3SDUQUQ9bP4PahmxtgJ2CesR36s66jIe0nfB2FCVfoMbn5yR0OxKNuKw4klLShBlTceKnAtUgI91A9gZHwNoITTxj9Uq1vVQ7BjrtglKlUpcVFxgoWqw==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "DHE-RSA-AES128-SHA256" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "mTjij6Dlh1U9E6yEta410hmxsU0jOJiIzr1PL2cXqFonTv4X4V1u3aRMoxpaYlovm0e+bO/rQnjvt+HFi50y+BL6h39yq1p11pN0phtBTtTLGryp6UHcYYqv5ivdmR08YbUTqzS9Plq9b53TSerWRVw+Sfsxcb5YN35nbbeGR+r9qD0YVe19CNWj2nOYnALAfFQaUNyjwg0z7m5BZqIebVrICAgJPaWHnTFP+g/jsfwjjNaNhoQghIs8olvnl7K1lJOmn5RUi7bMbXZULZSElaEU9LtE24xLsKBRbfPJnpIUZcz6lKtzKgrMehnc26ZG5YT79vaAJi4sxmZLaSqjgg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "c2jtsIo2Ec7vkNvuHTXCL3GjPh5S9vahMDtBkvD2yOc5ZbCdt6UyfplimKTyYxKxXt+dSbo/9FW7zG0P/QBN7N5jL0jCgoCQSkqtOi9vAnBP2jdJuf6fafG+uluVSGVX4+t7Sn9tTObdYoC5VDOhNTrAzWXMJSCGNU5AQxcLAmpPZ5Of045g7R4ih5bc6nQiPW2MDeK+ZFdGP+sRlpl6CJLGG/VbmhKOUyf1SztdW/hOjthpmTyLJIr90Km34y6eQT3u/ZPnncbstelk3S+r8clj7EFQGGrl1MaeI5htiZMxVR3HLGSpxHDadWU8wUjdhbl6P280quSymTHBasu65g==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA256", - "openssl_name": "NULL-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_256_CCM_8", - "openssl_name": "AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CCM", - "openssl_name": "AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CCM_8", - "openssl_name": "AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CCM", - "openssl_name": "AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDH-RSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDH-RSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDH-RSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDH-RSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDH-ECDSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDH-ECDSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDH-ECDSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDH-ECDSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "ECDHE-RSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", - "openssl_name": "ECDHE-RSA-CAMELLIA256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "ECDHE-RSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ECDHE-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ECDHE-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "ECDHE-ECDSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", - "openssl_name": "ECDHE-ECDSA-CAMELLIA256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "ECDHE-ECDSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ECDHE-ECDSA-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ECDHE-ECDSA-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDHE-ECDSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", - "openssl_name": "ECDHE-ECDSA-AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", - "openssl_name": "ECDHE-ECDSA-AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDHE-ECDSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDHE-ECDSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", - "openssl_name": "ECDHE-ECDSA-AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", - "openssl_name": "ECDHE-ECDSA-AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDHE-ECDSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_GCM_SHA384", - "openssl_name": "ADH-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA256", - "openssl_name": "ADH-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_GCM_SHA256", - "openssl_name": "ADH-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA256", - "openssl_name": "ADH-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "DH-RSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "DH-RSA-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "DH-RSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "DH-RSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", - "openssl_name": "DH-DSS-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", - "openssl_name": "DH-DSS-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", - "openssl_name": "DH-DSS-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", - "openssl_name": "DH-DSS-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "DHE-RSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "DHE-RSA-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "DHE-RSA-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CCM_8", - "openssl_name": "DHE-RSA-AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CCM", - "openssl_name": "DHE-RSA-AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CCM_8", - "openssl_name": "DHE-RSA-AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CCM", - "openssl_name": "DHE-RSA-AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "DHE-DSS-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "DHE-DSS-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", - "openssl_name": "DHE-DSS-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", - "openssl_name": "DHE-DSS-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", - "openssl_name": "DHE-DSS-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", - "openssl_name": "DHE-DSS-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DHE-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_2" + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" }, - "status": "COMPLETED" - }, - "tls_1_3_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_CHACHA20_POLY1305_SHA256", - "openssl_name": "TLS_CHACHA20_POLY1305_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_AES_256_GCM_SHA384", - "openssl_name": "TLS_AES_256_GCM_SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_GCM_SHA256", - "openssl_name": "TLS_AES_128_GCM_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_CCM_SHA256", - "openssl_name": "TLS_AES_128_CCM_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_CCM_8_SHA256", - "openssl_name": "TLS_AES_128_CCM_8_SHA256" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_3" + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=San Francisco", + "value": "San Francisco" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=BadSSL", + "value": "BadSSL" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.badssl.com", + "value": "*.badssl.com" + } + ], + "rfc4514_string": "CN=*.badssl.com,O=BadSSL,L=San Francisco,ST=California,C=US" }, - "status": "COMPLETED" - }, - "tls_1_3_early_data": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "tls_compression": { - "error_reason": null, - "error_trace": null, - "result": { - "supports_compression": false - }, - "status": "COMPLETED" + "subject_alternative_name": { + "dns": ["*.badssl.com", "badssl.com"] + } + } + ], + "received_chain_contains_anchor_certificate": null, + "received_chain_has_valid_order": true, + "verified_certificate_chain": null, + "verified_chain_has_legacy_symantec_anchor": null, + "verified_chain_has_sha1_signature": null + } + ], + "hostname_used_for_server_name_indication": "self-signed.badssl.com" + }, + "status": "COMPLETED" + }, + "elliptic_curves": { + "error_reason": null, + "error_trace": null, + "result": { + "rejected_curves": [ + { + "name": "X25519", + "openssl_nid": 1034 + }, + { + "name": "X448", + "openssl_nid": 1035 + }, + { + "name": "prime192v1", + "openssl_nid": 409 + }, + { + "name": "secp160k1", + "openssl_nid": 708 + }, + { + "name": "secp160r1", + "openssl_nid": 709 + }, + { + "name": "secp160r2", + "openssl_nid": 710 + }, + { + "name": "secp192k1", + "openssl_nid": 711 + }, + { + "name": "secp224k1", + "openssl_nid": 712 + }, + { + "name": "secp224r1", + "openssl_nid": 713 + }, + { + "name": "secp256k1", + "openssl_nid": 714 + }, + { + "name": "secp384r1", + "openssl_nid": 715 + }, + { + "name": "secp521r1", + "openssl_nid": 716 + }, + { + "name": "sect163k1", + "openssl_nid": 721 + }, + { + "name": "sect163r1", + "openssl_nid": 722 + }, + { + "name": "sect163r2", + "openssl_nid": 723 + }, + { + "name": "sect193r1", + "openssl_nid": 724 + }, + { + "name": "sect193r2", + "openssl_nid": 725 + }, + { + "name": "sect233k1", + "openssl_nid": 726 + }, + { + "name": "sect233r1", + "openssl_nid": 727 + }, + { + "name": "sect239k1", + "openssl_nid": 728 + }, + { + "name": "sect283k1", + "openssl_nid": 729 + }, + { + "name": "sect283r1", + "openssl_nid": 730 + }, + { + "name": "sect409k1", + "openssl_nid": 731 + }, + { + "name": "sect409r1", + "openssl_nid": 732 + }, + { + "name": "sect571k1", + "openssl_nid": 733 + }, + { + "name": "sect571r1", + "openssl_nid": 734 + } + ], + "supported_curves": [ + { + "name": "prime256v1", + "openssl_nid": 415 + } + ], + "supports_ecdh_key_exchange": true + }, + "status": "COMPLETED" + }, + "heartbleed": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_heartbleed": false + }, + "status": "COMPLETED" + }, + "http_headers": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "openssl_ccs_injection": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_ccs_injection": false + }, + "status": "COMPLETED" + }, + "robot": { + "error_reason": null, + "error_trace": null, + "result": { + "robot_result": "NOT_VULNERABLE_NO_ORACLE" + }, + "status": "COMPLETED" + }, + "session_renegotiation": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_client_renegotiation_dos": false, + "supports_secure_renegotiation": true + }, + "status": "COMPLETED" + }, + "session_resumption": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "ssl_2_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_RC4_128_WITH_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "SSL_CK_RC4_128_EXPORT40_WITH_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_RC2_128_CBC_WITH_MD5", + "openssl_name": "RC2-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_IDEA_128_CBC_WITH_MD5", + "openssl_name": "IDEA-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "SSL_CK_DES_64_CBC_WITH_MD5", + "openssl_name": "DES-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "SSL_CK_DES_192_EDE3_CBC_WITH_MD5", + "openssl_name": "DES-CBC3-MD5" + }, + "error_message": "Server rejected the connection" + } + ], + "tls_version_used": "SSL_2_0" + }, + "status": "COMPLETED" + }, + "ssl_3_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "SSL_3_0" + }, + "status": "COMPLETED" + }, + "tls_1_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BCjyxA9FZUqdfiTOwOAf80F8TJoONTBnjBAYA4Qu/goh+ihCPlXMzJVdQUOrFJVecw812mOzjzlR/uueELYPDL0=", + "size": 256, + "type_name": "ECDH", + "x": "KPLED0VlSp1+JM7A4B/zQXxMmg41MGeMEBgDhC7+CiE=", + "y": "+ihCPlXMzJVdQUOrFJVecw812mOzjzlR/uueELYPDL0=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BIp7gDU5InADOXEDhbD69isO9YDvlfv7Zw1dNxN6Ba9UHg2f300giTCDpTqGjAqwKsAw9EbFX7eI9lrZbK9aBPQ=", + "size": 256, + "type_name": "ECDH", + "x": "inuANTkicAM5cQOFsPr2Kw71gO+V+/tnDV03E3oFr1Q=", + "y": "Hg2f300giTCDpTqGjAqwKsAw9EbFX7eI9lrZbK9aBPQ=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BCp1ft6xHZzDkPIw2VJQxAUWHB2lMigqQb1UbTOo5dRI13wqnq0UHM6PmRp+KO1yR4+doZGH0ha3wouxXi+XVqQ=", + "size": 256, + "type_name": "ECDH", + "x": "KnV+3rEdnMOQ8jDZUlDEBRYcHaUyKCpBvVRtM6jl1Eg=", + "y": "13wqnq0UHM6PmRp+KO1yR4+doZGH0ha3wouxXi+XVqQ=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "bWY/K6iPxxUc+2U3e0bSRZCMvRVIEhKa3ELQjiZ93LZqvlHxmjdQOHVhZVuAPT9z4gPYRkjSaJ894PzHdUUxCwz8Pg38Vc47k9o/iQYh2KzixtA19ueThMqJV3udDdvipkNbNVxPn+SJfvYISXWYUvdxx47+4nbVTxSQAQXndlnZ9w2SG1kS/N36jaXfgmPqQApTmNwB/QgFjAtu+LSYWyNBo9d/DZBMAKm7XDjeuM1QXaOzaEj8VrxMBJw0U7+WFg26sdKLpwvV2YyP5mx2o1Q4+/ZAJJZpdzv3Uj2W44xWCTEtGxFUhui3Ko0yt6PAYmXfedVfjCOOp+YE/5a72Q==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "INz7PPZrUbu3UN9X2cIXxNzgwDo3WjdqUZgD6/tbHFK0ZRjSNmouYGt5QypL/G4ZwcP1DG+EZHoDVCUjbTEe2QKWnbZ5AgoPiOY9sJA3Nd8HlQJkbtDANfamqLjl6EZG11VIAxgR99yiteT2BLoqWVQ4zg+RaVWJXJPw53EGwWTJDmNK7KPKeUsRS3DUGbdMiCKqyDiKvjw3D83orVw01ma4jBHdr2N7hh6gntwic7dsMZBIjvd+MwvswLzHjpvF/UUav7zTrs7f+rfBIFiSB2l0r/RnJEON4P1lRbS/e7CDjLCEopurWNZPhvaQAZ8GaUtZ1UeUMnHAi5Vb+GiCpw==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "Ny2nNCRzy8adR8i1wAKetSRConMDzMx4EwJg6uoZIlIon6+VxvAGeyHcks5Y+tG/lLgR3Fpavo3GJuS46UDEIET+WUBWlvZtOhhSdZZ0wPs68uWZGDzne6+alwmqKLZOs55EC+AkNyQMDPVMdRvl+bVpVBRmks94Xh4Pt6J/aTklpfYhRynDp9teCNKyq9tZNxnOg96aGpTVznEByHMsZ98LPcBwkUo9YrZUEbvzHve7UKnS3ahM6QMum8oxqiuOiY/Vx+1HE5NmsIxh/XhLGt18In19HpncqafiaNmwe4ff3FqtzNt+UlUA88Y5zUbRWA6zCUWZ5/HjJDv77gUNRA==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "C0VyFw6Gq4JBVhJQRBsMyHL4RsJauohIMDU58GWeHQdH9rkoAHW3p/JOzFr7Pgwi9Em2wrLSLz3NLxGXfz7SmV7f85ZlKIXHXl4e9TCr+7nKX5B7Re+miJq6s61I9APZcFgeYsbepE7F2NzkFKsmDAmsTYyRZ455cWrkS+FTJMCAxZfSPw/7xBd+bAKdEf8dV8S1C+qMFG9PGcPkCpjVw5t1PSKOonZgMURQSB3+JjAxOwV0qrtES34b5vFuCDUUWx1WZJdb2MYapYjb3GwsBefdhMpgqRtFn5vP3IhElgGgr29bScPeiVVS9g/8bRUzu8BcrDP54M4R71b3WcDcJg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "Connection to server timed out during the TLS handshake" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_0" + }, + "status": "COMPLETED" + }, + "tls_1_1_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BDdXYOZmuc+rVQjsiS+Eai1etifgxUzAS2XCzfQheQ7xz/lBxK1dfEI6IsDtqsoQk7OyaRSOFNXSMFIM2QOjtaI=", + "size": 256, + "type_name": "ECDH", + "x": "N1dg5ma5z6tVCOyJL4RqLV62J+DFTMBLZcLN9CF5DvE=", + "y": "z/lBxK1dfEI6IsDtqsoQk7OyaRSOFNXSMFIM2QOjtaI=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BFgng3gKJ4tl3SKS5OUMFt1t9QxrA51kxkbNzxR27Q0LhWU4lHDqYxTjlMqFgmE2EuKnnlf4mZeRA8NihfNzqvc=", + "size": 256, + "type_name": "ECDH", + "x": "WCeDeAoni2XdIpLk5QwW3W31DGsDnWTGRs3PFHbtDQs=", + "y": "hWU4lHDqYxTjlMqFgmE2EuKnnlf4mZeRA8NihfNzqvc=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BKerN03XuelTe1EN7mKPXLbq1EoJeJ4aUKVynh1re9gpaH1zuXjPRNM9gJikwHKEwK1KMjbDfzebUwYTTWBVv90=", + "size": 256, + "type_name": "ECDH", + "x": "p6s3Tde56VN7UQ3uYo9cturUSgl4nhpQpXKeHWt72Ck=", + "y": "aH1zuXjPRNM9gJikwHKEwK1KMjbDfzebUwYTTWBVv90=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "EV2WsQu/v6vmTz2n5r8lQeycyZwXDTAuO8IiYCp6jm2zEYulLTBD7IpUZUvooEq0s/ktbMrIF+NgH8rG5uSiYzwYQNt8yQtAGk/pQk1idH5/N83FprrsM+LoDpd+SNydG4AGHi2uZMVdBYcVSgVXztGXhJmpKScval9q5ph5oys4FmJvWnpT3Iqtv4VFhRePmIGOmS6GiU6y1C+F/YZYWbGG093z/FsGqOYiRnrb1IVJ504UeINZCIKEIvObNKCeJIFljBGlDMhee8tQ2+E8n455rmPjCr/7DTfpT+0/ypmGkOi0dmO0dD+1w3GbnFlgDx+n7kku2iJmonknFuUquw==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "XMcCmgEBJs/E7f3/pnn9XfQbI09hqX2R2X7oXkaoiGAhjWI7O0MP9UMv2pdbh41T78yDKVDsKKNrvHzt/ZdzyBWMipJg2XD25ZWmLmcIejAm1VQJ9Ia/fcZAi1yY+cFGFMJUcVoGeIfw91gBaeWBuOGX0HvPek30qkKXXo8wz+RB1XQzzMhBv4cE5jh/soQGwBU0WFEDOgjq3/5OeZVtTHi5BsFnA0hmlcy7yYWZAbRgutBMubYza2ZcYlvBgEuRM+1DXfYkL7vvgxvEoAnFmQWxRbN4L26NgJb/Jr6As0CJJPQEmewmFyTToneAxOZ5GI9s1O0NlAENBREeiwuNsA==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "N+cOf68KoDdtXPhFZTX9T715K4PvhWuH3e4VSZD6dv/79VbE5QxMQbhfDf4fB6Z3l0zDJM034O3yhPFgmosrcX8TX8BceAR00vwo28PNJSpM/smw4pJagWaiqzq7vbF2b6GygSYELiAXla/jEZ+j3d/MUt37pIpbmu6wKbNmpH4kDE7mtb+kgKfYILtvMWiwp75ktQ1yRhEyFlyBrS75jbjDJ9+PNIE95KTjIOqSCQLpp+7PL3VcLkJb9ZA0RjZavg+c+Eju8jcm8HHKl9aIMAW4JgvT+emdLhVW+uKO8DxWqUdvXoEx9dua0Bpw/O6vt5gewZM2vITervv3qyZSNA==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "fk/K7gshCQmCNT7+SCkEJqOu5y15/gxVu6JOmElaQlluhJG4axV6Y6oBrWLp6k8oIk1nAzYSbCd6xxyhC+1x+bwgILA3KCpNBYLvQI8EGD29FTQCvtS9qYffZCq9RkqZKlE60n2PpDXmkKdnuepJ27yT3394iOnO4VrnpJA081PH+qUOexKZXxiLiXz/FIzns6Roa0hYosKrGK7hiGSH21jkZwRhGBZLP1IwXFa/8FSvm8Ib6tzCEcRHpcqD9YpqtRbZ7eGtNwvfbO9Pj8DViF8qMDnLqXc0FPzemSnX5+ypyMInvLLR0FMpCXV4KXiWmNg36gg6MU3ZUTJh3B3IbA==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" }, - "tls_fallback_scsv": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_1" + }, + "status": "COMPLETED" + }, + "tls_1_2_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "AES256-GCM-SHA384" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "AES256-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "AES128-GCM-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "AES128-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDHE-RSA-AES256-GCM-SHA384" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BJ6IBIjJeftLnR9Df6BrJ/ZW0mONgVkwn5KWxEdO2JC2NL5cDxncFr8fZLOurbWPG0cBlYd8CNZEvAVMmoiLCqE=", + "size": 256, + "type_name": "ECDH", + "x": "nogEiMl5+0udH0N/oGsn9lbSY42BWTCfkpbER07YkLY=", + "y": "NL5cDxncFr8fZLOurbWPG0cBlYd8CNZEvAVMmoiLCqE=" } - }, - "scan_status": "COMPLETED", - "server_location": { - "connection_type": "DIRECT", - "hostname": "self-signed.badssl.com", - "http_proxy_settings": null, - "ip_address": "104.154.89.105", - "port": 443 - }, - "uuid": "038dfa44-d30d-413b-9a1b-c78a4d666581" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDHE-RSA-AES256-SHA384" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BGG8cR4eLiO5w+QHdQuNbIBZ7V6faEFVzF2sDi3yZ5qsu25FfiyYm7ZnbaQPJpFPVzsQWX1SAqXWhdDPWHFUF8U=", + "size": 256, + "type_name": "ECDH", + "x": "YbxxHh4uI7nD5Ad1C41sgFntXp9oQVXMXawOLfJnmqw=", + "y": "u25FfiyYm7ZnbaQPJpFPVzsQWX1SAqXWhdDPWHFUF8U=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BJJb4EJyyaAklJFS9wrApRSU6OsMZYRZgz9xpCXfoFMIk7Q7sPKrG6dDFcgzHJ2J8PUlTqZ+ugYaFNoGV2dtFwM=", + "size": 256, + "type_name": "ECDH", + "x": "klvgQnLJoCSUkVL3CsClFJTo6wxlhFmDP3GkJd+gUwg=", + "y": "k7Q7sPKrG6dDFcgzHJ2J8PUlTqZ+ugYaFNoGV2dtFwM=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDHE-RSA-AES128-GCM-SHA256" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BH2IF6UXeeKOEbRwNge+JHSTNom2SMkuR821XOhKrSSFRlYfPGLUrLS9LV+7Pw04ilJyefCqbcfEutNyvfebOg4=", + "size": 256, + "type_name": "ECDH", + "x": "fYgXpRd54o4RtHA2B74kdJM2ibZIyS5HzbVc6EqtJIU=", + "y": "RlYfPGLUrLS9LV+7Pw04ilJyefCqbcfEutNyvfebOg4=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDHE-RSA-AES128-SHA256" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BDtnXtPwP6T6GsTGGmLlw2C05NBDUisk30NZImy/P1tBZs0BnP5O/HDdw4Vi2qfaQBm2daSjZhW+VpQegiCbHMU=", + "size": 256, + "type_name": "ECDH", + "x": "O2de0/A/pPoaxMYaYuXDYLTk0ENSKyTfQ1kibL8/W0E=", + "y": "Zs0BnP5O/HDdw4Vi2qfaQBm2daSjZhW+VpQegiCbHMU=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BLeI0awTXV6x0fIKamxBVFkOBG/e0ROC/D+Ii6I0poIwT2eormdJGkwlziU5TQSOAY8L6xvEKPIrc48SbRfmwFY=", + "size": 256, + "type_name": "ECDH", + "x": "t4jRrBNdXrHR8gpqbEFUWQ4Eb97RE4L8P4iLojSmgjA=", + "y": "T2eormdJGkwlziU5TQSOAY8L6xvEKPIrc48SbRfmwFY=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BNBGA9Jebdb9YWTwNJ2/qftdJqz5EboPRbkH9a60Na1qy65IMWKvtsnUW99815hzaAJbhsHWAc1Z1daKA8N9VIQ=", + "size": 256, + "type_name": "ECDH", + "x": "0EYD0l5t1v1hZPA0nb+p+10mrPkRug9FuQf1rrQ1rWo=", + "y": "y65IMWKvtsnUW99815hzaAJbhsHWAc1Z1daKA8N9VIQ=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "Xi5EWMosU8Y7vyOXPKftTV81N8aistatr53VKdH5sbA+pj4/jK+/HVFy75sutkOUnfbjTxUUgizCE7Sr2um0jlbvtqfyYk12SRn5nfcnCAcyYOZY0v1choDItbt4AmfAmWt4egDziZHB1jY3KsprmJ4Xw2r+dx52qIzd60S8u8ejCJvkYDG1s8Hb9wtDtaoan4a7ESPiafkMxBMYie+KpySpkosIctKCj8mf2/6Gry07w3jkLkJIlHCnnHbrFwo+DGVUqaE5QJZ+c7enqUkoT7p4HZrGY+wtB8Jmr9WkThN9S7KzhAngi8HrMQ/Q7LU2MPjW8IMan6GNGOGD+FgiVg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "eAM7huIdaQucAmG6AP1O/rUrkFC+R/Nhgrdogimycl7c3ax8M2zt9t4BnIv0pHwyNwy10pd2iyyOjMq9JrM/gqgIDwrJH0KO1/YlTbhAw5BzErsLhKRL+Iwcemkwmu7ROs3xfQTzfb0/4bdH6sgsWdID/wdQlKJ9AwLe3kOnRvX7B2yEiVr0DViyGoedeURrlBWABnqBHjJh65YsALW/v2BRHGDS/3GYB8JerUT5zgKIJUi7CX6xuHnsPkhr0ZVP15EnixTZJndeG59XDwi3voQ1LPtAeiYxm/dUKeZUcO6CIMjygO9XWfA8uX+EFAVlREnIDNN1LJSa9T/qxNl8dg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "DHE-RSA-AES256-GCM-SHA384" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "R30B+6pfyBax5WK1U1viUg+gSyfs4qtHmysXokpGPuUVW0YWHibOu4wJtGIBDHZTCOV/9UZZz9GMWXYhiRw7R63rMX+R3cp0PDzmEze8ll/BbN4gg2QUpKEenPcpf7RPdWsvVOGugZTmZCh0VjXAHLEAMYnIjmKJUml79q0gghTNjXo1GRw9G9mdQTMf+XSiWPoQP6NLnHNedpkeCW8ym1VjaoSNu+CqiIAsIGNMTsleRGMHMDVnkLq1qqVZlf8hY4TUt/qGXR7Axog/S+KdAmiZLsFhbthp1lz8Zn7JEfI8FWrcYQDdkyMQqY6b65s7MrRf5OEyGAK25USje5Mv/Q==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "DHE-RSA-AES256-SHA256" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "bjm4RoGZqDi0GKmpxQjP14XoyzRj2q0A2I9mfFmEjCc9Fl4oQrHN6lQuVWSgYXySyowV3GNGTR/jtl38Kzun7oJewSFSm1SbPypxuZvaUwJRE2ud7SIjY7SXQij7yvAdc1F9UvEVSkKSo89TsHd0eO+EBbr/l3hMUbZOvx0QWdmxhPfVRIVboEB2q56VFSCVPFdZwFCWHicDE3tpxY89plbCkwlkMnRRaFKkYvSyAFzwUzs/lCzbm8BO0dpJ3vI3uxMe0GzbjWbYB+wnjqsjck3gR1cyI9KfXKmCYo8RpPwodb1lbAVI85bMvhXE8DsSNvG5RxUKgPWcln0u8FaRMg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "F0puTQuaqJjsBnwneauzgCf2UA2svCqQYlhseV8wTZlqj9jJTQXsihylQs4NqceB9PREQa8ouRAlGUjDNv3K/EhMjjN0l2zK0x95X8qQOq8WJmJgSm+3tYyEmMyGHDPE7w2m62+OaCvKifDpPwO1ZQ8ACU7ih1HJZC6vVYL0q3SpIavRJ1HoncIAk6+4RhMM+qDTw5IeNeSo10L1+b0dkrVdxZyyienN4bUhk7c7b2Avo4x8xVZPTU3OpggIE8MyDDpfJEysBHeZ7BmF7kFJ9Km77EtFPaTRe/U+98uxSq0zIJrOiYQjAKdxL0esBR9xiifztDxwD1xc9SQ98aJpqg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "DHE-RSA-AES128-GCM-SHA256" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "ns7TjNYpqreZNvIhpgXbUcmt3YVFIMKEVuSMMvI6qnUom2uT+djERTRbV/eED8diE8IGN/Ab76CtQigvQBnWdc6midAMRYt4RjWPtJ3OQXaQEsd/QGShWt1E0Tf6RqaiV/pHnz8uH9M+9ZU/ZPPjI5RxFL93+/HDcXQFaBhyn4LL+F35pNPtbmsgWqE5TDrbJ810d5Sdjnye+HKs3RI4JpzsuaW8fjOKCf3SDUQUQ9bP4PahmxtgJ2CesR36s66jIe0nfB2FCVfoMbn5yR0OxKNuKw4klLShBlTceKnAtUgI91A9gZHwNoITTxj9Uq1vVQ7BjrtglKlUpcVFxgoWqw==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "DHE-RSA-AES128-SHA256" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "mTjij6Dlh1U9E6yEta410hmxsU0jOJiIzr1PL2cXqFonTv4X4V1u3aRMoxpaYlovm0e+bO/rQnjvt+HFi50y+BL6h39yq1p11pN0phtBTtTLGryp6UHcYYqv5ivdmR08YbUTqzS9Plq9b53TSerWRVw+Sfsxcb5YN35nbbeGR+r9qD0YVe19CNWj2nOYnALAfFQaUNyjwg0z7m5BZqIebVrICAgJPaWHnTFP+g/jsfwjjNaNhoQghIs8olvnl7K1lJOmn5RUi7bMbXZULZSElaEU9LtE24xLsKBRbfPJnpIUZcz6lKtzKgrMehnc26ZG5YT79vaAJi4sxmZLaSqjgg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "c2jtsIo2Ec7vkNvuHTXCL3GjPh5S9vahMDtBkvD2yOc5ZbCdt6UyfplimKTyYxKxXt+dSbo/9FW7zG0P/QBN7N5jL0jCgoCQSkqtOi9vAnBP2jdJuf6fafG+uluVSGVX4+t7Sn9tTObdYoC5VDOhNTrAzWXMJSCGNU5AQxcLAmpPZ5Of045g7R4ih5bc6nQiPW2MDeK+ZFdGP+sRlpl6CJLGG/VbmhKOUyf1SztdW/hOjthpmTyLJIr90Km34y6eQT3u/ZPnncbstelk3S+r8clj7EFQGGrl1MaeI5htiZMxVR3HLGSpxHDadWU8wUjdhbl6P280quSymTHBasu65g==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA256", + "openssl_name": "NULL-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_256_CCM_8", + "openssl_name": "AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CCM", + "openssl_name": "AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CCM_8", + "openssl_name": "AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CCM", + "openssl_name": "AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDH-RSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDH-RSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDH-RSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDH-RSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDH-ECDSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDH-ECDSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDH-ECDSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDH-ECDSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "ECDHE-RSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", + "openssl_name": "ECDHE-RSA-CAMELLIA256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "ECDHE-RSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ECDHE-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ECDHE-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "ECDHE-ECDSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", + "openssl_name": "ECDHE-ECDSA-CAMELLIA256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "ECDHE-ECDSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ECDHE-ECDSA-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ECDHE-ECDSA-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDHE-ECDSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", + "openssl_name": "ECDHE-ECDSA-AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", + "openssl_name": "ECDHE-ECDSA-AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDHE-ECDSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDHE-ECDSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", + "openssl_name": "ECDHE-ECDSA-AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", + "openssl_name": "ECDHE-ECDSA-AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDHE-ECDSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_GCM_SHA384", + "openssl_name": "ADH-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA256", + "openssl_name": "ADH-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_GCM_SHA256", + "openssl_name": "ADH-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA256", + "openssl_name": "ADH-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "DH-RSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "DH-RSA-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "DH-RSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "DH-RSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", + "openssl_name": "DH-DSS-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", + "openssl_name": "DH-DSS-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", + "openssl_name": "DH-DSS-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", + "openssl_name": "DH-DSS-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "DHE-RSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "DHE-RSA-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "DHE-RSA-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CCM_8", + "openssl_name": "DHE-RSA-AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CCM", + "openssl_name": "DHE-RSA-AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CCM_8", + "openssl_name": "DHE-RSA-AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CCM", + "openssl_name": "DHE-RSA-AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "DHE-DSS-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "DHE-DSS-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", + "openssl_name": "DHE-DSS-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", + "openssl_name": "DHE-DSS-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", + "openssl_name": "DHE-DSS-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", + "openssl_name": "DHE-DSS-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DHE-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_2" + }, + "status": "COMPLETED" + }, + "tls_1_3_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_CHACHA20_POLY1305_SHA256", + "openssl_name": "TLS_CHACHA20_POLY1305_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_AES_256_GCM_SHA384", + "openssl_name": "TLS_AES_256_GCM_SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_GCM_SHA256", + "openssl_name": "TLS_AES_128_GCM_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_CCM_SHA256", + "openssl_name": "TLS_AES_128_CCM_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_CCM_8_SHA256", + "openssl_name": "TLS_AES_128_CCM_8_SHA256" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_3" + }, + "status": "COMPLETED" + }, + "tls_1_3_early_data": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "tls_compression": { + "error_reason": null, + "error_trace": null, + "result": { + "supports_compression": false + }, + "status": "COMPLETED" + }, + "tls_fallback_scsv": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" } - ], - "sslyze_url": "https://github.com/nabla-c0d3/sslyze", - "sslyze_version": "5.0.0" -} \ No newline at end of file + }, + "scan_status": "COMPLETED", + "server_location": { + "connection_type": "DIRECT", + "hostname": "self-signed.badssl.com", + "http_proxy_settings": null, + "ip_address": "104.154.89.105", + "port": 443 + }, + "uuid": "038dfa44-d30d-413b-9a1b-c78a4d666581" + } + ], + "sslyze_url": "https://github.com/nabla-c0d3/sslyze", + "sslyze_version": "5.0.0" +} diff --git a/scanners/sslyze/parser/__testFiles__/tls-v1-0.badssl.com_1010.json b/scanners/sslyze/parser/__testFiles__/tls-v1-0.badssl.com_1010.json index e1c6d1eaae..450cdad98e 100644 --- a/scanners/sslyze/parser/__testFiles__/tls-v1-0.badssl.com_1010.json +++ b/scanners/sslyze/parser/__testFiles__/tls-v1-0.badssl.com_1010.json @@ -1,6524 +1,6503 @@ { - "date_scans_completed": "2021-12-22T13:00:24.567663", - "date_scans_started": "2021-12-22T12:59:34.769273", - "server_scan_results": [ - { - "connectivity_error_trace": null, - "connectivity_result": { - "cipher_suite_supported": "ECDHE-RSA-AES128-GCM-SHA256", - "client_auth_requirement": "DISABLED", - "highest_tls_version_supported": "TLS_1_2", - "supports_ecdh_key_exchange": true - }, - "connectivity_status": "COMPLETED", - "network_configuration": { - "network_max_retries": 3, - "network_timeout": 5, - "tls_client_auth_credentials": null, - "tls_opportunistic_encryption": null, - "tls_server_name_indication": "tls-v1-0.badssl.com", - "xmpp_to_hostname": null - }, - "scan_result": { - "certificate_info": { - "error_reason": null, - "error_trace": null, - "result": { - "certificate_deployments": [ - { - "leaf_certificate_has_must_staple_extension": false, - "leaf_certificate_is_ev": false, - "leaf_certificate_signed_certificate_timestamps_count": 3, - "leaf_certificate_subject_matches_hostname": true, - "ocsp_response": null, - "ocsp_response_is_trusted": null, - "path_validation_results": [ - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Android", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/google_aosp.pem", - "version": "12.0.0_r3" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", - "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", - "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-05-17T12:00:00", - "not_valid_before": "2020-03-23T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 - }, - "serial_number": 14540638993096550868240433790861531645, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=Walnut Creek", - "value": "Walnut Creek" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Lucas Garron Torres", - "value": "Lucas Garron Torres" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.badssl.com", - "value": "*.badssl.com" - } - ], - "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" - }, - "subject_alternative_name": { - "dns": [ - "*.badssl.com", - "badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", - "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", - "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-03-08T12:00:00", - "not_valid_before": "2013-03-08T12:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 - }, - "serial_number": 2646203786665923649276728595390119057, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", - "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", - "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2031-11-10T00:00:00", - "not_valid_before": "2006-11-10T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 - }, - "serial_number": 10944719598952040374951832963794454346, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Apple", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/apple.pem", - "version": "iOS 15, iPadOS 15, macOS 12, tvOS 15, and watchOS 8" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", - "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", - "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-05-17T12:00:00", - "not_valid_before": "2020-03-23T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 - }, - "serial_number": 14540638993096550868240433790861531645, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=Walnut Creek", - "value": "Walnut Creek" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Lucas Garron Torres", - "value": "Lucas Garron Torres" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.badssl.com", - "value": "*.badssl.com" - } - ], - "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" - }, - "subject_alternative_name": { - "dns": [ - "*.badssl.com", - "badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", - "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", - "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-03-08T12:00:00", - "not_valid_before": "2013-03-08T12:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 - }, - "serial_number": 2646203786665923649276728595390119057, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", - "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", - "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2031-11-10T00:00:00", - "not_valid_before": "2006-11-10T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 - }, - "serial_number": 10944719598952040374951832963794454346, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Java", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/oracle_java.pem", - "version": "jdk-13.0.2" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", - "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", - "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-05-17T12:00:00", - "not_valid_before": "2020-03-23T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 - }, - "serial_number": 14540638993096550868240433790861531645, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=Walnut Creek", - "value": "Walnut Creek" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Lucas Garron Torres", - "value": "Lucas Garron Torres" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.badssl.com", - "value": "*.badssl.com" - } - ], - "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" - }, - "subject_alternative_name": { - "dns": [ - "*.badssl.com", - "badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", - "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", - "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-03-08T12:00:00", - "not_valid_before": "2013-03-08T12:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 - }, - "serial_number": 2646203786665923649276728595390119057, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", - "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", - "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2031-11-10T00:00:00", - "not_valid_before": "2006-11-10T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 - }, - "serial_number": 10944719598952040374951832963794454346, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": [ - { - "dotted_string": "1.2.276.0.44.1.1.1.4", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.392.200091.100.721.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.40.0.17.1.22", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.616.1.113527.2.5.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.159.1.17.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.13177.10.1.3.10", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14370.1.6", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14777.6.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14777.6.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.14.2.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.14.2.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.8.12.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.8.12.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.22234.2.5.2.3.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.23223.1.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.29836.1.10", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.3", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.4", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.36305.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.40869.1.1.22.3", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.4146.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.4788.2.202.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.6334.1.100.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.6449.1.2.1.5.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.782.1.2.1.8.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.7879.13.24.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.8024.0.2.100.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.156.112554.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.528.1.1003.1.2.7", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.578.1.26.1.3.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.756.1.83.21.0", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.756.1.89.1.2.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.792.3.0.3.1.1.5", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.792.3.0.4.1.1.4", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.113733.1.7.23.6", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.113733.1.7.48.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114028.10.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114171.500.9", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114404.1.1.2.4.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114412.2.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114413.1.7.23.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114414.1.7.23.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114414.1.7.24.3", - "name": "Unknown OID" - } - ], - "name": "Mozilla", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/mozilla_nss.pem", - "version": "2021-09-25" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", - "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", - "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-05-17T12:00:00", - "not_valid_before": "2020-03-23T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 - }, - "serial_number": 14540638993096550868240433790861531645, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=Walnut Creek", - "value": "Walnut Creek" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Lucas Garron Torres", - "value": "Lucas Garron Torres" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.badssl.com", - "value": "*.badssl.com" - } - ], - "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" - }, - "subject_alternative_name": { - "dns": [ - "*.badssl.com", - "badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", - "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", - "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-03-08T12:00:00", - "not_valid_before": "2013-03-08T12:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 - }, - "serial_number": 2646203786665923649276728595390119057, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", - "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", - "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2031-11-10T00:00:00", - "not_valid_before": "2006-11-10T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 - }, - "serial_number": 10944719598952040374951832963794454346, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Windows", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/microsoft_windows.pem", - "version": "2021-09-25" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", - "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", - "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-05-17T12:00:00", - "not_valid_before": "2020-03-23T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 - }, - "serial_number": 14540638993096550868240433790861531645, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=Walnut Creek", - "value": "Walnut Creek" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Lucas Garron Torres", - "value": "Lucas Garron Torres" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.badssl.com", - "value": "*.badssl.com" - } - ], - "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" - }, - "subject_alternative_name": { - "dns": [ - "*.badssl.com", - "badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", - "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", - "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-03-08T12:00:00", - "not_valid_before": "2013-03-08T12:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 - }, - "serial_number": 2646203786665923649276728595390119057, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", - "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", - "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2031-11-10T00:00:00", - "not_valid_before": "2006-11-10T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 - }, - "serial_number": 10944719598952040374951832963794454346, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - } - ], - "received_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", - "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", - "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-05-17T12:00:00", - "not_valid_before": "2020-03-23T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 - }, - "serial_number": 14540638993096550868240433790861531645, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=Walnut Creek", - "value": "Walnut Creek" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Lucas Garron Torres", - "value": "Lucas Garron Torres" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.badssl.com", - "value": "*.badssl.com" - } - ], - "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" - }, - "subject_alternative_name": { - "dns": [ - "*.badssl.com", - "badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", - "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", - "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-03-08T12:00:00", - "not_valid_before": "2013-03-08T12:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 - }, - "serial_number": 2646203786665923649276728595390119057, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "received_chain_contains_anchor_certificate": false, - "received_chain_has_valid_order": true, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", - "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", - "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-05-17T12:00:00", - "not_valid_before": "2020-03-23T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 - }, - "serial_number": 14540638993096550868240433790861531645, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=Walnut Creek", - "value": "Walnut Creek" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Lucas Garron Torres", - "value": "Lucas Garron Torres" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.badssl.com", - "value": "*.badssl.com" - } - ], - "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" - }, - "subject_alternative_name": { - "dns": [ - "*.badssl.com", - "badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", - "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", - "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-03-08T12:00:00", - "not_valid_before": "2013-03-08T12:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 - }, - "serial_number": 2646203786665923649276728595390119057, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", - "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", - "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2031-11-10T00:00:00", - "not_valid_before": "2006-11-10T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 - }, - "serial_number": 10944719598952040374951832963794454346, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "verified_chain_has_legacy_symantec_anchor": false, - "verified_chain_has_sha1_signature": false + "date_scans_completed": "2021-12-22T13:00:24.567663", + "date_scans_started": "2021-12-22T12:59:34.769273", + "server_scan_results": [ + { + "connectivity_error_trace": null, + "connectivity_result": { + "cipher_suite_supported": "ECDHE-RSA-AES128-GCM-SHA256", + "client_auth_requirement": "DISABLED", + "highest_tls_version_supported": "TLS_1_2", + "supports_ecdh_key_exchange": true + }, + "connectivity_status": "COMPLETED", + "network_configuration": { + "network_max_retries": 3, + "network_timeout": 5, + "tls_client_auth_credentials": null, + "tls_opportunistic_encryption": null, + "tls_server_name_indication": "tls-v1-0.badssl.com", + "xmpp_to_hostname": null + }, + "scan_result": { + "certificate_info": { + "error_reason": null, + "error_trace": null, + "result": { + "certificate_deployments": [ + { + "leaf_certificate_has_must_staple_extension": false, + "leaf_certificate_is_ev": false, + "leaf_certificate_signed_certificate_timestamps_count": 3, + "leaf_certificate_subject_matches_hostname": true, + "ocsp_response": null, + "ocsp_response_is_trusted": null, + "path_validation_results": [ + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Android", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/google_aosp.pem", + "version": "12.0.0_r3" + }, + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", + "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", + "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2022-05-17T12:00:00", + "not_valid_before": "2020-03-23T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 + }, + "serial_number": 14540638993096550868240433790861531645, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=Walnut Creek", + "value": "Walnut Creek" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Lucas Garron Torres", + "value": "Lucas Garron Torres" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.badssl.com", + "value": "*.badssl.com" + } + ], + "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" + }, + "subject_alternative_name": { + "dns": ["*.badssl.com", "badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", + "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", + "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" } - ], - "hostname_used_for_server_name_indication": "tls-v1-0.badssl.com" + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-03-08T12:00:00", + "not_valid_before": "2013-03-08T12:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 + }, + "serial_number": 2646203786665923649276728595390119057, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", + "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", + "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2031-11-10T00:00:00", + "not_valid_before": "2006-11-10T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 + }, + "serial_number": 10944719598952040374951832963794454346, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Apple", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/apple.pem", + "version": "iOS 15, iPadOS 15, macOS 12, tvOS 15, and watchOS 8" }, - "status": "COMPLETED" - }, - "elliptic_curves": { - "error_reason": null, - "error_trace": null, - "result": { - "rejected_curves": [ - { - "name": "X25519", - "openssl_nid": 1034 - }, - { - "name": "X448", - "openssl_nid": 1035 - }, - { - "name": "prime192v1", - "openssl_nid": 409 - }, - { - "name": "secp160k1", - "openssl_nid": 708 - }, - { - "name": "secp160r1", - "openssl_nid": 709 - }, - { - "name": "secp160r2", - "openssl_nid": 710 - }, - { - "name": "secp192k1", - "openssl_nid": 711 - }, - { - "name": "secp224k1", - "openssl_nid": 712 - }, - { - "name": "secp224r1", - "openssl_nid": 713 - }, - { - "name": "secp256k1", - "openssl_nid": 714 - }, - { - "name": "secp384r1", - "openssl_nid": 715 - }, - { - "name": "secp521r1", - "openssl_nid": 716 - }, - { - "name": "sect163k1", - "openssl_nid": 721 - }, - { - "name": "sect163r1", - "openssl_nid": 722 - }, - { - "name": "sect163r2", - "openssl_nid": 723 - }, - { - "name": "sect193r1", - "openssl_nid": 724 - }, - { - "name": "sect193r2", - "openssl_nid": 725 - }, - { - "name": "sect233k1", - "openssl_nid": 726 - }, - { - "name": "sect233r1", - "openssl_nid": 727 - }, - { - "name": "sect239k1", - "openssl_nid": 728 - }, - { - "name": "sect283k1", - "openssl_nid": 729 - }, - { - "name": "sect283r1", - "openssl_nid": 730 - }, - { - "name": "sect409k1", - "openssl_nid": 731 - }, - { - "name": "sect409r1", - "openssl_nid": 732 - }, - { - "name": "sect571k1", - "openssl_nid": 733 - }, - { - "name": "sect571r1", - "openssl_nid": 734 + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", + "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", + "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" } - ], - "supported_curves": [ - { - "name": "prime256v1", - "openssl_nid": 415 + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2022-05-17T12:00:00", + "not_valid_before": "2020-03-23T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 + }, + "serial_number": 14540638993096550868240433790861531645, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=Walnut Creek", + "value": "Walnut Creek" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Lucas Garron Torres", + "value": "Lucas Garron Torres" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.badssl.com", + "value": "*.badssl.com" + } + ], + "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" + }, + "subject_alternative_name": { + "dns": ["*.badssl.com", "badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", + "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", + "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-03-08T12:00:00", + "not_valid_before": "2013-03-08T12:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 + }, + "serial_number": 2646203786665923649276728595390119057, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", + "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", + "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2031-11-10T00:00:00", + "not_valid_before": "2006-11-10T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 + }, + "serial_number": 10944719598952040374951832963794454346, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" } - ], - "supports_ecdh_key_exchange": true + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Java", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/oracle_java.pem", + "version": "jdk-13.0.2" }, - "status": "COMPLETED" - }, - "heartbleed": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_heartbleed": false + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", + "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", + "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2022-05-17T12:00:00", + "not_valid_before": "2020-03-23T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 + }, + "serial_number": 14540638993096550868240433790861531645, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=Walnut Creek", + "value": "Walnut Creek" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Lucas Garron Torres", + "value": "Lucas Garron Torres" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.badssl.com", + "value": "*.badssl.com" + } + ], + "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" + }, + "subject_alternative_name": { + "dns": ["*.badssl.com", "badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", + "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", + "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-03-08T12:00:00", + "not_valid_before": "2013-03-08T12:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 + }, + "serial_number": 2646203786665923649276728595390119057, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", + "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", + "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2031-11-10T00:00:00", + "not_valid_before": "2006-11-10T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 + }, + "serial_number": 10944719598952040374951832963794454346, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": [ + { + "dotted_string": "1.2.276.0.44.1.1.1.4", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.392.200091.100.721.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.40.0.17.1.22", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.616.1.113527.2.5.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.159.1.17.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.13177.10.1.3.10", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14370.1.6", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14777.6.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14777.6.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.14.2.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.14.2.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.8.12.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.8.12.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.22234.2.5.2.3.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.23223.1.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.29836.1.10", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.3", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.4", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.36305.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.40869.1.1.22.3", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.4146.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.4788.2.202.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.6334.1.100.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.6449.1.2.1.5.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.782.1.2.1.8.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.7879.13.24.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.8024.0.2.100.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.156.112554.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.528.1.1003.1.2.7", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.578.1.26.1.3.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.756.1.83.21.0", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.756.1.89.1.2.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.792.3.0.3.1.1.5", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.792.3.0.4.1.1.4", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.113733.1.7.23.6", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.113733.1.7.48.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114028.10.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114171.500.9", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114404.1.1.2.4.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114412.2.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114413.1.7.23.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114414.1.7.23.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114414.1.7.24.3", + "name": "Unknown OID" + } + ], + "name": "Mozilla", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/mozilla_nss.pem", + "version": "2021-09-25" }, - "status": "COMPLETED" - }, - "http_headers": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "openssl_ccs_injection": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_ccs_injection": false + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", + "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", + "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2022-05-17T12:00:00", + "not_valid_before": "2020-03-23T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 + }, + "serial_number": 14540638993096550868240433790861531645, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=Walnut Creek", + "value": "Walnut Creek" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Lucas Garron Torres", + "value": "Lucas Garron Torres" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.badssl.com", + "value": "*.badssl.com" + } + ], + "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" + }, + "subject_alternative_name": { + "dns": ["*.badssl.com", "badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", + "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", + "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-03-08T12:00:00", + "not_valid_before": "2013-03-08T12:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 + }, + "serial_number": 2646203786665923649276728595390119057, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", + "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", + "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2031-11-10T00:00:00", + "not_valid_before": "2006-11-10T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 + }, + "serial_number": 10944719598952040374951832963794454346, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Windows", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/microsoft_windows.pem", + "version": "2021-09-25" }, - "status": "COMPLETED" - }, - "robot": { - "error_reason": null, - "error_trace": null, - "result": { - "robot_result": "NOT_VULNERABLE_NO_ORACLE" + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", + "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", + "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2022-05-17T12:00:00", + "not_valid_before": "2020-03-23T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 + }, + "serial_number": 14540638993096550868240433790861531645, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=Walnut Creek", + "value": "Walnut Creek" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Lucas Garron Torres", + "value": "Lucas Garron Torres" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.badssl.com", + "value": "*.badssl.com" + } + ], + "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" + }, + "subject_alternative_name": { + "dns": ["*.badssl.com", "badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", + "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", + "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-03-08T12:00:00", + "not_valid_before": "2013-03-08T12:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 + }, + "serial_number": 2646203786665923649276728595390119057, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", + "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", + "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2031-11-10T00:00:00", + "not_valid_before": "2006-11-10T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 + }, + "serial_number": 10944719598952040374951832963794454346, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + } + ], + "received_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", + "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", + "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" }, - "status": "COMPLETED" - }, - "session_renegotiation": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_client_renegotiation_dos": false, - "supports_secure_renegotiation": true + "not_valid_after": "2022-05-17T12:00:00", + "not_valid_before": "2020-03-23T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 }, - "status": "COMPLETED" - }, - "session_resumption": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "ssl_2_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_RC4_128_WITH_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "SSL_CK_RC4_128_EXPORT40_WITH_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_RC2_128_CBC_WITH_MD5", - "openssl_name": "RC2-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_IDEA_128_CBC_WITH_MD5", - "openssl_name": "IDEA-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "SSL_CK_DES_64_CBC_WITH_MD5", - "openssl_name": "DES-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "SSL_CK_DES_192_EDE3_CBC_WITH_MD5", - "openssl_name": "DES-CBC3-MD5" - }, - "error_message": "Server rejected the connection" - } - ], - "tls_version_used": "SSL_2_0" + "serial_number": 14540638993096550868240433790861531645, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" }, - "status": "COMPLETED" - }, - "ssl_3_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "Connection to server timed out during the TLS handshake" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "SSL_3_0" + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" }, - "status": "COMPLETED" - }, - "tls_1_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BDlEGogmc0/J/bmje2uxPXw3wBZADOxa3gsEGMY+7hPsGg41HYtSx6NgbBBGupDH8L0lGZP5WTmf4+Apt6PqcpQ=", - "size": 256, - "type_name": "ECDH", - "x": "OUQaiCZzT8n9uaN7a7E9fDfAFkAM7FreCwQYxj7uE+w=", - "y": "Gg41HYtSx6NgbBBGupDH8L0lGZP5WTmf4+Apt6PqcpQ=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BKerjmxZgSQ0MmquhjRxz67raf6wX1+DJUj+IUmhQqxBAI+dS0St02uVc5xTYhjBL0QTFOSbFaMSHaK7SGgP5ek=", - "size": 256, - "type_name": "ECDH", - "x": "p6uObFmBJDQyaq6GNHHPrutp/rBfX4MlSP4hSaFCrEE=", - "y": "j51LRK3Ta5VznFNiGMEvRBMU5JsVoxIdortIaA/l6Q==" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BIfTTPGViBj/CRMwYmn3go1GJSyymAyedFboq4/IMQ/p8LN4iwbXCJidAiDRuyBcNmUvhevd9DmmZkTtP1zeJmc=", - "size": 256, - "type_name": "ECDH", - "x": "h9NM8ZWIGP8JEzBiafeCjUYlLLKYDJ50Vuirj8gxD+k=", - "y": "8LN4iwbXCJidAiDRuyBcNmUvhevd9DmmZkTtP1zeJmc=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "bP1/Q1WMazA241BIbG6FxW6bocLADQIRLe6hZ878ikMbnYSc6Zu80ftSrdWYWv6hDcqg0LJ+IpOosNJp2rbg9ghWH3KKzfjli6x2M3+JRM2W+0FF6ZHm8b5iqRhm+ZrpRz8aKr8kMyP6wwA2qgNbTrGSBl7EipaMHWS+x3KE1eRD/k0pX+kmNGxo9L7v4sRWNxAF6cX3yWD7xFmako+PzjVfCoiLeyAvZwXqYNqJTs5o/FD+7NdQk0t3vI7r9bCHpqrbJ1dNTGma4+8LCCrdj5RIIhkIgvGkEpClt1d7xq/AIJxI2sbzGLCk0ui8hx0R8dIWJ8D4soGW/o/bYLNzjQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "OM4fOd3faTQZmpvReoPk9N46v425WI99cr0tvXw/PBFAsLj2RDoOW3PuMX4yAyidJKQeQzpAb+Gjyal5meoL6DzD0DyiXlSnwddVzlFSfWrhEolPUCXhcs7tJ/LaclqTZ+zrxv1SLsWDhdSPY0MC+sMXAQfHcIwXbaPA0h8IjAwmJFMe8rVhrz/LeZRm7ANgJ7XTsMw1Qkxlka+ZGxYZnIf+VPtR4Lyc9TG+XsKZILUJhE//bHYkGejtPd85QnCkSPmE6k8waM+WUDdFk/FcfDK5oqg+I/mfhoTiJOpXzKWfM87JLhURYu6dQioDjbNmCrRvxVaajH1ejLxMmu2+qg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "SnGWM3drfk1YkyCQK+4Y/MURI4EzATT4MbrGOt5ZscH64etTw18px0Qy5hFSW8uE/zLNymnA3dr9tYkzK0tDTLUia47RyPn3Kk66l4OBX9hUDRFTz74PzHrNcQvXr5QwOaxZXJtAsMixUfDXyRMwiDn01hRE8QANfLknmtUNQQCYMyESR0v2wpUfABb+66/Nd7LQty8Gz4mvzd/GuPk3SBid04BO6BLAttdz4tB7b26jUBskUoD1yVTRTUcbJVdPqeET15kSwnoLI6RfYWqhycrPmkCik2XuRR4s0BkcvwTjdiCQca7SPbYgDNLaWeqtByk5+dWId0FeMLy7Wgf9Kw==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "IZ6liiR8kWPIs9AFlwfGVJp7UZloIFkkeekupAPeZqwpbmQ5Q6SJbp/SUsxbXB+VsF/1FCu9uYMES/jPXyVsnYEl5lgaOLbsWVCDefjb1m/rQrWjszyWT2shKWWDhjim38aCxHsvrOWX8QKB85NVXVERGRY5D23EdowBuJDsgX2nb63FsZ5mG/DSup4dfv+raeXOycLwQyyilIOGDTtgCJ/KCflkeVt2PRp6VgKZ2WT0jaT1upk5nkGrhiznYaZaKiZNNLWJ2kaJQWWABdolMRwmPE4j5sQiwf5eExm18uULFQqrux4XXyFis2bPalzo7XgJkAQLzM5DW/4iuL9bPA==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_0" + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=Walnut Creek", + "value": "Walnut Creek" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Lucas Garron Torres", + "value": "Lucas Garron Torres" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.badssl.com", + "value": "*.badssl.com" + } + ], + "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" + }, + "subject_alternative_name": { + "dns": ["*.badssl.com", "badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", + "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", + "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-03-08T12:00:00", + "not_valid_before": "2013-03-08T12:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 + }, + "serial_number": 2646203786665923649276728595390119057, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "received_chain_contains_anchor_certificate": false, + "received_chain_has_valid_order": true, + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", + "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", + "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2022-05-17T12:00:00", + "not_valid_before": "2020-03-23T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 + }, + "serial_number": 14540638993096550868240433790861531645, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=Walnut Creek", + "value": "Walnut Creek" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Lucas Garron Torres", + "value": "Lucas Garron Torres" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.badssl.com", + "value": "*.badssl.com" + } + ], + "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" + }, + "subject_alternative_name": { + "dns": ["*.badssl.com", "badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", + "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", + "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-03-08T12:00:00", + "not_valid_before": "2013-03-08T12:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 + }, + "serial_number": 2646203786665923649276728595390119057, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" }, - "status": "COMPLETED" + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", + "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", + "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2031-11-10T00:00:00", + "not_valid_before": "2006-11-10T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 + }, + "serial_number": 10944719598952040374951832963794454346, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "verified_chain_has_legacy_symantec_anchor": false, + "verified_chain_has_sha1_signature": false + } + ], + "hostname_used_for_server_name_indication": "tls-v1-0.badssl.com" + }, + "status": "COMPLETED" + }, + "elliptic_curves": { + "error_reason": null, + "error_trace": null, + "result": { + "rejected_curves": [ + { + "name": "X25519", + "openssl_nid": 1034 + }, + { + "name": "X448", + "openssl_nid": 1035 + }, + { + "name": "prime192v1", + "openssl_nid": 409 + }, + { + "name": "secp160k1", + "openssl_nid": 708 + }, + { + "name": "secp160r1", + "openssl_nid": 709 + }, + { + "name": "secp160r2", + "openssl_nid": 710 + }, + { + "name": "secp192k1", + "openssl_nid": 711 + }, + { + "name": "secp224k1", + "openssl_nid": 712 + }, + { + "name": "secp224r1", + "openssl_nid": 713 + }, + { + "name": "secp256k1", + "openssl_nid": 714 + }, + { + "name": "secp384r1", + "openssl_nid": 715 + }, + { + "name": "secp521r1", + "openssl_nid": 716 + }, + { + "name": "sect163k1", + "openssl_nid": 721 + }, + { + "name": "sect163r1", + "openssl_nid": 722 + }, + { + "name": "sect163r2", + "openssl_nid": 723 + }, + { + "name": "sect193r1", + "openssl_nid": 724 + }, + { + "name": "sect193r2", + "openssl_nid": 725 + }, + { + "name": "sect233k1", + "openssl_nid": 726 + }, + { + "name": "sect233r1", + "openssl_nid": 727 + }, + { + "name": "sect239k1", + "openssl_nid": 728 + }, + { + "name": "sect283k1", + "openssl_nid": 729 + }, + { + "name": "sect283r1", + "openssl_nid": 730 + }, + { + "name": "sect409k1", + "openssl_nid": 731 + }, + { + "name": "sect409r1", + "openssl_nid": 732 + }, + { + "name": "sect571k1", + "openssl_nid": 733 + }, + { + "name": "sect571r1", + "openssl_nid": 734 + } + ], + "supported_curves": [ + { + "name": "prime256v1", + "openssl_nid": 415 + } + ], + "supports_ecdh_key_exchange": true + }, + "status": "COMPLETED" + }, + "heartbleed": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_heartbleed": false + }, + "status": "COMPLETED" + }, + "http_headers": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "openssl_ccs_injection": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_ccs_injection": false + }, + "status": "COMPLETED" + }, + "robot": { + "error_reason": null, + "error_trace": null, + "result": { + "robot_result": "NOT_VULNERABLE_NO_ORACLE" + }, + "status": "COMPLETED" + }, + "session_renegotiation": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_client_renegotiation_dos": false, + "supports_secure_renegotiation": true + }, + "status": "COMPLETED" + }, + "session_resumption": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "ssl_2_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_RC4_128_WITH_MD5", + "openssl_name": "RC4-MD5" }, - "tls_1_1_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BK7hl7EcfLYxU10qC4ZqwnzXKdWhiKAgUAndoEK+bYF53nmfqGtEmgQBvNDs+y0MeP3NPZx0OUl1/D2C5rSq5/w=", - "size": 256, - "type_name": "ECDH", - "x": "ruGXsRx8tjFTXSoLhmrCfNcp1aGIoCBQCd2gQr5tgXk=", - "y": "3nmfqGtEmgQBvNDs+y0MeP3NPZx0OUl1/D2C5rSq5/w=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BDpeDvsDAkdq6bf47Nd9f9ExvI5hNmrtKRcWCzZx+2K+Mrtg6iYgCyIOcC9i8YSBUkFuICHTYBAmhbiZQ3r+rMk=", - "size": 256, - "type_name": "ECDH", - "x": "Ol4O+wMCR2rpt/js131/0TG8jmE2au0pFxYLNnH7Yr4=", - "y": "Mrtg6iYgCyIOcC9i8YSBUkFuICHTYBAmhbiZQ3r+rMk=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BJWGi+d+IKImqrDjdpqFbOMX3wl0fmvTmG0EGkwTciuXmtNnty0VeIfQ3bBhHXR13zc2X9EmwABxRAosT4jPu4o=", - "size": 256, - "type_name": "ECDH", - "x": "lYaL534goiaqsON2moVs4xffCXR+a9OYbQQaTBNyK5c=", - "y": "mtNnty0VeIfQ3bBhHXR13zc2X9EmwABxRAosT4jPu4o=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "HMyhVP+8Qhox681553fpRRHECnGGsf+C9xATQJ2bZATlGCHzcvMHTq9dqC8MrgDPmJQcnhK6YmJY4ZM0lruXV1fDtGZlfROXX/HHQIJLQJ+FBA2UiMLpa+30StaS8FX4m+WXEJTpDIoG5TSz60y92vm28uxpxT23WcXPW+YA5U3UTK7YX9eSL1ooq6mnEtKRmHrfkW0tqaTtQ389JIM7LneD3H54+Iksh0r7FOF++U4bLllUomDc2F7eMDLl5OPRmmE39DglNhCZO8XvYGGSjpvYQAdPzV1bstS/K2r/sdNVTPAYyxHcu0R9rlU52ZP/OgipXIf7dxjJRXV1sjSsxw==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "lXIX3bX3bPc06GLf8RQL6zbadB2jAslqLl9nhHTn3a1kiuJRdICFfyGZs3D8D6IBUykKTcqgTV0XT2pI8dpQpLxU4w/gjs8flCPlNSCGpEd60YzUkzTJX6GfItbtX2XIDjJd83hYQB2fTMuQ6gwweNOTcnJ/UeWleqhClG2C43euj0e4VdRVX73je9UAMR+HMBkGYSV+NpqgicairKztj8AxUS6Cv5z1/LczSbVR6juiGZ7x9eOC0eZKxHrmTnao+wXUG4eQNbzYbMwxLYnhCeqTM8wJYnxuqE02GI7LL/cr16eIY2PX1KL+zD/e20YcofiNLnAxOx5VidqahDBUyQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "tgA+CaN1SFFiyzxmWv0vIEBbauroboJYdBdgG9hPMzYXD05l1ZUcvBqkaCSU7Nyk3FnYjigIa9OVxS3zDTEwvvdgSTC5+4TCxkgRZdtB+LYMGlFm+yeDfjOIqaDs589Kyo57K95V1FHE6si2QJ9f7C97JA+q+5QELUvgo/rvU+48+FW6/KLUTMhYLbghFilRHnMPbd4PNJBoxR9Cwdafr54mUOkj2jVULbCP4Kro+2WcsrgOnJWMr3/fj4jB3qngpKAhW6YzVio4zFmZf2hLtX2IZ1UaIhZixjXi4c7ewvP7wc83ZO+rvhrLH2PLUlAdtdpEHAfX3lQpkZewU3Y16Q==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "P6gaQ0TaSJ0YLJ51ltqZlQl3x6NnJfvuU5ymzrEqBPcDmNfZC9VKqoJRtJmWsiLJ1S8z99UB+yqclBJRsbQJbD+H0kJA8/xXtYEUypQAyEOzM3MJgcDUQ/L7SqHYD+a5eYpy9zoRfHWtFRH0uBZU8evUOoqIjV4R0FxaxcYltcSVbjknC5mMCf3Qjb5Fg1iGEXnwCikYSmAt+6X16LMbGGuzaZMuUyqU4Ee9K6NCTIj4k3ZpgeSKs72/7TOy0q8C87xlpOhAYCHRb6LAOw8xJlJvIviIbfiu6iAZFrdyX6VN/2laqmzcSqPfst9mktsMaRUak1AzXq1E5wrDhl2aeQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_1" - }, - "status": "COMPLETED" + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "SSL_CK_RC4_128_EXPORT40_WITH_MD5", + "openssl_name": "EXP-RC4-MD5" }, - "tls_1_2_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "AES256-GCM-SHA384" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "AES256-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "AES128-GCM-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "AES128-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDHE-RSA-AES256-GCM-SHA384" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BMBUPXD2SzGChhwJ/gRaEx5hiI7uZPGbxVa0BI+ciE2/jyy3G+yQamQJHEIBW7mQvqWjMgCVkOuYMCYIeUW89uw=", - "size": 256, - "type_name": "ECDH", - "x": "wFQ9cPZLMYKGHAn+BFoTHmGIju5k8ZvFVrQEj5yITb8=", - "y": "jyy3G+yQamQJHEIBW7mQvqWjMgCVkOuYMCYIeUW89uw=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDHE-RSA-AES256-SHA384" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BA8NmJUHuaFNJkrFv/CNZt+2EPaml2pDuCzk4NSkKdhvB5YSAABtmAnckOKI00CGnFR2FwKjI3XQTEowPVeq5Qw=", - "size": 256, - "type_name": "ECDH", - "x": "Dw2YlQe5oU0mSsW/8I1m37YQ9qaXakO4LOTg1KQp2G8=", - "y": "B5YSAABtmAnckOKI00CGnFR2FwKjI3XQTEowPVeq5Qw=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BP9S1JUWRiUftVZmlol4bhCCc2LujCiRScc3BFqjO1T2LiezOA/o8+UW40pAJ8hZGTxweuUzt+BDsb42suTFk00=", - "size": 256, - "type_name": "ECDH", - "x": "/1LUlRZGJR+1VmaWiXhuEIJzYu6MKJFJxzcEWqM7VPY=", - "y": "LiezOA/o8+UW40pAJ8hZGTxweuUzt+BDsb42suTFk00=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDHE-RSA-AES128-GCM-SHA256" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BLux7KVHgu20vlGachmGKCfekZmI0B5suuY2nvkjMf/p70AQJAb3PU9BZhmO3vs8BxIHKgejW8ds7eTSUPjruKc=", - "size": 256, - "type_name": "ECDH", - "x": "u7HspUeC7bS+UZpyGYYoJ96RmYjQHmy65jae+SMx/+k=", - "y": "70AQJAb3PU9BZhmO3vs8BxIHKgejW8ds7eTSUPjruKc=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDHE-RSA-AES128-SHA256" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BJgg0Kd8N7/dLuwN7dfH75bVlIL4hWezBVSJS03BtNk6HaUsBAx1bVWWaXn71NZrWsGVlpjcVXqDrBBfoXACpn4=", - "size": 256, - "type_name": "ECDH", - "x": "mCDQp3w3v90u7A3t18fvltWUgviFZ7MFVIlLTcG02To=", - "y": "HaUsBAx1bVWWaXn71NZrWsGVlpjcVXqDrBBfoXACpn4=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BPrP7ZEl5Q/V4uKdPnjEbwLozjNtUcmYEqIhnvl2qNaILM9JI0ybAiK9fLeQH76kLVh/HywgT4YP604cCHo6xeY=", - "size": 256, - "type_name": "ECDH", - "x": "+s/tkSXlD9Xi4p0+eMRvAujOM21RyZgSoiGe+Xao1og=", - "y": "LM9JI0ybAiK9fLeQH76kLVh/HywgT4YP604cCHo6xeY=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BJqzJrOWuEJzgEF8TOQTu6+dnDfhOMy885ufK0u+ChV8QkHEYbEuEiyxYe+T6Y3yIk6/d09Xkq2CwhThG9oi86I=", - "size": 256, - "type_name": "ECDH", - "x": "mrMms5a4QnOAQXxM5BO7r52cN+E4zLzzm58rS74KFXw=", - "y": "QkHEYbEuEiyxYe+T6Y3yIk6/d09Xkq2CwhThG9oi86I=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "NdUBqKVUYH1A4Wvi6KdmIQd4Y6E88IDpKATbzN5mUXt505Ohr/5iEbpzpuWDejn3ypX7QmeUJwjmG9+T1c4AIT6ELOch1nfjTcK0jlpXHkXPci9smkZuF5d0f0s27DCuJDSo9QoV2ozvnMW2PbmkKHhTj2g3z9anAo1P2Sxo+d20EwJKq8sdmruznxUFD24a+IqKzlicCODr27glqFuvtAVqzOXYFwnzYs3fNerrBvnCPeA5FSTKRPNLWhRSoyaC2K7ERtErve9C5sX2wb4fKiO6h39/vIaIFg7tezRCxj2WBt0R4mYuKWSp079rXFoVKoJ0hglFGyrFI6hPPujxMw==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "ibYP/CZ7BwfW0GGaW4HaikZABVYw/cImJmerL7PbyW4XvIgTIUlwN+gWeXx3PbndWDFQBAxQwfKIxWe/qN1NLJ0uYWQ4hLNIS9RibL6M7/dT0gaU7tXLR2HWkA+7iPuYEx2mg5guc8EdvTaR7xjknYpShOnamK3fWuiC17nm9kiP+Y9WNNDMZ+7MQywARNOeuffU4LQ5VjQOSWurzD/dmEF+fg6v2elJivctii/I0v7qM2oGu8kTvue3O/QEx4SXh6tkAcFw2HxQZ2xaSaQDvPJgkwbTEGbp+smO29PsQcxQtnna2Qi8nVwkHJNEIIo0m0kltItePoux9LbCxd9aaQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "DHE-RSA-AES256-GCM-SHA384" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "IS4LNxO66psY+3KyhIr0XjO/dCcjWWTTjuhnbp052Q1h1A1/me8MD5eX77TZK3rOULJnX6asq4tw/m3QnG1u4ojNktEH3YafbKuSkBuFiJrqPXgZhScLu3id78UagpjLwb83jzIPaU+qUJYluQTtZgSTU1hszN1ynCUU3wKIhH24YZ81w8zELxkrHblbe1GPb2mtaTcIKjkVC8I22lkHykgZsmvm6LbJQ4a5MJWBUi6kLKMit3S1xFHhi8y2hJxIqs8pS+lSKrDK3yYLoMwCFJ+SikHw/Mi6MfOYOMqZBsciQogBIHypSFxcYKPnWnRgtrIToQ77sOpTz6dZEe5NIg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "DHE-RSA-AES256-SHA256" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "RqwpPVm1Qlks3Lpn2MZtSyKxbpqVXKOZ7I2kiX0UE3Eina/6plUhI+UlBPPq6wSC2d8C+goa+GZYtBU5hUzE3hOJY65qU1as9TnOYw4pHjo7HPVTiwZXtGgeru/nLgJ6QhHC0RleHYX6Is995MBeb62in0q2+EUfYRHVeS6Cfao6UeSUFL9bH3Uo63SVuFc5vjCBnITNdax7oDpgCjqOQgDWChBcXYmGpI/RigbjXrPoEnw+a5iaMBk/pGgXhCtmhdpIK852hPLgOfUem6csU3U+8UNbvK2bruyeTgfunerGahU5bKfWcZ5Vrk007IsEwNBgBHgpTq9kOdoxmMCXYw==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "mdAl0xl6HSb5czKpMxmejf8/8BkPJ45XrXKnBz7x1snAT90c7CVhpiFoxa1J0pE7DRv17RJdai4GtLwVXHkNHSyfoNAgEU2NPa/3YxG2L0DFP/sFswehfbD7TJpSMzFvVMxk+zo0rvcvqrAk2ltFwSboAeHJ3sveRfSxJzF144d13BIFGeoJPi1cKw7c8GbX+wt5/R/jUBDICM9DJby6GiQldn/OIJIJ/2Su7me1NLoTOxkdLDrM93qQjHCJOyD4O828TGXoO7JNblFvRJWHe2sKPdMxYIXi2dC5YesG3lUvSOe2L+A6BzG09NJGVuGVa174oZPwV/HXbriLBYGdEA==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "DHE-RSA-AES128-GCM-SHA256" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "rCZtsDLdNzPLNU59JaoJldMJSM5hK5JQRRqfQaMR26yNWjQR22WDoi7SNtjpa4RQ/hKdG1Zpr3L83jQ/AJwpsz66WrjSgTESNxNWWeNuoNeciG8E+uUV2Al9NI4e93MJqqANe9utk39k605mR9UFgDKugU/QsRT/tdRnMtGoTdAQbCCyLyRA3/Kcpv4FAf8o1uEDIYMI6c34vgL76w4WmVfyd9jge/i+gJsMbUHfJ3G4YxVX+6hr4J3lfFS9XjFzX62tSvSR8ii3rS0Yq4lAJk1oQIvdj4Lgw3ne1/hOA2Uz1GKfCrfne5Cs/OO/YE6CH+nxss89msza2On1fK3Yig==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "DHE-RSA-AES128-SHA256" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "HQcRQ9Qsg8wHKchCMIeL63KLBg4pZqgDZZ4Cw7naFK0At9dnO8QkYDFLdV3Z/MUqLKd9BRLVaDL+jBOoW3UkrW5aYzHlHseUUAqdiqgM9aWN8bRIgfNrjrbuet38SRMmMPhmLZ+kMMnUMvL1+TXkUcFzY2dnyVKQJdcVPQPCupnIa6jFHSLHyVN5SZg6vcgfB+4tPlkD704ZAhMnIyOCe3X7H/FZ+hm0iHe5JPsumOp5DgikDmgR8r4R8MqckL8c8EW3Tq2mfwQbsaZhzP2FhNNZS5PqzQseD+rrCh38GdmJKXPmiqdvS6Dut4bq7QKyozR9yN71dnvRormJ/P9q1Q==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "Ji/pbQnl42aQKdiWGBitPsXRu+2rNuXj3yT8MO79F/Oc/1BGa2VeH1XQmOmd6dgaQG8Mxs7ZJt4hd2R+/YF/kdhznB0CLVoUWHmwb5klp4AmuUKTms1HdwgV6FoSbm4hpIKH7wNCuNUxpzldKrComlUxeyyoYWg6RaNZqJAym4AI5jZUSzOCn7gXDkQygB12q3gvzbdGidmkpfBjAwv3FAESJn64HiXYJ02e+8y2MS1/oD5rFAxypcu9f1LqorDX4cBST7IVr5XOx6fe0d8vsMJsfYDRU9sNH1QuYpL2+/vIz5+dqDoVjJZ2i/mGzMO5p0gmk+oXcZt1iOvt4RVXSQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA256", - "openssl_name": "NULL-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_256_CCM_8", - "openssl_name": "AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CCM", - "openssl_name": "AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CCM_8", - "openssl_name": "AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CCM", - "openssl_name": "AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDH-RSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDH-RSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDH-RSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDH-RSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDH-ECDSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDH-ECDSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDH-ECDSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDH-ECDSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "ECDHE-RSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", - "openssl_name": "ECDHE-RSA-CAMELLIA256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "ECDHE-RSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ECDHE-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ECDHE-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "ECDHE-ECDSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", - "openssl_name": "ECDHE-ECDSA-CAMELLIA256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "ECDHE-ECDSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ECDHE-ECDSA-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ECDHE-ECDSA-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDHE-ECDSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", - "openssl_name": "ECDHE-ECDSA-AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", - "openssl_name": "ECDHE-ECDSA-AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDHE-ECDSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDHE-ECDSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", - "openssl_name": "ECDHE-ECDSA-AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", - "openssl_name": "ECDHE-ECDSA-AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDHE-ECDSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_GCM_SHA384", - "openssl_name": "ADH-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA256", - "openssl_name": "ADH-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_GCM_SHA256", - "openssl_name": "ADH-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA256", - "openssl_name": "ADH-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "DH-RSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "DH-RSA-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "DH-RSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "DH-RSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", - "openssl_name": "DH-DSS-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", - "openssl_name": "DH-DSS-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", - "openssl_name": "DH-DSS-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", - "openssl_name": "DH-DSS-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "DHE-RSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "DHE-RSA-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "DHE-RSA-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CCM_8", - "openssl_name": "DHE-RSA-AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CCM", - "openssl_name": "DHE-RSA-AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CCM_8", - "openssl_name": "DHE-RSA-AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CCM", - "openssl_name": "DHE-RSA-AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "DHE-DSS-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "DHE-DSS-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", - "openssl_name": "DHE-DSS-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", - "openssl_name": "DHE-DSS-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", - "openssl_name": "DHE-DSS-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", - "openssl_name": "DHE-DSS-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DHE-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_2" - }, - "status": "COMPLETED" - }, - "tls_1_3_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_CHACHA20_POLY1305_SHA256", - "openssl_name": "TLS_CHACHA20_POLY1305_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_AES_256_GCM_SHA384", - "openssl_name": "TLS_AES_256_GCM_SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_GCM_SHA256", - "openssl_name": "TLS_AES_128_GCM_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_CCM_SHA256", - "openssl_name": "TLS_AES_128_CCM_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_CCM_8_SHA256", - "openssl_name": "TLS_AES_128_CCM_8_SHA256" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_3" - }, - "status": "COMPLETED" - }, - "tls_1_3_early_data": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "tls_compression": { - "error_reason": null, - "error_trace": null, - "result": { - "supports_compression": false - }, - "status": "COMPLETED" + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_RC2_128_CBC_WITH_MD5", + "openssl_name": "RC2-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_IDEA_128_CBC_WITH_MD5", + "openssl_name": "IDEA-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "SSL_CK_DES_64_CBC_WITH_MD5", + "openssl_name": "DES-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "SSL_CK_DES_192_EDE3_CBC_WITH_MD5", + "openssl_name": "DES-CBC3-MD5" + }, + "error_message": "Server rejected the connection" + } + ], + "tls_version_used": "SSL_2_0" + }, + "status": "COMPLETED" + }, + "ssl_3_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "Connection to server timed out during the TLS handshake" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "SSL_3_0" + }, + "status": "COMPLETED" + }, + "tls_1_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BDlEGogmc0/J/bmje2uxPXw3wBZADOxa3gsEGMY+7hPsGg41HYtSx6NgbBBGupDH8L0lGZP5WTmf4+Apt6PqcpQ=", + "size": 256, + "type_name": "ECDH", + "x": "OUQaiCZzT8n9uaN7a7E9fDfAFkAM7FreCwQYxj7uE+w=", + "y": "Gg41HYtSx6NgbBBGupDH8L0lGZP5WTmf4+Apt6PqcpQ=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BKerjmxZgSQ0MmquhjRxz67raf6wX1+DJUj+IUmhQqxBAI+dS0St02uVc5xTYhjBL0QTFOSbFaMSHaK7SGgP5ek=", + "size": 256, + "type_name": "ECDH", + "x": "p6uObFmBJDQyaq6GNHHPrutp/rBfX4MlSP4hSaFCrEE=", + "y": "j51LRK3Ta5VznFNiGMEvRBMU5JsVoxIdortIaA/l6Q==" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BIfTTPGViBj/CRMwYmn3go1GJSyymAyedFboq4/IMQ/p8LN4iwbXCJidAiDRuyBcNmUvhevd9DmmZkTtP1zeJmc=", + "size": 256, + "type_name": "ECDH", + "x": "h9NM8ZWIGP8JEzBiafeCjUYlLLKYDJ50Vuirj8gxD+k=", + "y": "8LN4iwbXCJidAiDRuyBcNmUvhevd9DmmZkTtP1zeJmc=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "bP1/Q1WMazA241BIbG6FxW6bocLADQIRLe6hZ878ikMbnYSc6Zu80ftSrdWYWv6hDcqg0LJ+IpOosNJp2rbg9ghWH3KKzfjli6x2M3+JRM2W+0FF6ZHm8b5iqRhm+ZrpRz8aKr8kMyP6wwA2qgNbTrGSBl7EipaMHWS+x3KE1eRD/k0pX+kmNGxo9L7v4sRWNxAF6cX3yWD7xFmako+PzjVfCoiLeyAvZwXqYNqJTs5o/FD+7NdQk0t3vI7r9bCHpqrbJ1dNTGma4+8LCCrdj5RIIhkIgvGkEpClt1d7xq/AIJxI2sbzGLCk0ui8hx0R8dIWJ8D4soGW/o/bYLNzjQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "OM4fOd3faTQZmpvReoPk9N46v425WI99cr0tvXw/PBFAsLj2RDoOW3PuMX4yAyidJKQeQzpAb+Gjyal5meoL6DzD0DyiXlSnwddVzlFSfWrhEolPUCXhcs7tJ/LaclqTZ+zrxv1SLsWDhdSPY0MC+sMXAQfHcIwXbaPA0h8IjAwmJFMe8rVhrz/LeZRm7ANgJ7XTsMw1Qkxlka+ZGxYZnIf+VPtR4Lyc9TG+XsKZILUJhE//bHYkGejtPd85QnCkSPmE6k8waM+WUDdFk/FcfDK5oqg+I/mfhoTiJOpXzKWfM87JLhURYu6dQioDjbNmCrRvxVaajH1ejLxMmu2+qg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "SnGWM3drfk1YkyCQK+4Y/MURI4EzATT4MbrGOt5ZscH64etTw18px0Qy5hFSW8uE/zLNymnA3dr9tYkzK0tDTLUia47RyPn3Kk66l4OBX9hUDRFTz74PzHrNcQvXr5QwOaxZXJtAsMixUfDXyRMwiDn01hRE8QANfLknmtUNQQCYMyESR0v2wpUfABb+66/Nd7LQty8Gz4mvzd/GuPk3SBid04BO6BLAttdz4tB7b26jUBskUoD1yVTRTUcbJVdPqeET15kSwnoLI6RfYWqhycrPmkCik2XuRR4s0BkcvwTjdiCQca7SPbYgDNLaWeqtByk5+dWId0FeMLy7Wgf9Kw==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "IZ6liiR8kWPIs9AFlwfGVJp7UZloIFkkeekupAPeZqwpbmQ5Q6SJbp/SUsxbXB+VsF/1FCu9uYMES/jPXyVsnYEl5lgaOLbsWVCDefjb1m/rQrWjszyWT2shKWWDhjim38aCxHsvrOWX8QKB85NVXVERGRY5D23EdowBuJDsgX2nb63FsZ5mG/DSup4dfv+raeXOycLwQyyilIOGDTtgCJ/KCflkeVt2PRp6VgKZ2WT0jaT1upk5nkGrhiznYaZaKiZNNLWJ2kaJQWWABdolMRwmPE4j5sQiwf5eExm18uULFQqrux4XXyFis2bPalzo7XgJkAQLzM5DW/4iuL9bPA==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_0" + }, + "status": "COMPLETED" + }, + "tls_1_1_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" }, - "tls_fallback_scsv": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BK7hl7EcfLYxU10qC4ZqwnzXKdWhiKAgUAndoEK+bYF53nmfqGtEmgQBvNDs+y0MeP3NPZx0OUl1/D2C5rSq5/w=", + "size": 256, + "type_name": "ECDH", + "x": "ruGXsRx8tjFTXSoLhmrCfNcp1aGIoCBQCd2gQr5tgXk=", + "y": "3nmfqGtEmgQBvNDs+y0MeP3NPZx0OUl1/D2C5rSq5/w=" } - }, - "scan_status": "COMPLETED", - "server_location": { - "connection_type": "DIRECT", - "hostname": "tls-v1-0.badssl.com", - "http_proxy_settings": null, - "ip_address": "104.154.89.105", - "port": 443 - }, - "uuid": "b11b6eb6-6cec-4608-88cf-afc4b55fee7b" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BDpeDvsDAkdq6bf47Nd9f9ExvI5hNmrtKRcWCzZx+2K+Mrtg6iYgCyIOcC9i8YSBUkFuICHTYBAmhbiZQ3r+rMk=", + "size": 256, + "type_name": "ECDH", + "x": "Ol4O+wMCR2rpt/js131/0TG8jmE2au0pFxYLNnH7Yr4=", + "y": "Mrtg6iYgCyIOcC9i8YSBUkFuICHTYBAmhbiZQ3r+rMk=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BJWGi+d+IKImqrDjdpqFbOMX3wl0fmvTmG0EGkwTciuXmtNnty0VeIfQ3bBhHXR13zc2X9EmwABxRAosT4jPu4o=", + "size": 256, + "type_name": "ECDH", + "x": "lYaL534goiaqsON2moVs4xffCXR+a9OYbQQaTBNyK5c=", + "y": "mtNnty0VeIfQ3bBhHXR13zc2X9EmwABxRAosT4jPu4o=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "HMyhVP+8Qhox681553fpRRHECnGGsf+C9xATQJ2bZATlGCHzcvMHTq9dqC8MrgDPmJQcnhK6YmJY4ZM0lruXV1fDtGZlfROXX/HHQIJLQJ+FBA2UiMLpa+30StaS8FX4m+WXEJTpDIoG5TSz60y92vm28uxpxT23WcXPW+YA5U3UTK7YX9eSL1ooq6mnEtKRmHrfkW0tqaTtQ389JIM7LneD3H54+Iksh0r7FOF++U4bLllUomDc2F7eMDLl5OPRmmE39DglNhCZO8XvYGGSjpvYQAdPzV1bstS/K2r/sdNVTPAYyxHcu0R9rlU52ZP/OgipXIf7dxjJRXV1sjSsxw==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "lXIX3bX3bPc06GLf8RQL6zbadB2jAslqLl9nhHTn3a1kiuJRdICFfyGZs3D8D6IBUykKTcqgTV0XT2pI8dpQpLxU4w/gjs8flCPlNSCGpEd60YzUkzTJX6GfItbtX2XIDjJd83hYQB2fTMuQ6gwweNOTcnJ/UeWleqhClG2C43euj0e4VdRVX73je9UAMR+HMBkGYSV+NpqgicairKztj8AxUS6Cv5z1/LczSbVR6juiGZ7x9eOC0eZKxHrmTnao+wXUG4eQNbzYbMwxLYnhCeqTM8wJYnxuqE02GI7LL/cr16eIY2PX1KL+zD/e20YcofiNLnAxOx5VidqahDBUyQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "tgA+CaN1SFFiyzxmWv0vIEBbauroboJYdBdgG9hPMzYXD05l1ZUcvBqkaCSU7Nyk3FnYjigIa9OVxS3zDTEwvvdgSTC5+4TCxkgRZdtB+LYMGlFm+yeDfjOIqaDs589Kyo57K95V1FHE6si2QJ9f7C97JA+q+5QELUvgo/rvU+48+FW6/KLUTMhYLbghFilRHnMPbd4PNJBoxR9Cwdafr54mUOkj2jVULbCP4Kro+2WcsrgOnJWMr3/fj4jB3qngpKAhW6YzVio4zFmZf2hLtX2IZ1UaIhZixjXi4c7ewvP7wc83ZO+rvhrLH2PLUlAdtdpEHAfX3lQpkZewU3Y16Q==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "P6gaQ0TaSJ0YLJ51ltqZlQl3x6NnJfvuU5ymzrEqBPcDmNfZC9VKqoJRtJmWsiLJ1S8z99UB+yqclBJRsbQJbD+H0kJA8/xXtYEUypQAyEOzM3MJgcDUQ/L7SqHYD+a5eYpy9zoRfHWtFRH0uBZU8evUOoqIjV4R0FxaxcYltcSVbjknC5mMCf3Qjb5Fg1iGEXnwCikYSmAt+6X16LMbGGuzaZMuUyqU4Ee9K6NCTIj4k3ZpgeSKs72/7TOy0q8C87xlpOhAYCHRb6LAOw8xJlJvIviIbfiu6iAZFrdyX6VN/2laqmzcSqPfst9mktsMaRUak1AzXq1E5wrDhl2aeQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_1" + }, + "status": "COMPLETED" + }, + "tls_1_2_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "AES256-GCM-SHA384" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "AES256-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "AES128-GCM-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "AES128-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDHE-RSA-AES256-GCM-SHA384" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BMBUPXD2SzGChhwJ/gRaEx5hiI7uZPGbxVa0BI+ciE2/jyy3G+yQamQJHEIBW7mQvqWjMgCVkOuYMCYIeUW89uw=", + "size": 256, + "type_name": "ECDH", + "x": "wFQ9cPZLMYKGHAn+BFoTHmGIju5k8ZvFVrQEj5yITb8=", + "y": "jyy3G+yQamQJHEIBW7mQvqWjMgCVkOuYMCYIeUW89uw=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDHE-RSA-AES256-SHA384" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BA8NmJUHuaFNJkrFv/CNZt+2EPaml2pDuCzk4NSkKdhvB5YSAABtmAnckOKI00CGnFR2FwKjI3XQTEowPVeq5Qw=", + "size": 256, + "type_name": "ECDH", + "x": "Dw2YlQe5oU0mSsW/8I1m37YQ9qaXakO4LOTg1KQp2G8=", + "y": "B5YSAABtmAnckOKI00CGnFR2FwKjI3XQTEowPVeq5Qw=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BP9S1JUWRiUftVZmlol4bhCCc2LujCiRScc3BFqjO1T2LiezOA/o8+UW40pAJ8hZGTxweuUzt+BDsb42suTFk00=", + "size": 256, + "type_name": "ECDH", + "x": "/1LUlRZGJR+1VmaWiXhuEIJzYu6MKJFJxzcEWqM7VPY=", + "y": "LiezOA/o8+UW40pAJ8hZGTxweuUzt+BDsb42suTFk00=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDHE-RSA-AES128-GCM-SHA256" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BLux7KVHgu20vlGachmGKCfekZmI0B5suuY2nvkjMf/p70AQJAb3PU9BZhmO3vs8BxIHKgejW8ds7eTSUPjruKc=", + "size": 256, + "type_name": "ECDH", + "x": "u7HspUeC7bS+UZpyGYYoJ96RmYjQHmy65jae+SMx/+k=", + "y": "70AQJAb3PU9BZhmO3vs8BxIHKgejW8ds7eTSUPjruKc=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDHE-RSA-AES128-SHA256" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BJgg0Kd8N7/dLuwN7dfH75bVlIL4hWezBVSJS03BtNk6HaUsBAx1bVWWaXn71NZrWsGVlpjcVXqDrBBfoXACpn4=", + "size": 256, + "type_name": "ECDH", + "x": "mCDQp3w3v90u7A3t18fvltWUgviFZ7MFVIlLTcG02To=", + "y": "HaUsBAx1bVWWaXn71NZrWsGVlpjcVXqDrBBfoXACpn4=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BPrP7ZEl5Q/V4uKdPnjEbwLozjNtUcmYEqIhnvl2qNaILM9JI0ybAiK9fLeQH76kLVh/HywgT4YP604cCHo6xeY=", + "size": 256, + "type_name": "ECDH", + "x": "+s/tkSXlD9Xi4p0+eMRvAujOM21RyZgSoiGe+Xao1og=", + "y": "LM9JI0ybAiK9fLeQH76kLVh/HywgT4YP604cCHo6xeY=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BJqzJrOWuEJzgEF8TOQTu6+dnDfhOMy885ufK0u+ChV8QkHEYbEuEiyxYe+T6Y3yIk6/d09Xkq2CwhThG9oi86I=", + "size": 256, + "type_name": "ECDH", + "x": "mrMms5a4QnOAQXxM5BO7r52cN+E4zLzzm58rS74KFXw=", + "y": "QkHEYbEuEiyxYe+T6Y3yIk6/d09Xkq2CwhThG9oi86I=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "NdUBqKVUYH1A4Wvi6KdmIQd4Y6E88IDpKATbzN5mUXt505Ohr/5iEbpzpuWDejn3ypX7QmeUJwjmG9+T1c4AIT6ELOch1nfjTcK0jlpXHkXPci9smkZuF5d0f0s27DCuJDSo9QoV2ozvnMW2PbmkKHhTj2g3z9anAo1P2Sxo+d20EwJKq8sdmruznxUFD24a+IqKzlicCODr27glqFuvtAVqzOXYFwnzYs3fNerrBvnCPeA5FSTKRPNLWhRSoyaC2K7ERtErve9C5sX2wb4fKiO6h39/vIaIFg7tezRCxj2WBt0R4mYuKWSp079rXFoVKoJ0hglFGyrFI6hPPujxMw==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "ibYP/CZ7BwfW0GGaW4HaikZABVYw/cImJmerL7PbyW4XvIgTIUlwN+gWeXx3PbndWDFQBAxQwfKIxWe/qN1NLJ0uYWQ4hLNIS9RibL6M7/dT0gaU7tXLR2HWkA+7iPuYEx2mg5guc8EdvTaR7xjknYpShOnamK3fWuiC17nm9kiP+Y9WNNDMZ+7MQywARNOeuffU4LQ5VjQOSWurzD/dmEF+fg6v2elJivctii/I0v7qM2oGu8kTvue3O/QEx4SXh6tkAcFw2HxQZ2xaSaQDvPJgkwbTEGbp+smO29PsQcxQtnna2Qi8nVwkHJNEIIo0m0kltItePoux9LbCxd9aaQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "DHE-RSA-AES256-GCM-SHA384" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "IS4LNxO66psY+3KyhIr0XjO/dCcjWWTTjuhnbp052Q1h1A1/me8MD5eX77TZK3rOULJnX6asq4tw/m3QnG1u4ojNktEH3YafbKuSkBuFiJrqPXgZhScLu3id78UagpjLwb83jzIPaU+qUJYluQTtZgSTU1hszN1ynCUU3wKIhH24YZ81w8zELxkrHblbe1GPb2mtaTcIKjkVC8I22lkHykgZsmvm6LbJQ4a5MJWBUi6kLKMit3S1xFHhi8y2hJxIqs8pS+lSKrDK3yYLoMwCFJ+SikHw/Mi6MfOYOMqZBsciQogBIHypSFxcYKPnWnRgtrIToQ77sOpTz6dZEe5NIg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "DHE-RSA-AES256-SHA256" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "RqwpPVm1Qlks3Lpn2MZtSyKxbpqVXKOZ7I2kiX0UE3Eina/6plUhI+UlBPPq6wSC2d8C+goa+GZYtBU5hUzE3hOJY65qU1as9TnOYw4pHjo7HPVTiwZXtGgeru/nLgJ6QhHC0RleHYX6Is995MBeb62in0q2+EUfYRHVeS6Cfao6UeSUFL9bH3Uo63SVuFc5vjCBnITNdax7oDpgCjqOQgDWChBcXYmGpI/RigbjXrPoEnw+a5iaMBk/pGgXhCtmhdpIK852hPLgOfUem6csU3U+8UNbvK2bruyeTgfunerGahU5bKfWcZ5Vrk007IsEwNBgBHgpTq9kOdoxmMCXYw==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "mdAl0xl6HSb5czKpMxmejf8/8BkPJ45XrXKnBz7x1snAT90c7CVhpiFoxa1J0pE7DRv17RJdai4GtLwVXHkNHSyfoNAgEU2NPa/3YxG2L0DFP/sFswehfbD7TJpSMzFvVMxk+zo0rvcvqrAk2ltFwSboAeHJ3sveRfSxJzF144d13BIFGeoJPi1cKw7c8GbX+wt5/R/jUBDICM9DJby6GiQldn/OIJIJ/2Su7me1NLoTOxkdLDrM93qQjHCJOyD4O828TGXoO7JNblFvRJWHe2sKPdMxYIXi2dC5YesG3lUvSOe2L+A6BzG09NJGVuGVa174oZPwV/HXbriLBYGdEA==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "DHE-RSA-AES128-GCM-SHA256" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "rCZtsDLdNzPLNU59JaoJldMJSM5hK5JQRRqfQaMR26yNWjQR22WDoi7SNtjpa4RQ/hKdG1Zpr3L83jQ/AJwpsz66WrjSgTESNxNWWeNuoNeciG8E+uUV2Al9NI4e93MJqqANe9utk39k605mR9UFgDKugU/QsRT/tdRnMtGoTdAQbCCyLyRA3/Kcpv4FAf8o1uEDIYMI6c34vgL76w4WmVfyd9jge/i+gJsMbUHfJ3G4YxVX+6hr4J3lfFS9XjFzX62tSvSR8ii3rS0Yq4lAJk1oQIvdj4Lgw3ne1/hOA2Uz1GKfCrfne5Cs/OO/YE6CH+nxss89msza2On1fK3Yig==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "DHE-RSA-AES128-SHA256" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "HQcRQ9Qsg8wHKchCMIeL63KLBg4pZqgDZZ4Cw7naFK0At9dnO8QkYDFLdV3Z/MUqLKd9BRLVaDL+jBOoW3UkrW5aYzHlHseUUAqdiqgM9aWN8bRIgfNrjrbuet38SRMmMPhmLZ+kMMnUMvL1+TXkUcFzY2dnyVKQJdcVPQPCupnIa6jFHSLHyVN5SZg6vcgfB+4tPlkD704ZAhMnIyOCe3X7H/FZ+hm0iHe5JPsumOp5DgikDmgR8r4R8MqckL8c8EW3Tq2mfwQbsaZhzP2FhNNZS5PqzQseD+rrCh38GdmJKXPmiqdvS6Dut4bq7QKyozR9yN71dnvRormJ/P9q1Q==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "Ji/pbQnl42aQKdiWGBitPsXRu+2rNuXj3yT8MO79F/Oc/1BGa2VeH1XQmOmd6dgaQG8Mxs7ZJt4hd2R+/YF/kdhznB0CLVoUWHmwb5klp4AmuUKTms1HdwgV6FoSbm4hpIKH7wNCuNUxpzldKrComlUxeyyoYWg6RaNZqJAym4AI5jZUSzOCn7gXDkQygB12q3gvzbdGidmkpfBjAwv3FAESJn64HiXYJ02e+8y2MS1/oD5rFAxypcu9f1LqorDX4cBST7IVr5XOx6fe0d8vsMJsfYDRU9sNH1QuYpL2+/vIz5+dqDoVjJZ2i/mGzMO5p0gmk+oXcZt1iOvt4RVXSQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA256", + "openssl_name": "NULL-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_256_CCM_8", + "openssl_name": "AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CCM", + "openssl_name": "AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CCM_8", + "openssl_name": "AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CCM", + "openssl_name": "AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDH-RSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDH-RSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDH-RSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDH-RSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDH-ECDSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDH-ECDSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDH-ECDSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDH-ECDSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "ECDHE-RSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", + "openssl_name": "ECDHE-RSA-CAMELLIA256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "ECDHE-RSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ECDHE-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ECDHE-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "ECDHE-ECDSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", + "openssl_name": "ECDHE-ECDSA-CAMELLIA256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "ECDHE-ECDSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ECDHE-ECDSA-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ECDHE-ECDSA-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDHE-ECDSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", + "openssl_name": "ECDHE-ECDSA-AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", + "openssl_name": "ECDHE-ECDSA-AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDHE-ECDSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDHE-ECDSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", + "openssl_name": "ECDHE-ECDSA-AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", + "openssl_name": "ECDHE-ECDSA-AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDHE-ECDSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_GCM_SHA384", + "openssl_name": "ADH-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA256", + "openssl_name": "ADH-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_GCM_SHA256", + "openssl_name": "ADH-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA256", + "openssl_name": "ADH-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "DH-RSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "DH-RSA-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "DH-RSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "DH-RSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", + "openssl_name": "DH-DSS-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", + "openssl_name": "DH-DSS-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", + "openssl_name": "DH-DSS-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", + "openssl_name": "DH-DSS-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "DHE-RSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "DHE-RSA-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "DHE-RSA-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CCM_8", + "openssl_name": "DHE-RSA-AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CCM", + "openssl_name": "DHE-RSA-AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CCM_8", + "openssl_name": "DHE-RSA-AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CCM", + "openssl_name": "DHE-RSA-AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "DHE-DSS-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "DHE-DSS-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", + "openssl_name": "DHE-DSS-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", + "openssl_name": "DHE-DSS-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", + "openssl_name": "DHE-DSS-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", + "openssl_name": "DHE-DSS-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DHE-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_2" + }, + "status": "COMPLETED" + }, + "tls_1_3_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_CHACHA20_POLY1305_SHA256", + "openssl_name": "TLS_CHACHA20_POLY1305_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_AES_256_GCM_SHA384", + "openssl_name": "TLS_AES_256_GCM_SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_GCM_SHA256", + "openssl_name": "TLS_AES_128_GCM_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_CCM_SHA256", + "openssl_name": "TLS_AES_128_CCM_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_CCM_8_SHA256", + "openssl_name": "TLS_AES_128_CCM_8_SHA256" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_3" + }, + "status": "COMPLETED" + }, + "tls_1_3_early_data": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "tls_compression": { + "error_reason": null, + "error_trace": null, + "result": { + "supports_compression": false + }, + "status": "COMPLETED" + }, + "tls_fallback_scsv": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" } - ], - "sslyze_url": "https://github.com/nabla-c0d3/sslyze", - "sslyze_version": "5.0.0" -} \ No newline at end of file + }, + "scan_status": "COMPLETED", + "server_location": { + "connection_type": "DIRECT", + "hostname": "tls-v1-0.badssl.com", + "http_proxy_settings": null, + "ip_address": "104.154.89.105", + "port": 443 + }, + "uuid": "b11b6eb6-6cec-4608-88cf-afc4b55fee7b" + } + ], + "sslyze_url": "https://github.com/nabla-c0d3/sslyze", + "sslyze_version": "5.0.0" +} diff --git a/scanners/sslyze/parser/__testFiles__/unavailable-host.json b/scanners/sslyze/parser/__testFiles__/unavailable-host.json index 8a02569a55..241ce42cad 100644 --- a/scanners/sslyze/parser/__testFiles__/unavailable-host.json +++ b/scanners/sslyze/parser/__testFiles__/unavailable-host.json @@ -1,31 +1,31 @@ { - "date_scans_completed": "2021-12-22T13:01:32.278576", - "date_scans_started": "2021-12-22T13:01:32.266801", - "server_scan_results": [ - { - "connectivity_error_trace": "Traceback (most recent call last):\n File \"/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/scanner/_mass_connectivity_tester.py\", line 106, in run\n tls_probing_result = check_connectivity_to_server(\n File \"/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/server_connectivity.py\", line 76, in check_connectivity_to_server\n tls_detection_result = _detect_support_for_tls_1_3(\n File \"/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/server_connectivity.py\", line 232, in _detect_support_for_tls_1_3\n ssl_connection.connect(should_retry_connection=False)\n File \"/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/connection_helpers/tls_connection.py\", line 272, in connect\n raise ServerRejectedConnection(\nsslyze.errors.ServerRejectedConnection: 192.168.0.107:443 -> \"Server rejected the connection\".\n", - "connectivity_result": null, - "connectivity_status": "ERROR", - "network_configuration": { - "network_max_retries": 3, - "network_timeout": 5, - "tls_client_auth_credentials": null, - "tls_opportunistic_encryption": null, - "tls_server_name_indication": "192.168.0.107", - "xmpp_to_hostname": null - }, - "scan_result": null, - "scan_status": "ERROR_NO_CONNECTIVITY", - "server_location": { - "connection_type": "DIRECT", - "hostname": "192.168.0.107", - "http_proxy_settings": null, - "ip_address": "192.168.0.107", - "port": 443 - }, - "uuid": "69e91554-cc92-4c4d-924a-63a747935e92" - } - ], - "sslyze_url": "https://github.com/nabla-c0d3/sslyze", - "sslyze_version": "5.0.0" -} \ No newline at end of file + "date_scans_completed": "2021-12-22T13:01:32.278576", + "date_scans_started": "2021-12-22T13:01:32.266801", + "server_scan_results": [ + { + "connectivity_error_trace": "Traceback (most recent call last):\n File \"/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/scanner/_mass_connectivity_tester.py\", line 106, in run\n tls_probing_result = check_connectivity_to_server(\n File \"/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/server_connectivity.py\", line 76, in check_connectivity_to_server\n tls_detection_result = _detect_support_for_tls_1_3(\n File \"/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/server_connectivity.py\", line 232, in _detect_support_for_tls_1_3\n ssl_connection.connect(should_retry_connection=False)\n File \"/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/connection_helpers/tls_connection.py\", line 272, in connect\n raise ServerRejectedConnection(\nsslyze.errors.ServerRejectedConnection: 192.168.0.107:443 -> \"Server rejected the connection\".\n", + "connectivity_result": null, + "connectivity_status": "ERROR", + "network_configuration": { + "network_max_retries": 3, + "network_timeout": 5, + "tls_client_auth_credentials": null, + "tls_opportunistic_encryption": null, + "tls_server_name_indication": "192.168.0.107", + "xmpp_to_hostname": null + }, + "scan_result": null, + "scan_status": "ERROR_NO_CONNECTIVITY", + "server_location": { + "connection_type": "DIRECT", + "hostname": "192.168.0.107", + "http_proxy_settings": null, + "ip_address": "192.168.0.107", + "port": 443 + }, + "uuid": "69e91554-cc92-4c4d-924a-63a747935e92" + } + ], + "sslyze_url": "https://github.com/nabla-c0d3/sslyze", + "sslyze_version": "5.0.0" +} diff --git a/scanners/sslyze/parser/__testFiles__/untrusted-root.badssl.com.json b/scanners/sslyze/parser/__testFiles__/untrusted-root.badssl.com.json index 5bba6446a2..cb08a24c83 100644 --- a/scanners/sslyze/parser/__testFiles__/untrusted-root.badssl.com.json +++ b/scanners/sslyze/parser/__testFiles__/untrusted-root.badssl.com.json @@ -1,4734 +1,4731 @@ { - "date_scans_completed": "2021-12-22T13:01:41.243173", - "date_scans_started": "2021-12-22T13:00:54.202468", - "server_scan_results": [ - { - "connectivity_error_trace": null, - "connectivity_result": { - "cipher_suite_supported": "ECDHE-RSA-AES128-GCM-SHA256", - "client_auth_requirement": "DISABLED", - "highest_tls_version_supported": "TLS_1_2", - "supports_ecdh_key_exchange": true - }, - "connectivity_status": "COMPLETED", - "network_configuration": { - "network_max_retries": 3, - "network_timeout": 5, - "tls_client_auth_credentials": null, - "tls_opportunistic_encryption": null, - "tls_server_name_indication": "untrusted-root.badssl.com", - "xmpp_to_hostname": null - }, - "scan_result": { - "certificate_info": { - "error_reason": null, - "error_trace": null, - "result": { - "certificate_deployments": [ - { - "leaf_certificate_has_must_staple_extension": false, - "leaf_certificate_is_ev": false, - "leaf_certificate_signed_certificate_timestamps_count": 0, - "leaf_certificate_subject_matches_hostname": true, - "ocsp_response": null, - "ocsp_response_is_trusted": null, - "path_validation_results": [ - { - "openssl_error_string": "self signed certificate in certificate chain", - "trust_store": { - "ev_oids": null, - "name": "Android", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/google_aosp.pem", - "version": "12.0.0_r3" - }, - "verified_certificate_chain": null, - "was_validation_successful": false - }, - { - "openssl_error_string": "self signed certificate in certificate chain", - "trust_store": { - "ev_oids": null, - "name": "Apple", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/apple.pem", - "version": "iOS 15, iPadOS 15, macOS 12, tvOS 15, and watchOS 8" - }, - "verified_certificate_chain": null, - "was_validation_successful": false - }, - { - "openssl_error_string": "self signed certificate in certificate chain", - "trust_store": { - "ev_oids": null, - "name": "Java", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/oracle_java.pem", - "version": "jdk-13.0.2" - }, - "verified_certificate_chain": null, - "was_validation_successful": false - }, - { - "openssl_error_string": "self signed certificate in certificate chain", - "trust_store": { - "ev_oids": [ - { - "dotted_string": "1.2.276.0.44.1.1.1.4", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.392.200091.100.721.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.40.0.17.1.22", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.616.1.113527.2.5.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.159.1.17.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.13177.10.1.3.10", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14370.1.6", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14777.6.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14777.6.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.14.2.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.14.2.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.8.12.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.8.12.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.22234.2.5.2.3.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.23223.1.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.29836.1.10", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.3", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.4", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.36305.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.40869.1.1.22.3", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.4146.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.4788.2.202.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.6334.1.100.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.6449.1.2.1.5.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.782.1.2.1.8.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.7879.13.24.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.8024.0.2.100.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.156.112554.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.528.1.1003.1.2.7", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.578.1.26.1.3.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.756.1.83.21.0", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.756.1.89.1.2.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.792.3.0.3.1.1.5", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.792.3.0.4.1.1.4", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.113733.1.7.23.6", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.113733.1.7.48.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114028.10.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114171.500.9", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114404.1.1.2.4.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114412.2.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114413.1.7.23.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114414.1.7.23.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114414.1.7.24.3", - "name": "Unknown OID" - } - ], - "name": "Mozilla", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/mozilla_nss.pem", - "version": "2021-09-25" - }, - "verified_certificate_chain": null, - "was_validation_successful": false - }, - { - "openssl_error_string": "self signed certificate in certificate chain", - "trust_store": { - "ev_oids": null, - "name": "Windows", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/microsoft_windows.pem", - "version": "2021-09-25" - }, - "verified_certificate_chain": null, - "was_validation_successful": false - } - ], - "received_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIEmTCCAoGgAwIBAgIJAMJ1vCpOBAlkMA0GCSqGSIb3DQEBCwUAMIGBMQswCQYD\nVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5j\naXNjbzEPMA0GA1UECgwGQmFkU1NMMTQwMgYDVQQDDCtCYWRTU0wgVW50cnVzdGVk\nIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTIxMTIwNDAwMDgxOVoXDTIz\nMTIwNDAwMDgxOVowYjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWEx\nFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDzANBgNVBAoMBkJhZFNTTDEVMBMGA1UE\nAwwMKi5iYWRzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA\nwgTs+IzuBMKz2FDVcFjMkxjrXKhoSbAitfmVnrErLHY+bMBLYExM6rK0wA+AtrD5\ncsmGAvlcQV0TK39xxEu86ZQuUDemZxxhjPZBQsVG0xaHJ5906wqdEVImIXNshEx5\nVeTRa+gGPUgVUq2zKNuq/27/YJVKd2s58STRMbbdTcDE/FO5bUKttXz+rvUV0jNI\n5yJxx8IUemwo6jdK3+pstXK0flqiFtxpsVdE2woSq97DD0d0XEEi4Zr5G5PmrSIG\nKS6xukkcDCeeo/uL90ByAKySCNmMV4RTgQXL5v5rVJhAJ4XHELtzcO9pGEEHRVV8\n+WQ/PSzDqXzrkxpMhtHKhQIDAQABozIwMDAJBgNVHRMEAjAAMCMGA1UdEQQcMBqC\nDCouYmFkc3NsLmNvbYIKYmFkc3NsLmNvbTANBgkqhkiG9w0BAQsFAAOCAgEADVgB\nIas+fb/Ckdnw5iSYsfRIcfhnTBNgvroorUQe09Psx0tAbjlIYqOCtloNhvCbJYa7\ntQQOO65s7RKArpAA1qoapWfDti2aHuMNvGwImwX538RiLf4Rm4MEF6vuF6MZMH/u\nTs1iugB3+d7oSWl/K+RvA4NMRNrlxOLelBJwaTsExsQ5QalpPamongnyWXHZ2Sna\ndsw9hBku9ZmlRqYOCE/TajsydqCIhCc2QC5xdd3fxXlcfq5h7G0oOuCYvW7BscTk\nAQZYkwS+y3mTHF9wSlxJB4iEGC0NovdM5GsVgfvZ5+jtXGuDlsphAIFLxpIJi1bR\n+NsAkEthHoQZDNttvtVJPFPp83PdRDmL6IwrbbXvAwZWWgYmS6HpbF5bxR09JIOA\nKttGK1wnd6bh2d9Xy6kfoxZ1gz6i2y5OpxbMoi6z8o1Y2hSOv2kgnD2fxtR9X4OO\nwrwWZWnhwsiq7pnZbZiA9GFR4tKZVcJ5ny5aul/MZ0wb5MST7wHW/7qhydfBpOy6\nhZ5BSbwfmBao+CJ7NxNJb5c03W5+/Vf1uxXZhodpag6Z5p0rru0v7ea9nMk5dNUm\nqR+2XGwzDk9n8jCWwfvSKCa77rf2HqKi8ZaQN/NRp7uVqfY++JVI+h3CLyMk8wTL\nFifbLPKbSCW7PAFEfM3wh76VQg1CHpHOPVp/wno=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "NHl/fIcVNzR2aZnuVUBmhJpEzrk=", - "fingerprint_sha256": "AkYkLmjJ3wEps5x7bqlVBshHBgHD+c0ZwxOtcHR61CM=", - "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=San Francisco", - "value": "San Francisco" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=BadSSL", - "value": "BadSSL" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=BadSSL Untrusted Root Certificate Authority", - "value": "BadSSL Untrusted Root Certificate Authority" - } - ], - "rfc4514_string": "CN=BadSSL Untrusted Root Certificate Authority,O=BadSSL,L=San Francisco,ST=California,C=US" - }, - "not_valid_after": "2023-12-04T00:08:19", - "not_valid_before": "2021-12-04T00:08:19", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 - }, - "serial_number": 14012312705516702052, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=San Francisco", - "value": "San Francisco" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=BadSSL", - "value": "BadSSL" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.badssl.com", - "value": "*.badssl.com" - } - ], - "rfc4514_string": "CN=*.badssl.com,O=BadSSL,L=San Francisco,ST=California,C=US" - }, - "subject_alternative_name": { - "dns": [ - "*.badssl.com", - "badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGfjCCBGagAwIBAgIJAJeg/PrX5Sj9MA0GCSqGSIb3DQEBCwUAMIGBMQswCQYD\nVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5j\naXNjbzEPMA0GA1UECgwGQmFkU1NMMTQwMgYDVQQDDCtCYWRTU0wgVW50cnVzdGVk\nIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTE2MDcwNzA2MzEzNVoXDTM2\nMDcwMjA2MzEzNVowgYExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlh\nMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMQ8wDQYDVQQKDAZCYWRTU0wxNDAyBgNV\nBAMMK0JhZFNTTCBVbnRydXN0ZWQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkw\nggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKQtPMhEH073gis/HISWAi\nbOEpCtOsatA3JmeVbaWal8O/5ZO5GAn9dFVsGn0CXAHR6eUKYDAFJLa/3AhjBvWa\ntnQLoXaYlCvBjodjLEaFi8ckcJHrAYG9qZqioRQ16Yr8wUTkbgZf+er/Z55zi1yn\nCnhWth7kekvrwVDGP1rApeLqbhYCSLeZf5W/zsjLlvJni9OrU7U3a9msvz8mcCOX\nfJX9e3VbkD/uonIbK2SvmAGMaOj/1k0dASkZtMws0Bk7m1pTQL+qXDM/h3BQZJa5\nDwTcATaa/Qnk6YHbj/MaS5nzCSmR0Xmvs/3CulQYiZJ3kypns1KdqlGuwkfiCCgD\nyWJy7NE9qdj6xxLdqzne2DCyuPrjFPS0mmYimpykgbPnirEPBF1LW3GJc9yfhVXE\nCc8OY8lWzxazDNNbeSRDpAGbBeGSQXGjAbliFJxwLyGzZ+cG+G8lc+zSvWjQu4Xp\nGJ+dOREhQhl+9U8oyPX34gfKo63muSgo539hGylqgQyzj+SX8OgK1FXXb2LS1gxt\nVIR5Qc4MmiEG2LKwPwfU8Yi+t5TYjGh8gaFv6NnksoX4hU42gP5KvjYggDpR+NSN\nCGQSWHfZASAYDpxjrOo+rk4xnO+sbuuMk7gORsrl+jgRT8F2VqoR9Z3CEdQxcCjR\n5FsfTymZCk3GfIbWKkaeLQIDAQABo4H2MIHzMB0GA1UdDgQWBBRvx4NzSbWnY/91\n3m1u/u37l6MsADCBtgYDVR0jBIGuMIGrgBRvx4NzSbWnY/913m1u/u37l6MsAKGB\nh6SBhDCBgTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNV\nBAcMDVNhbiBGcmFuY2lzY28xDzANBgNVBAoMBkJhZFNTTDE0MDIGA1UEAwwrQmFk\nU1NMIFVudHJ1c3RlZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eYIJAJeg/PrX\n5Sj9MAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IC\nAQBQU9U8+jTRT6H9AIFm6y50tXTg/ySxRNmeP1Ey9Zf4jUE6yr3Q8xBv9gTFLiY1\nqW2qfkDSmXVdBkl/OU3+xb5QOG5hW7wVolWQyKREV5EvUZXZxoH7LVEMdkCsRJDK\nwYEKnEErFls5WPXY3bOglBOQqAIiuLQ0f77a2HXULDdQTn5SueW/vrA4RJEKuWxU\niD9XPnVZ9tPtky2Du7wcL9qhgTddpS/NgAuLO4PXh2TQ0EMCll5reZ5AEr0NSLDF\nc/koDv/EZqB7VYhcPzr1bhQgbv1dl9NZU0dWKIMkRE/T7vZ97I3aPZqIapC2ulrf\nKrlqjXidwrGFg8xbiGYQHPx3tHPZxoM5WG2voI6G3s1/iD+B4V6lUEvivd3f6tq7\nd1V/3q1sL5DNv7TvaKGsq8g5un0TAkqaewJQ5fXLigF/yYu5a24/GUD783MdAPFv\ngWz8F81evOyRfpf9CAqIswMF+T6Dwv3aw5L9hSniMrblkg+ai0K22JfoBcGOzMtB\nKe/Ps2Za56dTRoY/a4r62hrcGxufXd0mTdPaJLw3sJeHYjLxVAYWQq4QKJQWDgTS\ndAEWyN2WXaBFPx5c8KIW95Eu8ShWE00VVC3oA4emoZ2nrzBXLrUScifY6VaYYkkR\n2O2tSqU8Ri3XRdgpNPDWp8ZL49KhYGYo3R/k98gnMHiY5g==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "eJDIk01YabJdL40NZG+aXXOFuoU=", - "fingerprint_sha256": "QxlLVvF80Lcr5UizWuk62xZk5AI9HX0JV/W6tmox/j0=", - "hpkp_pin": "sr2tjak7H6QRi8o0fyIXGWdPiU32rDsczcIEAqA+s4g=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=San Francisco", - "value": "San Francisco" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=BadSSL", - "value": "BadSSL" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=BadSSL Untrusted Root Certificate Authority", - "value": "BadSSL Untrusted Root Certificate Authority" - } - ], - "rfc4514_string": "CN=BadSSL Untrusted Root Certificate Authority,O=BadSSL,L=San Francisco,ST=California,C=US" - }, - "not_valid_after": "2036-07-02T06:31:35", - "not_valid_before": "2016-07-07T06:31:35", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 825153069548157110656480895744663805056235829815559759119430678767205343098765745070469913549114557459135132014295900635324494657959068772060952244866788629644136992601909842985999668766444002794218622944923027847441590460203903121789500589117545917109920328795801185985628705822841279193957844811407089312484231412579483272569414105735377812856603889924854422222593949989133632772144057758782719770004385996261931744121410918816491703067772317619015773705486716206857702033014392848995889107225072950193556471624868883309057959179618472291437424610747430411150523084415214255781584631961310561511166547591336101392197782646989320324375135943250579423537081532715770555928199232760398808221689087930151536007174233258775763444991967788164398999962148130641333161884663352395877671452257849428365864949780957198497910684544506849326439798602961607299702949360445707023149101762941220161328135946724872522667466577070038011334563613732589064053057320535983730142200505866772352995368938396202535883917708337908922029617572780368414030159567912307286116726562101157492724006866285059569682137791508402372048252554857692482228226376330152984437859506226758552055332905937300769920711691996568499817010802549733100469386009384797719666221 - }, - "serial_number": 10926010850294966525, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=San Francisco", - "value": "San Francisco" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=BadSSL", - "value": "BadSSL" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=BadSSL Untrusted Root Certificate Authority", - "value": "BadSSL Untrusted Root Certificate Authority" - } - ], - "rfc4514_string": "CN=BadSSL Untrusted Root Certificate Authority,O=BadSSL,L=San Francisco,ST=California,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "received_chain_contains_anchor_certificate": null, - "received_chain_has_valid_order": true, - "verified_certificate_chain": null, - "verified_chain_has_legacy_symantec_anchor": null, - "verified_chain_has_sha1_signature": null - } - ], - "hostname_used_for_server_name_indication": "untrusted-root.badssl.com" + "date_scans_completed": "2021-12-22T13:01:41.243173", + "date_scans_started": "2021-12-22T13:00:54.202468", + "server_scan_results": [ + { + "connectivity_error_trace": null, + "connectivity_result": { + "cipher_suite_supported": "ECDHE-RSA-AES128-GCM-SHA256", + "client_auth_requirement": "DISABLED", + "highest_tls_version_supported": "TLS_1_2", + "supports_ecdh_key_exchange": true + }, + "connectivity_status": "COMPLETED", + "network_configuration": { + "network_max_retries": 3, + "network_timeout": 5, + "tls_client_auth_credentials": null, + "tls_opportunistic_encryption": null, + "tls_server_name_indication": "untrusted-root.badssl.com", + "xmpp_to_hostname": null + }, + "scan_result": { + "certificate_info": { + "error_reason": null, + "error_trace": null, + "result": { + "certificate_deployments": [ + { + "leaf_certificate_has_must_staple_extension": false, + "leaf_certificate_is_ev": false, + "leaf_certificate_signed_certificate_timestamps_count": 0, + "leaf_certificate_subject_matches_hostname": true, + "ocsp_response": null, + "ocsp_response_is_trusted": null, + "path_validation_results": [ + { + "openssl_error_string": "self signed certificate in certificate chain", + "trust_store": { + "ev_oids": null, + "name": "Android", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/google_aosp.pem", + "version": "12.0.0_r3" }, - "status": "COMPLETED" - }, - "elliptic_curves": { - "error_reason": null, - "error_trace": null, - "result": { - "rejected_curves": [ - { - "name": "X25519", - "openssl_nid": 1034 - }, - { - "name": "X448", - "openssl_nid": 1035 - }, - { - "name": "prime192v1", - "openssl_nid": 409 - }, - { - "name": "secp160k1", - "openssl_nid": 708 - }, - { - "name": "secp160r1", - "openssl_nid": 709 - }, - { - "name": "secp160r2", - "openssl_nid": 710 - }, - { - "name": "secp192k1", - "openssl_nid": 711 - }, - { - "name": "secp224k1", - "openssl_nid": 712 - }, - { - "name": "secp224r1", - "openssl_nid": 713 - }, - { - "name": "secp256k1", - "openssl_nid": 714 - }, - { - "name": "secp384r1", - "openssl_nid": 715 - }, - { - "name": "secp521r1", - "openssl_nid": 716 - }, - { - "name": "sect163k1", - "openssl_nid": 721 - }, - { - "name": "sect163r1", - "openssl_nid": 722 - }, - { - "name": "sect163r2", - "openssl_nid": 723 - }, - { - "name": "sect193r1", - "openssl_nid": 724 - }, - { - "name": "sect193r2", - "openssl_nid": 725 - }, - { - "name": "sect233k1", - "openssl_nid": 726 - }, - { - "name": "sect233r1", - "openssl_nid": 727 - }, - { - "name": "sect239k1", - "openssl_nid": 728 - }, - { - "name": "sect283k1", - "openssl_nid": 729 - }, - { - "name": "sect283r1", - "openssl_nid": 730 - }, - { - "name": "sect409k1", - "openssl_nid": 731 - }, - { - "name": "sect409r1", - "openssl_nid": 732 - }, - { - "name": "sect571k1", - "openssl_nid": 733 - }, - { - "name": "sect571r1", - "openssl_nid": 734 - } - ], - "supported_curves": [ - { - "name": "prime256v1", - "openssl_nid": 415 - } - ], - "supports_ecdh_key_exchange": true + "verified_certificate_chain": null, + "was_validation_successful": false + }, + { + "openssl_error_string": "self signed certificate in certificate chain", + "trust_store": { + "ev_oids": null, + "name": "Apple", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/apple.pem", + "version": "iOS 15, iPadOS 15, macOS 12, tvOS 15, and watchOS 8" }, - "status": "COMPLETED" - }, - "heartbleed": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_heartbleed": false + "verified_certificate_chain": null, + "was_validation_successful": false + }, + { + "openssl_error_string": "self signed certificate in certificate chain", + "trust_store": { + "ev_oids": null, + "name": "Java", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/oracle_java.pem", + "version": "jdk-13.0.2" }, - "status": "COMPLETED" - }, - "http_headers": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "openssl_ccs_injection": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_ccs_injection": false + "verified_certificate_chain": null, + "was_validation_successful": false + }, + { + "openssl_error_string": "self signed certificate in certificate chain", + "trust_store": { + "ev_oids": [ + { + "dotted_string": "1.2.276.0.44.1.1.1.4", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.392.200091.100.721.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.40.0.17.1.22", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.616.1.113527.2.5.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.159.1.17.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.13177.10.1.3.10", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14370.1.6", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14777.6.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14777.6.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.14.2.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.14.2.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.8.12.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.8.12.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.22234.2.5.2.3.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.23223.1.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.29836.1.10", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.3", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.4", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.36305.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.40869.1.1.22.3", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.4146.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.4788.2.202.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.6334.1.100.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.6449.1.2.1.5.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.782.1.2.1.8.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.7879.13.24.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.8024.0.2.100.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.156.112554.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.528.1.1003.1.2.7", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.578.1.26.1.3.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.756.1.83.21.0", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.756.1.89.1.2.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.792.3.0.3.1.1.5", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.792.3.0.4.1.1.4", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.113733.1.7.23.6", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.113733.1.7.48.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114028.10.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114171.500.9", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114404.1.1.2.4.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114412.2.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114413.1.7.23.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114414.1.7.23.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114414.1.7.24.3", + "name": "Unknown OID" + } + ], + "name": "Mozilla", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/mozilla_nss.pem", + "version": "2021-09-25" }, - "status": "COMPLETED" - }, - "robot": { - "error_reason": null, - "error_trace": null, - "result": { - "robot_result": "NOT_VULNERABLE_NO_ORACLE" + "verified_certificate_chain": null, + "was_validation_successful": false + }, + { + "openssl_error_string": "self signed certificate in certificate chain", + "trust_store": { + "ev_oids": null, + "name": "Windows", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/microsoft_windows.pem", + "version": "2021-09-25" + }, + "verified_certificate_chain": null, + "was_validation_successful": false + } + ], + "received_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIEmTCCAoGgAwIBAgIJAMJ1vCpOBAlkMA0GCSqGSIb3DQEBCwUAMIGBMQswCQYD\nVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5j\naXNjbzEPMA0GA1UECgwGQmFkU1NMMTQwMgYDVQQDDCtCYWRTU0wgVW50cnVzdGVk\nIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTIxMTIwNDAwMDgxOVoXDTIz\nMTIwNDAwMDgxOVowYjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWEx\nFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDzANBgNVBAoMBkJhZFNTTDEVMBMGA1UE\nAwwMKi5iYWRzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA\nwgTs+IzuBMKz2FDVcFjMkxjrXKhoSbAitfmVnrErLHY+bMBLYExM6rK0wA+AtrD5\ncsmGAvlcQV0TK39xxEu86ZQuUDemZxxhjPZBQsVG0xaHJ5906wqdEVImIXNshEx5\nVeTRa+gGPUgVUq2zKNuq/27/YJVKd2s58STRMbbdTcDE/FO5bUKttXz+rvUV0jNI\n5yJxx8IUemwo6jdK3+pstXK0flqiFtxpsVdE2woSq97DD0d0XEEi4Zr5G5PmrSIG\nKS6xukkcDCeeo/uL90ByAKySCNmMV4RTgQXL5v5rVJhAJ4XHELtzcO9pGEEHRVV8\n+WQ/PSzDqXzrkxpMhtHKhQIDAQABozIwMDAJBgNVHRMEAjAAMCMGA1UdEQQcMBqC\nDCouYmFkc3NsLmNvbYIKYmFkc3NsLmNvbTANBgkqhkiG9w0BAQsFAAOCAgEADVgB\nIas+fb/Ckdnw5iSYsfRIcfhnTBNgvroorUQe09Psx0tAbjlIYqOCtloNhvCbJYa7\ntQQOO65s7RKArpAA1qoapWfDti2aHuMNvGwImwX538RiLf4Rm4MEF6vuF6MZMH/u\nTs1iugB3+d7oSWl/K+RvA4NMRNrlxOLelBJwaTsExsQ5QalpPamongnyWXHZ2Sna\ndsw9hBku9ZmlRqYOCE/TajsydqCIhCc2QC5xdd3fxXlcfq5h7G0oOuCYvW7BscTk\nAQZYkwS+y3mTHF9wSlxJB4iEGC0NovdM5GsVgfvZ5+jtXGuDlsphAIFLxpIJi1bR\n+NsAkEthHoQZDNttvtVJPFPp83PdRDmL6IwrbbXvAwZWWgYmS6HpbF5bxR09JIOA\nKttGK1wnd6bh2d9Xy6kfoxZ1gz6i2y5OpxbMoi6z8o1Y2hSOv2kgnD2fxtR9X4OO\nwrwWZWnhwsiq7pnZbZiA9GFR4tKZVcJ5ny5aul/MZ0wb5MST7wHW/7qhydfBpOy6\nhZ5BSbwfmBao+CJ7NxNJb5c03W5+/Vf1uxXZhodpag6Z5p0rru0v7ea9nMk5dNUm\nqR+2XGwzDk9n8jCWwfvSKCa77rf2HqKi8ZaQN/NRp7uVqfY++JVI+h3CLyMk8wTL\nFifbLPKbSCW7PAFEfM3wh76VQg1CHpHOPVp/wno=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "NHl/fIcVNzR2aZnuVUBmhJpEzrk=", + "fingerprint_sha256": "AkYkLmjJ3wEps5x7bqlVBshHBgHD+c0ZwxOtcHR61CM=", + "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=San Francisco", + "value": "San Francisco" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=BadSSL", + "value": "BadSSL" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=BadSSL Untrusted Root Certificate Authority", + "value": "BadSSL Untrusted Root Certificate Authority" + } + ], + "rfc4514_string": "CN=BadSSL Untrusted Root Certificate Authority,O=BadSSL,L=San Francisco,ST=California,C=US" + }, + "not_valid_after": "2023-12-04T00:08:19", + "not_valid_before": "2021-12-04T00:08:19", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 }, - "status": "COMPLETED" - }, - "session_renegotiation": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_client_renegotiation_dos": false, - "supports_secure_renegotiation": true + "serial_number": 14012312705516702052, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" }, - "status": "COMPLETED" - }, - "session_resumption": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "ssl_2_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_RC4_128_WITH_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "SSL_CK_RC4_128_EXPORT40_WITH_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_RC2_128_CBC_WITH_MD5", - "openssl_name": "RC2-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_IDEA_128_CBC_WITH_MD5", - "openssl_name": "IDEA-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "SSL_CK_DES_64_CBC_WITH_MD5", - "openssl_name": "DES-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "SSL_CK_DES_192_EDE3_CBC_WITH_MD5", - "openssl_name": "DES-CBC3-MD5" - }, - "error_message": "Server rejected the connection" - } - ], - "tls_version_used": "SSL_2_0" + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" }, - "status": "COMPLETED" - }, - "ssl_3_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "SSL_3_0" + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=San Francisco", + "value": "San Francisco" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=BadSSL", + "value": "BadSSL" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.badssl.com", + "value": "*.badssl.com" + } + ], + "rfc4514_string": "CN=*.badssl.com,O=BadSSL,L=San Francisco,ST=California,C=US" }, - "status": "COMPLETED" - }, - "tls_1_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BHOyMG5kQsDopUtS9vlH4ZXx73pPCYxwc2np3FQcp0Mbt2glzkXvLsyS0x4TFW26j4t4Z6n17mu9nrTnTVxN4lE=", - "size": 256, - "type_name": "ECDH", - "x": "c7IwbmRCwOilS1L2+UfhlfHvek8JjHBzaencVBynQxs=", - "y": "t2glzkXvLsyS0x4TFW26j4t4Z6n17mu9nrTnTVxN4lE=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BF83kyG0Tt/fJ3sYffYi3kFWIM2Q0n5RzyWREjJknvPPy1kPmt4BvLVK4WJhxdpTwXJUDCdZniZ106HWHpQguVE=", - "size": 256, - "type_name": "ECDH", - "x": "XzeTIbRO398nexh99iLeQVYgzZDSflHPJZESMmSe888=", - "y": "y1kPmt4BvLVK4WJhxdpTwXJUDCdZniZ106HWHpQguVE=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BErCWmVqVNVClRDS2heKqEDFFi2yH5dreTS0jtR3wM+lAPyxQT8Az2gmlcdx+XZrdgVSFp9QD+F+flsqcP40TNs=", - "size": 256, - "type_name": "ECDH", - "x": "SsJaZWpU1UKVENLaF4qoQMUWLbIfl2t5NLSO1HfAz6U=", - "y": "/LFBPwDPaCaVx3H5dmt2BVIWn1AP4X5+Wypw/jRM2w==" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "k49joPhbl1zeJDfAyn2GmVWNl6i0mzY+c+xomtyWubLgoZuxsw18B1fH5MgseQQFu45Huk3mOpeIUoA4InZ4Bd/+shRaDSuplPX6LHJgYLJF2X5oqIl7mxU/WIu9HKhYdWz9V+il5p9uaT4IzZVV/2thXUlPcDkNYXE0B2pNODKMlNzIVFS9+r8LdWMImXpv6cRuVAz9i+xt9tE+FC68zw8DNYIoY3UIQCsEzJZIwrlbK35K8umOe2cLXYiaFOyl1UsUyfyJFNjzb3LTYdXjYEYw70hcOKfuOG17OVZEleVv7RmFqD62IXwF3cnTKVeCAIn9FUOFDJXjXxaMsp3z0w==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "BwGMHQxbqaP1m85TCW4NCB9/UK2MD5ueRvma1SueTD475BVWB0xQRSX7pmFc80tZ24K4o/8qoh6C6mh+8yu4n8KBXZDcFtmh9j1HH+4s+wYqywXOvcHlcp+P2itoZlOg9r3QYcVtESMY23jCI5qqMDvVB+1sQNZGLSovjA3KLw/id8MNq0N5KJdCyb0AIuF/CMGRUJ2YUIOk5W840GcQN+dMrUqSk/ovmJHu8DdAV0OHXg3SnxxTrCZAelQiRs56yL+3pK06Elqh+fa1Zg59cddId7UpOGuWSdc30WC90FTDjHu7ZhPpRN4f/T0Yxv1944AFcGKf3u8WEvgvaDj7GA==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "du1kdmwBfWC/s5xyvrtadV7C6gYcktWGReeqnr4ILVICBlgpoOOcuavO/zjWlCAuoxI/k9a6AsfZD/E/YqTyvmpymt3tOuGV/YggiFkELCN19ZCkK8XyaHBQvHGT6aDjYR8xnFZzUuGFzsfkrDgpH0v135qP+FxZW4q8Na6UhI8du3SRzuLI7hX/WeQTO2a5wKMMllgirg1gm7Wzi6EDaDO0pzGxmhKDgKQNbdolWMShLLwRurQjwplYgnq2MYKRKui8Nj2ModcIuMEjIcHOk/9DQWYnAwHIVe9gnkYNMzDKKLW05uN6bKr6QhPOledQdTcikdq9nuvzpr9svjI9jw==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "Q25hTZoJka9MDTwGlnUEgULX6XVPEEorCwm4d6tG3CDq7SqOkfp1NZfa+8Z7PqdGrkHWOkvy2FYH4nu/qPzPjh529bMnwJqBaBlA99QvRKeaF/Ee/5AZuvkFqaAQ+NpLV9SfkIEosAPVg5LEfcPO3F+KgY3PdDEwtBrjE0ERbn8iono5SfqmnV10paMa+nhgBt3ejpXOw6y9H3YndfGOAuILtZuestPimbMZ/FkAJb9Bnma1yyED7L3g+1Bk7JLecfd6RqfvCnbvCOYt86l8bh5xHRCW+ZXsEe1TPQEXAOK1qwuJF7xlqNsnpLYM2mtnF8lqZDjGCXuRG1kFcm0iAQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_0" + "subject_alternative_name": { + "dns": ["*.badssl.com", "badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGfjCCBGagAwIBAgIJAJeg/PrX5Sj9MA0GCSqGSIb3DQEBCwUAMIGBMQswCQYD\nVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5j\naXNjbzEPMA0GA1UECgwGQmFkU1NMMTQwMgYDVQQDDCtCYWRTU0wgVW50cnVzdGVk\nIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTE2MDcwNzA2MzEzNVoXDTM2\nMDcwMjA2MzEzNVowgYExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlh\nMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMQ8wDQYDVQQKDAZCYWRTU0wxNDAyBgNV\nBAMMK0JhZFNTTCBVbnRydXN0ZWQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkw\nggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKQtPMhEH073gis/HISWAi\nbOEpCtOsatA3JmeVbaWal8O/5ZO5GAn9dFVsGn0CXAHR6eUKYDAFJLa/3AhjBvWa\ntnQLoXaYlCvBjodjLEaFi8ckcJHrAYG9qZqioRQ16Yr8wUTkbgZf+er/Z55zi1yn\nCnhWth7kekvrwVDGP1rApeLqbhYCSLeZf5W/zsjLlvJni9OrU7U3a9msvz8mcCOX\nfJX9e3VbkD/uonIbK2SvmAGMaOj/1k0dASkZtMws0Bk7m1pTQL+qXDM/h3BQZJa5\nDwTcATaa/Qnk6YHbj/MaS5nzCSmR0Xmvs/3CulQYiZJ3kypns1KdqlGuwkfiCCgD\nyWJy7NE9qdj6xxLdqzne2DCyuPrjFPS0mmYimpykgbPnirEPBF1LW3GJc9yfhVXE\nCc8OY8lWzxazDNNbeSRDpAGbBeGSQXGjAbliFJxwLyGzZ+cG+G8lc+zSvWjQu4Xp\nGJ+dOREhQhl+9U8oyPX34gfKo63muSgo539hGylqgQyzj+SX8OgK1FXXb2LS1gxt\nVIR5Qc4MmiEG2LKwPwfU8Yi+t5TYjGh8gaFv6NnksoX4hU42gP5KvjYggDpR+NSN\nCGQSWHfZASAYDpxjrOo+rk4xnO+sbuuMk7gORsrl+jgRT8F2VqoR9Z3CEdQxcCjR\n5FsfTymZCk3GfIbWKkaeLQIDAQABo4H2MIHzMB0GA1UdDgQWBBRvx4NzSbWnY/91\n3m1u/u37l6MsADCBtgYDVR0jBIGuMIGrgBRvx4NzSbWnY/913m1u/u37l6MsAKGB\nh6SBhDCBgTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNV\nBAcMDVNhbiBGcmFuY2lzY28xDzANBgNVBAoMBkJhZFNTTDE0MDIGA1UEAwwrQmFk\nU1NMIFVudHJ1c3RlZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eYIJAJeg/PrX\n5Sj9MAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IC\nAQBQU9U8+jTRT6H9AIFm6y50tXTg/ySxRNmeP1Ey9Zf4jUE6yr3Q8xBv9gTFLiY1\nqW2qfkDSmXVdBkl/OU3+xb5QOG5hW7wVolWQyKREV5EvUZXZxoH7LVEMdkCsRJDK\nwYEKnEErFls5WPXY3bOglBOQqAIiuLQ0f77a2HXULDdQTn5SueW/vrA4RJEKuWxU\niD9XPnVZ9tPtky2Du7wcL9qhgTddpS/NgAuLO4PXh2TQ0EMCll5reZ5AEr0NSLDF\nc/koDv/EZqB7VYhcPzr1bhQgbv1dl9NZU0dWKIMkRE/T7vZ97I3aPZqIapC2ulrf\nKrlqjXidwrGFg8xbiGYQHPx3tHPZxoM5WG2voI6G3s1/iD+B4V6lUEvivd3f6tq7\nd1V/3q1sL5DNv7TvaKGsq8g5un0TAkqaewJQ5fXLigF/yYu5a24/GUD783MdAPFv\ngWz8F81evOyRfpf9CAqIswMF+T6Dwv3aw5L9hSniMrblkg+ai0K22JfoBcGOzMtB\nKe/Ps2Za56dTRoY/a4r62hrcGxufXd0mTdPaJLw3sJeHYjLxVAYWQq4QKJQWDgTS\ndAEWyN2WXaBFPx5c8KIW95Eu8ShWE00VVC3oA4emoZ2nrzBXLrUScifY6VaYYkkR\n2O2tSqU8Ri3XRdgpNPDWp8ZL49KhYGYo3R/k98gnMHiY5g==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "eJDIk01YabJdL40NZG+aXXOFuoU=", + "fingerprint_sha256": "QxlLVvF80Lcr5UizWuk62xZk5AI9HX0JV/W6tmox/j0=", + "hpkp_pin": "sr2tjak7H6QRi8o0fyIXGWdPiU32rDsczcIEAqA+s4g=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=San Francisco", + "value": "San Francisco" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=BadSSL", + "value": "BadSSL" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=BadSSL Untrusted Root Certificate Authority", + "value": "BadSSL Untrusted Root Certificate Authority" + } + ], + "rfc4514_string": "CN=BadSSL Untrusted Root Certificate Authority,O=BadSSL,L=San Francisco,ST=California,C=US" }, - "status": "COMPLETED" - }, - "tls_1_1_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BCUnUQTJYunQuVZyUjfp95NgDkz7InyWCBTmhvIlPNKgbIMrV1jHOFm/P9sL2Ln0ZaJZpBi0adePbVyUnD9VEpg=", - "size": 256, - "type_name": "ECDH", - "x": "JSdRBMli6dC5VnJSN+n3k2AOTPsifJYIFOaG8iU80qA=", - "y": "bIMrV1jHOFm/P9sL2Ln0ZaJZpBi0adePbVyUnD9VEpg=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BNISJHJuf8/E7yntKxnmdRot03b4R5W4stsBtVYYMHQoE44Vvx43wS5S0NqJCMx0V3wejPfaLrv8wGDWTB3GxZI=", - "size": 256, - "type_name": "ECDH", - "x": "0hIkcm5/z8TvKe0rGeZ1Gi3TdvhHlbiy2wG1VhgwdCg=", - "y": "E44Vvx43wS5S0NqJCMx0V3wejPfaLrv8wGDWTB3GxZI=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BOMjNELGFylN284I1bQgffvk1trCqHezDEbYnM1LWIVKkdH3lSjsf+gdK/O6NeFwP8y26uUCbuVcpH/3Lpu66F4=", - "size": 256, - "type_name": "ECDH", - "x": "4yM0QsYXKU3bzgjVtCB9++TW2sKod7MMRticzUtYhUo=", - "y": "kdH3lSjsf+gdK/O6NeFwP8y26uUCbuVcpH/3Lpu66F4=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "ZGQYxOlRIToexvDmKkKM11UGgnhn5WIcGSAFwwObCm+2VSe4n86qwSGClqlH4Z8v5UiVU0js4JwapU3XVmgFJHtoplaKQK6aNHbWeS7eDgxJ3p0yt45jAao9HAIy2EqXqpl8jZc3a8z45Q7mcQW6PPDfcSFszPeHQiUv1AdBoYBQIn361R2PhDJXfcwUtpzE/wyqocGKJfPYvGy0TkspRc7LqnkkkLTMyeFv0LHMu03In0P8DVKxXMdm7WtMUK4uNdddekeaka8vb8BjJc9DdLwEb0Zfek14qTJd3l076gYJCYlDW+WYisEkRWHBEzomJIm2SGtfz8vzhXCEqf+m3w==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "V+1I1kEPtGP/NL6TUdlUvfJ2NuBK8GOdsc9TgNIlD5pH3uYXgU/+ZTOdgoueUJVGrA1nLsPjbxgbLfP6ZoeP4jYOdGypAPuTc2cYyZ+Jinh8DnGlpyHgQb2rLdZzwrcTuSGWMQlW3/SdCVPWiDp7VCDtv7YYOT44z2PljxRyz9Ur2TXB7Qv1i98otPnYXadrfFgFJHSlEVBab7+HebBHzMeDliHG/vUrFXm2RD0Lgix7QZNF7W6tCktqs8c9HkuWnKxSTrLPWKVx28xHW80vbHOpodBls7oDr+1DT4qPODSysUFuN46JEPRVbfkdjEF/Yi55OoYjUT5QrQ+pBp8qiQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "DR+z+bEJ8KlvTFEk17ahzrapw/Zgo7/fkesL9Dj+yn24t5a0ZLRulsj7QGXqlj9rLBrAVcho2X2KQpCxL0aJISOI7o+V19R6vgWIsr1WSZll2SKsyC2tr4gjKxbqOL4wgPb8KRA/qt2t8BvHafaz0Aa3EV8lnyy43IpQqc10A1P5Qrg1yDWBiVWhENWePd40HCppKK6Vt3Zh6bhmhXvDPQsQmP3h0alrYRYLDtsHP99EPVOQdFBT+pWmuc0ph5V0Y0f3kasFoGt26fbT6EJms14HTsxsIUcluoiWXsMNO7mOwRj3ts4WDc4EZJ/CLM1JGUfAeAGjmSMST5HW9j5xpg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "ddu/S8eIWJDij8uAOkzbZuDhab6RrVc/Q8CCjgPZECV/HAAaHESduhjN+RwSMg6lG27Yhwx806SfKdQD8B8bGdHlcNanUkkTy49JGrEqKIMs3gQ8WXZbVAghN/2gTLuG7AQS3ZXXwNVpuVmrQ3YLBL5fdCwwcvhqxoJ9L9ATEf/TH8l6JOxpe47aG6dVZibp6JzVQoyqC6TNYk8SMJZJSrq0RevAh6iW752tfV1gdfYZHTzHolctgMEhgwCbrVsqkp/RHuoo3UWegnqqRVVisAJIpSBthM9YYvsY3F8VKm6tjq+8rZ0Ub5mirpjS3dhBywHSF/VaEqJRi4+niMQBaA==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_1" + "not_valid_after": "2036-07-02T06:31:35", + "not_valid_before": "2016-07-07T06:31:35", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 825153069548157110656480895744663805056235829815559759119430678767205343098765745070469913549114557459135132014295900635324494657959068772060952244866788629644136992601909842985999668766444002794218622944923027847441590460203903121789500589117545917109920328795801185985628705822841279193957844811407089312484231412579483272569414105735377812856603889924854422222593949989133632772144057758782719770004385996261931744121410918816491703067772317619015773705486716206857702033014392848995889107225072950193556471624868883309057959179618472291437424610747430411150523084415214255781584631961310561511166547591336101392197782646989320324375135943250579423537081532715770555928199232760398808221689087930151536007174233258775763444991967788164398999962148130641333161884663352395877671452257849428365864949780957198497910684544506849326439798602961607299702949360445707023149101762941220161328135946724872522667466577070038011334563613732589064053057320535983730142200505866772352995368938396202535883917708337908922029617572780368414030159567912307286116726562101157492724006866285059569682137791508402372048252554857692482228226376330152984437859506226758552055332905937300769920711691996568499817010802549733100469386009384797719666221 }, - "status": "COMPLETED" - }, - "tls_1_2_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "AES256-GCM-SHA384" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "AES256-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "AES128-GCM-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "AES128-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDHE-RSA-AES256-GCM-SHA384" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BNjLv/PQqyEy8opvYOJOUnPCOjMJe2/U3cdnMtT4+gjjuQVIJOT6b/g3y7R4SxO5l6N/8qhBI1DICwwLNdYMhoM=", - "size": 256, - "type_name": "ECDH", - "x": "2Mu/89CrITLyim9g4k5Sc8I6Mwl7b9Tdx2cy1Pj6COM=", - "y": "uQVIJOT6b/g3y7R4SxO5l6N/8qhBI1DICwwLNdYMhoM=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDHE-RSA-AES256-SHA384" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BMlBmxqvjB2k9gyeqBzCJ3JINP58sRtDtLFXLuITijf05f0pIeHp9HSNsBrIHJ79sQTISRvun7hmzjWkzywIBUU=", - "size": 256, - "type_name": "ECDH", - "x": "yUGbGq+MHaT2DJ6oHMInckg0/nyxG0O0sVcu4hOKN/Q=", - "y": "5f0pIeHp9HSNsBrIHJ79sQTISRvun7hmzjWkzywIBUU=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BFAVl1bwWe/ZdL+a3bvfg0W36KvFBuPHTljYpKcyXjtZBss9EufvZB4whSn7Fr7OGe5T6ctxq6QNEDxjSWKfGGA=", - "size": 256, - "type_name": "ECDH", - "x": "UBWXVvBZ79l0v5rdu9+DRbfoq8UG48dOWNikpzJeO1k=", - "y": "Bss9EufvZB4whSn7Fr7OGe5T6ctxq6QNEDxjSWKfGGA=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDHE-RSA-AES128-GCM-SHA256" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BMWuCbYnNtNyGu9xn1U/gyy6DRxEb0V7Yep8+ZSthboR6psBjwxLjuhkFytYKfLPlpMPMMthEF9+aAUSKOpGLB0=", - "size": 256, - "type_name": "ECDH", - "x": "xa4Jtic203Ia73GfVT+DLLoNHERvRXth6nz5lK2FuhE=", - "y": "6psBjwxLjuhkFytYKfLPlpMPMMthEF9+aAUSKOpGLB0=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDHE-RSA-AES128-SHA256" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BObmxwxgiwXEdUwcbNa6Y8pj7H0UKsPX2Kq893ktBNjSILv4ZOI25HkK8l0/kSYKBVazs0Sp7e371Wju6iV2abU=", - "size": 256, - "type_name": "ECDH", - "x": "5ubHDGCLBcR1TBxs1rpjymPsfRQqw9fYqrz3eS0E2NI=", - "y": "ILv4ZOI25HkK8l0/kSYKBVazs0Sp7e371Wju6iV2abU=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BCg7k940dNv0uiX5zuTtcxykMoWgVsBrM10RfC9GW0vwpzgbz1d+Wn1LE+wjptOM32iLo6QKj7BducSrS59+kNA=", - "size": 256, - "type_name": "ECDH", - "x": "KDuT3jR02/S6JfnO5O1zHKQyhaBWwGszXRF8L0ZbS/A=", - "y": "pzgbz1d+Wn1LE+wjptOM32iLo6QKj7BducSrS59+kNA=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BNnkmGlMS7aikR7D0N7gPatfjw+YfUA/nWU8ZndkZJFg/q2m3zldM8tTWzEwnQbYLOQanrp0nWw7vWzI+BUS/Ak=", - "size": 256, - "type_name": "ECDH", - "x": "2eSYaUxLtqKRHsPQ3uA9q1+PD5h9QD+dZTxmd2RkkWA=", - "y": "/q2m3zldM8tTWzEwnQbYLOQanrp0nWw7vWzI+BUS/Ak=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "MktVUdzXupnsdny8rWd/RdncPhN4yQMQqXrfLMdLm9wKgqDUu9KKxgiCBqnErZMzw/90g0xOHF7+qhJ+V2gf0GxETUnAw+YAn1dwWF2ivh6u+M5t50e38lhk0myLZDZvWjCp24wD5aJtYQQS8U+vYJTiP/V+c7Dutx2YhxB+MQ7Qlwin122gz9TGNfRe4xasABTKf9yRdk7RTkbC5UhnJnrFOgk7zdC7ws65HsLhTzj7RfV01mqAlXG4YB5oEUeUHvqX8Z8Se9bfdHsfhokqx+XzzC4FayYFVt7gvxUOdgc1XJxsBiKkiaK4ImXnse4BO25e+R/KUXY6bJS46PYQ+w==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "fIHHfOJ6GgPalAgqW0dzdgo8b90TfYJbrYsfLZoaBBEtl8KEpJG86mPmlP3iBynuAXwOki4PQvXujhK3pe/HFRlH6GdFuocKnwkvCEPzDEc/E8AeUrPamdLWZo/5AMwCAOwcj8K6I0/u60R1OG8exVJOMoChapbJm+eadkxarZ8eo4IF6BnNd3IkcWEB2oosxuV7S458KC0+OWoO0Wwwgn+PW0ywgTxY/WtpnBLTXoIbqLWowCy/bBvpkBT+bWCpkp0ythRLpSQ4xxp/8iT5TYN8lW4hOUVU659GOU2ZGfq8UfmzJwX36qqEcBptCXBOcu4Z/OKEpYi0KfOIQLXOJA==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "DHE-RSA-AES256-GCM-SHA384" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "r5RZgQlPbbN3k2MOURyl+KyDJMv4Ez22vv2OyHh3qPmNWBz1s9LNSeCiRz3DgEZ5pfy3114ARbByOmVIHpAdoE4SSCJQm7pE9VkvOgZ/ZyZZGEHSeMoxuhakssGUKzLosNDLBg6D1xE+pgeEXbOu7I5T90eJeHM+nzd2bYWHnhZTpFhiI1/1P8b0/Pcgg5+4SyRlm5IG7XKl/2e8UYcbvVkhlZ8/U1W9MjgXepr9DAV0e3ScjQmBMTP2kRx3NZApeTLjGecjeva8KBesk8fKchjK8aOx0nfNAqzm+OLMLaNQ0VOTZG0zaP36Tkp9KDatQkkkZzo7sDswn1aQSpbZqg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "DHE-RSA-AES256-SHA256" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "tMj4Ghk5UhZ7EJBG1owSdpd3ZZMF35jqBvW4b4j/0j9P0Nv2y4thCSC8jR0wa4w6BqbDMgspy4WdOnB65RAoj1tptH4UxV9QMxBRgIJ4c+HlbiYmL+rk+LNeKz7viXwzDVFI4Jv/kMB1bGL6zDPFuGuoil4+clZF04XqVymKEZMoFzb5O2EsPHeyImAfkASLIhL2RkTymHUe7YZKoP7YJ8l4m+nQS8WneeY42g/siUaYpevZQF4m8QEKKl1AMityVCgsueu9uCyBdIOH859slkmyDMDTGL/yPRkr9am4bgGtYfNue0DDFtZHwgO5LP6OhP7pOJOMcQbaHWQC+8ljNw==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "hOLDadoX3JWHMUboI9sjxbVPuHpMKYegOy6HSCZ3TksHk7mZNCCgkStpuMPnx7Vm/0Z89bSvWVQ//UrxkO8YPKaLPmf9a+f4vwhrsLUVRIGlLn4Niy9zXANrcRBj+WYfX2mcixN9ucmEujRkYvR8B0dKmhIDjxM+prK3z+8e0suhafpFMpTXVw638l4Bnin/v01RwGFUiwL0GfE6cU/Y6s/+TRfPoaRZl821Adl/KwBXzqD/ZL4U6ay3/XuWwDfQ7YMdDjySNBZGkPahh9+lWZFqy6xnQIqHrOFlPqg/v988ZOO10gtsaCpFmq95XMtEQty6r+lJK+uWUIMG6pAY9Q==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "DHE-RSA-AES128-GCM-SHA256" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "XscGJFmoQdZ6PheAxGLuvNpXl5B7DKwTweFLkDroy0/6NQ+WF/1NtJI9V4EmhTLuMTMKD0Py202hIbtdAQOYAKwacjxBH96k7AAvZXqKMLJAUPdQSkGJoZn3IFm4UO6zhb/4ADmoej/Nxju3u72Tp+Py+BDTQ+LFYoElTPOvdP76+LHlU/rLHODqAt3P9tqcpnFrGT4xKPnT980pX00RcaD+/mLCIVDSCxjSY+Zbr3EfxVNzL9CGaEVROBkcxC1Exl7kEdIHY3uf9CDhCi8Nx3nvV1yloUz6OE1cTXl+zmgH5WiAAbP/YQx6d9mL7Gg/5wYVVUHHEj69wt+EWfLiXQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "DHE-RSA-AES128-SHA256" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "eIejQwAsJeWXH7jjKaMJ4ibBahOtOm8DPSnK0+tYn+L6AxKi6NhpauLYK1fovMsD9OfLevItCRex6eWbhODQNqsDQEEiK5/eLsvEaEdfiB5P9FHMZVoH9By5eEFIIuws02y3QSNXZX/kvZadEi8Iv2BeGzqWM/KgZOg46CuXfTriGm3ujOghyREJ01rRYX+xwjQV+WJWqSbW4ZCsrVxgz4nZR7i/nFm0V4gKAxfVxtuKAGVRlRzHfBKEjExAzQerOvu0Qa9gYmWLWQMW3PSuNBYsE/NyWzruGys/UcfyqmNzQ2SohWP99JYlrKGOnV1pWivzyFA99UJ3ohF6mlfDNA==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "Ail0GVXRT902BS6QIdshF5HKjkoafXXNpin2VtekTxKHVTV1FZlFFwTZgnliG4pbPi/zkZ7lZEa2zqxnSIjrJSHXpKCqXx4dVPm36TtkZqUykrXKommv7n3DHrJwNFp7/GSMvV1G03ZoulSwn6JFnIXEVds27p2D1Kw/1TZwhtJTOacMzOkRk14caeo5rXtoWR6U1shf4A23nlYsm1vOA4z0UPkfQqAgbQslIMDTGNgsnuKSTo1ie0YXAnrK3YhkRFmkIkno4KxznOJxr6ZfafBOy0Rzwl4Vpf58/JES7A6UFj5SLMNB0dDSPFtQoCMLj7h55QpeIxTC3jfl/q7lHQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA256", - "openssl_name": "NULL-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_256_CCM_8", - "openssl_name": "AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CCM", - "openssl_name": "AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CCM_8", - "openssl_name": "AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CCM", - "openssl_name": "AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDH-RSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDH-RSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDH-RSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDH-RSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDH-ECDSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDH-ECDSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDH-ECDSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDH-ECDSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "ECDHE-RSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", - "openssl_name": "ECDHE-RSA-CAMELLIA256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "ECDHE-RSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ECDHE-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ECDHE-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "ECDHE-ECDSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", - "openssl_name": "ECDHE-ECDSA-CAMELLIA256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "ECDHE-ECDSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ECDHE-ECDSA-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ECDHE-ECDSA-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDHE-ECDSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", - "openssl_name": "ECDHE-ECDSA-AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", - "openssl_name": "ECDHE-ECDSA-AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDHE-ECDSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDHE-ECDSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", - "openssl_name": "ECDHE-ECDSA-AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", - "openssl_name": "ECDHE-ECDSA-AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDHE-ECDSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_GCM_SHA384", - "openssl_name": "ADH-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA256", - "openssl_name": "ADH-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_GCM_SHA256", - "openssl_name": "ADH-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA256", - "openssl_name": "ADH-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "DH-RSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "DH-RSA-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "DH-RSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "DH-RSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", - "openssl_name": "DH-DSS-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", - "openssl_name": "DH-DSS-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", - "openssl_name": "DH-DSS-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", - "openssl_name": "DH-DSS-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "DHE-RSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "DHE-RSA-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "DHE-RSA-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CCM_8", - "openssl_name": "DHE-RSA-AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CCM", - "openssl_name": "DHE-RSA-AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CCM_8", - "openssl_name": "DHE-RSA-AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CCM", - "openssl_name": "DHE-RSA-AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "DHE-DSS-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "DHE-DSS-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", - "openssl_name": "DHE-DSS-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", - "openssl_name": "DHE-DSS-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", - "openssl_name": "DHE-DSS-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", - "openssl_name": "DHE-DSS-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DHE-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_2" + "serial_number": 10926010850294966525, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" }, - "status": "COMPLETED" - }, - "tls_1_3_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_CHACHA20_POLY1305_SHA256", - "openssl_name": "TLS_CHACHA20_POLY1305_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_AES_256_GCM_SHA384", - "openssl_name": "TLS_AES_256_GCM_SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_GCM_SHA256", - "openssl_name": "TLS_AES_128_GCM_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_CCM_SHA256", - "openssl_name": "TLS_AES_128_CCM_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_CCM_8_SHA256", - "openssl_name": "TLS_AES_128_CCM_8_SHA256" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_3" + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" }, - "status": "COMPLETED" - }, - "tls_1_3_early_data": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "tls_compression": { - "error_reason": null, - "error_trace": null, - "result": { - "supports_compression": false + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=San Francisco", + "value": "San Francisco" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=BadSSL", + "value": "BadSSL" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=BadSSL Untrusted Root Certificate Authority", + "value": "BadSSL Untrusted Root Certificate Authority" + } + ], + "rfc4514_string": "CN=BadSSL Untrusted Root Certificate Authority,O=BadSSL,L=San Francisco,ST=California,C=US" }, - "status": "COMPLETED" + "subject_alternative_name": { + "dns": [] + } + } + ], + "received_chain_contains_anchor_certificate": null, + "received_chain_has_valid_order": true, + "verified_certificate_chain": null, + "verified_chain_has_legacy_symantec_anchor": null, + "verified_chain_has_sha1_signature": null + } + ], + "hostname_used_for_server_name_indication": "untrusted-root.badssl.com" + }, + "status": "COMPLETED" + }, + "elliptic_curves": { + "error_reason": null, + "error_trace": null, + "result": { + "rejected_curves": [ + { + "name": "X25519", + "openssl_nid": 1034 + }, + { + "name": "X448", + "openssl_nid": 1035 + }, + { + "name": "prime192v1", + "openssl_nid": 409 + }, + { + "name": "secp160k1", + "openssl_nid": 708 + }, + { + "name": "secp160r1", + "openssl_nid": 709 + }, + { + "name": "secp160r2", + "openssl_nid": 710 + }, + { + "name": "secp192k1", + "openssl_nid": 711 + }, + { + "name": "secp224k1", + "openssl_nid": 712 + }, + { + "name": "secp224r1", + "openssl_nid": 713 + }, + { + "name": "secp256k1", + "openssl_nid": 714 + }, + { + "name": "secp384r1", + "openssl_nid": 715 + }, + { + "name": "secp521r1", + "openssl_nid": 716 + }, + { + "name": "sect163k1", + "openssl_nid": 721 + }, + { + "name": "sect163r1", + "openssl_nid": 722 + }, + { + "name": "sect163r2", + "openssl_nid": 723 + }, + { + "name": "sect193r1", + "openssl_nid": 724 + }, + { + "name": "sect193r2", + "openssl_nid": 725 + }, + { + "name": "sect233k1", + "openssl_nid": 726 + }, + { + "name": "sect233r1", + "openssl_nid": 727 + }, + { + "name": "sect239k1", + "openssl_nid": 728 + }, + { + "name": "sect283k1", + "openssl_nid": 729 + }, + { + "name": "sect283r1", + "openssl_nid": 730 + }, + { + "name": "sect409k1", + "openssl_nid": 731 + }, + { + "name": "sect409r1", + "openssl_nid": 732 + }, + { + "name": "sect571k1", + "openssl_nid": 733 + }, + { + "name": "sect571r1", + "openssl_nid": 734 + } + ], + "supported_curves": [ + { + "name": "prime256v1", + "openssl_nid": 415 + } + ], + "supports_ecdh_key_exchange": true + }, + "status": "COMPLETED" + }, + "heartbleed": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_heartbleed": false + }, + "status": "COMPLETED" + }, + "http_headers": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "openssl_ccs_injection": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_ccs_injection": false + }, + "status": "COMPLETED" + }, + "robot": { + "error_reason": null, + "error_trace": null, + "result": { + "robot_result": "NOT_VULNERABLE_NO_ORACLE" + }, + "status": "COMPLETED" + }, + "session_renegotiation": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_client_renegotiation_dos": false, + "supports_secure_renegotiation": true + }, + "status": "COMPLETED" + }, + "session_resumption": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "ssl_2_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_RC4_128_WITH_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "SSL_CK_RC4_128_EXPORT40_WITH_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_RC2_128_CBC_WITH_MD5", + "openssl_name": "RC2-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_IDEA_128_CBC_WITH_MD5", + "openssl_name": "IDEA-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "SSL_CK_DES_64_CBC_WITH_MD5", + "openssl_name": "DES-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "SSL_CK_DES_192_EDE3_CBC_WITH_MD5", + "openssl_name": "DES-CBC3-MD5" + }, + "error_message": "Server rejected the connection" + } + ], + "tls_version_used": "SSL_2_0" + }, + "status": "COMPLETED" + }, + "ssl_3_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "SSL_3_0" + }, + "status": "COMPLETED" + }, + "tls_1_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BHOyMG5kQsDopUtS9vlH4ZXx73pPCYxwc2np3FQcp0Mbt2glzkXvLsyS0x4TFW26j4t4Z6n17mu9nrTnTVxN4lE=", + "size": 256, + "type_name": "ECDH", + "x": "c7IwbmRCwOilS1L2+UfhlfHvek8JjHBzaencVBynQxs=", + "y": "t2glzkXvLsyS0x4TFW26j4t4Z6n17mu9nrTnTVxN4lE=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BF83kyG0Tt/fJ3sYffYi3kFWIM2Q0n5RzyWREjJknvPPy1kPmt4BvLVK4WJhxdpTwXJUDCdZniZ106HWHpQguVE=", + "size": 256, + "type_name": "ECDH", + "x": "XzeTIbRO398nexh99iLeQVYgzZDSflHPJZESMmSe888=", + "y": "y1kPmt4BvLVK4WJhxdpTwXJUDCdZniZ106HWHpQguVE=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BErCWmVqVNVClRDS2heKqEDFFi2yH5dreTS0jtR3wM+lAPyxQT8Az2gmlcdx+XZrdgVSFp9QD+F+flsqcP40TNs=", + "size": 256, + "type_name": "ECDH", + "x": "SsJaZWpU1UKVENLaF4qoQMUWLbIfl2t5NLSO1HfAz6U=", + "y": "/LFBPwDPaCaVx3H5dmt2BVIWn1AP4X5+Wypw/jRM2w==" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "k49joPhbl1zeJDfAyn2GmVWNl6i0mzY+c+xomtyWubLgoZuxsw18B1fH5MgseQQFu45Huk3mOpeIUoA4InZ4Bd/+shRaDSuplPX6LHJgYLJF2X5oqIl7mxU/WIu9HKhYdWz9V+il5p9uaT4IzZVV/2thXUlPcDkNYXE0B2pNODKMlNzIVFS9+r8LdWMImXpv6cRuVAz9i+xt9tE+FC68zw8DNYIoY3UIQCsEzJZIwrlbK35K8umOe2cLXYiaFOyl1UsUyfyJFNjzb3LTYdXjYEYw70hcOKfuOG17OVZEleVv7RmFqD62IXwF3cnTKVeCAIn9FUOFDJXjXxaMsp3z0w==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "BwGMHQxbqaP1m85TCW4NCB9/UK2MD5ueRvma1SueTD475BVWB0xQRSX7pmFc80tZ24K4o/8qoh6C6mh+8yu4n8KBXZDcFtmh9j1HH+4s+wYqywXOvcHlcp+P2itoZlOg9r3QYcVtESMY23jCI5qqMDvVB+1sQNZGLSovjA3KLw/id8MNq0N5KJdCyb0AIuF/CMGRUJ2YUIOk5W840GcQN+dMrUqSk/ovmJHu8DdAV0OHXg3SnxxTrCZAelQiRs56yL+3pK06Elqh+fa1Zg59cddId7UpOGuWSdc30WC90FTDjHu7ZhPpRN4f/T0Yxv1944AFcGKf3u8WEvgvaDj7GA==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "du1kdmwBfWC/s5xyvrtadV7C6gYcktWGReeqnr4ILVICBlgpoOOcuavO/zjWlCAuoxI/k9a6AsfZD/E/YqTyvmpymt3tOuGV/YggiFkELCN19ZCkK8XyaHBQvHGT6aDjYR8xnFZzUuGFzsfkrDgpH0v135qP+FxZW4q8Na6UhI8du3SRzuLI7hX/WeQTO2a5wKMMllgirg1gm7Wzi6EDaDO0pzGxmhKDgKQNbdolWMShLLwRurQjwplYgnq2MYKRKui8Nj2ModcIuMEjIcHOk/9DQWYnAwHIVe9gnkYNMzDKKLW05uN6bKr6QhPOledQdTcikdq9nuvzpr9svjI9jw==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "Q25hTZoJka9MDTwGlnUEgULX6XVPEEorCwm4d6tG3CDq7SqOkfp1NZfa+8Z7PqdGrkHWOkvy2FYH4nu/qPzPjh529bMnwJqBaBlA99QvRKeaF/Ee/5AZuvkFqaAQ+NpLV9SfkIEosAPVg5LEfcPO3F+KgY3PdDEwtBrjE0ERbn8iono5SfqmnV10paMa+nhgBt3ejpXOw6y9H3YndfGOAuILtZuestPimbMZ/FkAJb9Bnma1yyED7L3g+1Bk7JLecfd6RqfvCnbvCOYt86l8bh5xHRCW+ZXsEe1TPQEXAOK1qwuJF7xlqNsnpLYM2mtnF8lqZDjGCXuRG1kFcm0iAQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" }, - "tls_fallback_scsv": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_0" + }, + "status": "COMPLETED" + }, + "tls_1_1_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BCUnUQTJYunQuVZyUjfp95NgDkz7InyWCBTmhvIlPNKgbIMrV1jHOFm/P9sL2Ln0ZaJZpBi0adePbVyUnD9VEpg=", + "size": 256, + "type_name": "ECDH", + "x": "JSdRBMli6dC5VnJSN+n3k2AOTPsifJYIFOaG8iU80qA=", + "y": "bIMrV1jHOFm/P9sL2Ln0ZaJZpBi0adePbVyUnD9VEpg=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BNISJHJuf8/E7yntKxnmdRot03b4R5W4stsBtVYYMHQoE44Vvx43wS5S0NqJCMx0V3wejPfaLrv8wGDWTB3GxZI=", + "size": 256, + "type_name": "ECDH", + "x": "0hIkcm5/z8TvKe0rGeZ1Gi3TdvhHlbiy2wG1VhgwdCg=", + "y": "E44Vvx43wS5S0NqJCMx0V3wejPfaLrv8wGDWTB3GxZI=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BOMjNELGFylN284I1bQgffvk1trCqHezDEbYnM1LWIVKkdH3lSjsf+gdK/O6NeFwP8y26uUCbuVcpH/3Lpu66F4=", + "size": 256, + "type_name": "ECDH", + "x": "4yM0QsYXKU3bzgjVtCB9++TW2sKod7MMRticzUtYhUo=", + "y": "kdH3lSjsf+gdK/O6NeFwP8y26uUCbuVcpH/3Lpu66F4=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "ZGQYxOlRIToexvDmKkKM11UGgnhn5WIcGSAFwwObCm+2VSe4n86qwSGClqlH4Z8v5UiVU0js4JwapU3XVmgFJHtoplaKQK6aNHbWeS7eDgxJ3p0yt45jAao9HAIy2EqXqpl8jZc3a8z45Q7mcQW6PPDfcSFszPeHQiUv1AdBoYBQIn361R2PhDJXfcwUtpzE/wyqocGKJfPYvGy0TkspRc7LqnkkkLTMyeFv0LHMu03In0P8DVKxXMdm7WtMUK4uNdddekeaka8vb8BjJc9DdLwEb0Zfek14qTJd3l076gYJCYlDW+WYisEkRWHBEzomJIm2SGtfz8vzhXCEqf+m3w==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "V+1I1kEPtGP/NL6TUdlUvfJ2NuBK8GOdsc9TgNIlD5pH3uYXgU/+ZTOdgoueUJVGrA1nLsPjbxgbLfP6ZoeP4jYOdGypAPuTc2cYyZ+Jinh8DnGlpyHgQb2rLdZzwrcTuSGWMQlW3/SdCVPWiDp7VCDtv7YYOT44z2PljxRyz9Ur2TXB7Qv1i98otPnYXadrfFgFJHSlEVBab7+HebBHzMeDliHG/vUrFXm2RD0Lgix7QZNF7W6tCktqs8c9HkuWnKxSTrLPWKVx28xHW80vbHOpodBls7oDr+1DT4qPODSysUFuN46JEPRVbfkdjEF/Yi55OoYjUT5QrQ+pBp8qiQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "DR+z+bEJ8KlvTFEk17ahzrapw/Zgo7/fkesL9Dj+yn24t5a0ZLRulsj7QGXqlj9rLBrAVcho2X2KQpCxL0aJISOI7o+V19R6vgWIsr1WSZll2SKsyC2tr4gjKxbqOL4wgPb8KRA/qt2t8BvHafaz0Aa3EV8lnyy43IpQqc10A1P5Qrg1yDWBiVWhENWePd40HCppKK6Vt3Zh6bhmhXvDPQsQmP3h0alrYRYLDtsHP99EPVOQdFBT+pWmuc0ph5V0Y0f3kasFoGt26fbT6EJms14HTsxsIUcluoiWXsMNO7mOwRj3ts4WDc4EZJ/CLM1JGUfAeAGjmSMST5HW9j5xpg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null } - }, - "scan_status": "COMPLETED", - "server_location": { - "connection_type": "DIRECT", - "hostname": "untrusted-root.badssl.com", - "http_proxy_settings": null, - "ip_address": "104.154.89.105", - "port": 443 - }, - "uuid": "785eac7a-067d-4958-a652-8b98f1d9549e" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "ddu/S8eIWJDij8uAOkzbZuDhab6RrVc/Q8CCjgPZECV/HAAaHESduhjN+RwSMg6lG27Yhwx806SfKdQD8B8bGdHlcNanUkkTy49JGrEqKIMs3gQ8WXZbVAghN/2gTLuG7AQS3ZXXwNVpuVmrQ3YLBL5fdCwwcvhqxoJ9L9ATEf/TH8l6JOxpe47aG6dVZibp6JzVQoyqC6TNYk8SMJZJSrq0RevAh6iW752tfV1gdfYZHTzHolctgMEhgwCbrVsqkp/RHuoo3UWegnqqRVVisAJIpSBthM9YYvsY3F8VKm6tjq+8rZ0Ub5mirpjS3dhBywHSF/VaEqJRi4+niMQBaA==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_1" + }, + "status": "COMPLETED" + }, + "tls_1_2_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "AES256-GCM-SHA384" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "AES256-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "AES128-GCM-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "AES128-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDHE-RSA-AES256-GCM-SHA384" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BNjLv/PQqyEy8opvYOJOUnPCOjMJe2/U3cdnMtT4+gjjuQVIJOT6b/g3y7R4SxO5l6N/8qhBI1DICwwLNdYMhoM=", + "size": 256, + "type_name": "ECDH", + "x": "2Mu/89CrITLyim9g4k5Sc8I6Mwl7b9Tdx2cy1Pj6COM=", + "y": "uQVIJOT6b/g3y7R4SxO5l6N/8qhBI1DICwwLNdYMhoM=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDHE-RSA-AES256-SHA384" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BMlBmxqvjB2k9gyeqBzCJ3JINP58sRtDtLFXLuITijf05f0pIeHp9HSNsBrIHJ79sQTISRvun7hmzjWkzywIBUU=", + "size": 256, + "type_name": "ECDH", + "x": "yUGbGq+MHaT2DJ6oHMInckg0/nyxG0O0sVcu4hOKN/Q=", + "y": "5f0pIeHp9HSNsBrIHJ79sQTISRvun7hmzjWkzywIBUU=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BFAVl1bwWe/ZdL+a3bvfg0W36KvFBuPHTljYpKcyXjtZBss9EufvZB4whSn7Fr7OGe5T6ctxq6QNEDxjSWKfGGA=", + "size": 256, + "type_name": "ECDH", + "x": "UBWXVvBZ79l0v5rdu9+DRbfoq8UG48dOWNikpzJeO1k=", + "y": "Bss9EufvZB4whSn7Fr7OGe5T6ctxq6QNEDxjSWKfGGA=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDHE-RSA-AES128-GCM-SHA256" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BMWuCbYnNtNyGu9xn1U/gyy6DRxEb0V7Yep8+ZSthboR6psBjwxLjuhkFytYKfLPlpMPMMthEF9+aAUSKOpGLB0=", + "size": 256, + "type_name": "ECDH", + "x": "xa4Jtic203Ia73GfVT+DLLoNHERvRXth6nz5lK2FuhE=", + "y": "6psBjwxLjuhkFytYKfLPlpMPMMthEF9+aAUSKOpGLB0=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDHE-RSA-AES128-SHA256" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BObmxwxgiwXEdUwcbNa6Y8pj7H0UKsPX2Kq893ktBNjSILv4ZOI25HkK8l0/kSYKBVazs0Sp7e371Wju6iV2abU=", + "size": 256, + "type_name": "ECDH", + "x": "5ubHDGCLBcR1TBxs1rpjymPsfRQqw9fYqrz3eS0E2NI=", + "y": "ILv4ZOI25HkK8l0/kSYKBVazs0Sp7e371Wju6iV2abU=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BCg7k940dNv0uiX5zuTtcxykMoWgVsBrM10RfC9GW0vwpzgbz1d+Wn1LE+wjptOM32iLo6QKj7BducSrS59+kNA=", + "size": 256, + "type_name": "ECDH", + "x": "KDuT3jR02/S6JfnO5O1zHKQyhaBWwGszXRF8L0ZbS/A=", + "y": "pzgbz1d+Wn1LE+wjptOM32iLo6QKj7BducSrS59+kNA=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BNnkmGlMS7aikR7D0N7gPatfjw+YfUA/nWU8ZndkZJFg/q2m3zldM8tTWzEwnQbYLOQanrp0nWw7vWzI+BUS/Ak=", + "size": 256, + "type_name": "ECDH", + "x": "2eSYaUxLtqKRHsPQ3uA9q1+PD5h9QD+dZTxmd2RkkWA=", + "y": "/q2m3zldM8tTWzEwnQbYLOQanrp0nWw7vWzI+BUS/Ak=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "MktVUdzXupnsdny8rWd/RdncPhN4yQMQqXrfLMdLm9wKgqDUu9KKxgiCBqnErZMzw/90g0xOHF7+qhJ+V2gf0GxETUnAw+YAn1dwWF2ivh6u+M5t50e38lhk0myLZDZvWjCp24wD5aJtYQQS8U+vYJTiP/V+c7Dutx2YhxB+MQ7Qlwin122gz9TGNfRe4xasABTKf9yRdk7RTkbC5UhnJnrFOgk7zdC7ws65HsLhTzj7RfV01mqAlXG4YB5oEUeUHvqX8Z8Se9bfdHsfhokqx+XzzC4FayYFVt7gvxUOdgc1XJxsBiKkiaK4ImXnse4BO25e+R/KUXY6bJS46PYQ+w==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "fIHHfOJ6GgPalAgqW0dzdgo8b90TfYJbrYsfLZoaBBEtl8KEpJG86mPmlP3iBynuAXwOki4PQvXujhK3pe/HFRlH6GdFuocKnwkvCEPzDEc/E8AeUrPamdLWZo/5AMwCAOwcj8K6I0/u60R1OG8exVJOMoChapbJm+eadkxarZ8eo4IF6BnNd3IkcWEB2oosxuV7S458KC0+OWoO0Wwwgn+PW0ywgTxY/WtpnBLTXoIbqLWowCy/bBvpkBT+bWCpkp0ythRLpSQ4xxp/8iT5TYN8lW4hOUVU659GOU2ZGfq8UfmzJwX36qqEcBptCXBOcu4Z/OKEpYi0KfOIQLXOJA==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "DHE-RSA-AES256-GCM-SHA384" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "r5RZgQlPbbN3k2MOURyl+KyDJMv4Ez22vv2OyHh3qPmNWBz1s9LNSeCiRz3DgEZ5pfy3114ARbByOmVIHpAdoE4SSCJQm7pE9VkvOgZ/ZyZZGEHSeMoxuhakssGUKzLosNDLBg6D1xE+pgeEXbOu7I5T90eJeHM+nzd2bYWHnhZTpFhiI1/1P8b0/Pcgg5+4SyRlm5IG7XKl/2e8UYcbvVkhlZ8/U1W9MjgXepr9DAV0e3ScjQmBMTP2kRx3NZApeTLjGecjeva8KBesk8fKchjK8aOx0nfNAqzm+OLMLaNQ0VOTZG0zaP36Tkp9KDatQkkkZzo7sDswn1aQSpbZqg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "DHE-RSA-AES256-SHA256" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "tMj4Ghk5UhZ7EJBG1owSdpd3ZZMF35jqBvW4b4j/0j9P0Nv2y4thCSC8jR0wa4w6BqbDMgspy4WdOnB65RAoj1tptH4UxV9QMxBRgIJ4c+HlbiYmL+rk+LNeKz7viXwzDVFI4Jv/kMB1bGL6zDPFuGuoil4+clZF04XqVymKEZMoFzb5O2EsPHeyImAfkASLIhL2RkTymHUe7YZKoP7YJ8l4m+nQS8WneeY42g/siUaYpevZQF4m8QEKKl1AMityVCgsueu9uCyBdIOH859slkmyDMDTGL/yPRkr9am4bgGtYfNue0DDFtZHwgO5LP6OhP7pOJOMcQbaHWQC+8ljNw==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "hOLDadoX3JWHMUboI9sjxbVPuHpMKYegOy6HSCZ3TksHk7mZNCCgkStpuMPnx7Vm/0Z89bSvWVQ//UrxkO8YPKaLPmf9a+f4vwhrsLUVRIGlLn4Niy9zXANrcRBj+WYfX2mcixN9ucmEujRkYvR8B0dKmhIDjxM+prK3z+8e0suhafpFMpTXVw638l4Bnin/v01RwGFUiwL0GfE6cU/Y6s/+TRfPoaRZl821Adl/KwBXzqD/ZL4U6ay3/XuWwDfQ7YMdDjySNBZGkPahh9+lWZFqy6xnQIqHrOFlPqg/v988ZOO10gtsaCpFmq95XMtEQty6r+lJK+uWUIMG6pAY9Q==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "DHE-RSA-AES128-GCM-SHA256" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "XscGJFmoQdZ6PheAxGLuvNpXl5B7DKwTweFLkDroy0/6NQ+WF/1NtJI9V4EmhTLuMTMKD0Py202hIbtdAQOYAKwacjxBH96k7AAvZXqKMLJAUPdQSkGJoZn3IFm4UO6zhb/4ADmoej/Nxju3u72Tp+Py+BDTQ+LFYoElTPOvdP76+LHlU/rLHODqAt3P9tqcpnFrGT4xKPnT980pX00RcaD+/mLCIVDSCxjSY+Zbr3EfxVNzL9CGaEVROBkcxC1Exl7kEdIHY3uf9CDhCi8Nx3nvV1yloUz6OE1cTXl+zmgH5WiAAbP/YQx6d9mL7Gg/5wYVVUHHEj69wt+EWfLiXQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "DHE-RSA-AES128-SHA256" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "eIejQwAsJeWXH7jjKaMJ4ibBahOtOm8DPSnK0+tYn+L6AxKi6NhpauLYK1fovMsD9OfLevItCRex6eWbhODQNqsDQEEiK5/eLsvEaEdfiB5P9FHMZVoH9By5eEFIIuws02y3QSNXZX/kvZadEi8Iv2BeGzqWM/KgZOg46CuXfTriGm3ujOghyREJ01rRYX+xwjQV+WJWqSbW4ZCsrVxgz4nZR7i/nFm0V4gKAxfVxtuKAGVRlRzHfBKEjExAzQerOvu0Qa9gYmWLWQMW3PSuNBYsE/NyWzruGys/UcfyqmNzQ2SohWP99JYlrKGOnV1pWivzyFA99UJ3ohF6mlfDNA==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "Ail0GVXRT902BS6QIdshF5HKjkoafXXNpin2VtekTxKHVTV1FZlFFwTZgnliG4pbPi/zkZ7lZEa2zqxnSIjrJSHXpKCqXx4dVPm36TtkZqUykrXKommv7n3DHrJwNFp7/GSMvV1G03ZoulSwn6JFnIXEVds27p2D1Kw/1TZwhtJTOacMzOkRk14caeo5rXtoWR6U1shf4A23nlYsm1vOA4z0UPkfQqAgbQslIMDTGNgsnuKSTo1ie0YXAnrK3YhkRFmkIkno4KxznOJxr6ZfafBOy0Rzwl4Vpf58/JES7A6UFj5SLMNB0dDSPFtQoCMLj7h55QpeIxTC3jfl/q7lHQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA256", + "openssl_name": "NULL-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_256_CCM_8", + "openssl_name": "AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CCM", + "openssl_name": "AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CCM_8", + "openssl_name": "AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CCM", + "openssl_name": "AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDH-RSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDH-RSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDH-RSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDH-RSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDH-ECDSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDH-ECDSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDH-ECDSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDH-ECDSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "ECDHE-RSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", + "openssl_name": "ECDHE-RSA-CAMELLIA256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "ECDHE-RSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ECDHE-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ECDHE-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "ECDHE-ECDSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", + "openssl_name": "ECDHE-ECDSA-CAMELLIA256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "ECDHE-ECDSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ECDHE-ECDSA-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ECDHE-ECDSA-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDHE-ECDSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", + "openssl_name": "ECDHE-ECDSA-AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", + "openssl_name": "ECDHE-ECDSA-AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDHE-ECDSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDHE-ECDSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", + "openssl_name": "ECDHE-ECDSA-AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", + "openssl_name": "ECDHE-ECDSA-AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDHE-ECDSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_GCM_SHA384", + "openssl_name": "ADH-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA256", + "openssl_name": "ADH-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_GCM_SHA256", + "openssl_name": "ADH-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA256", + "openssl_name": "ADH-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "DH-RSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "DH-RSA-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "DH-RSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "DH-RSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", + "openssl_name": "DH-DSS-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", + "openssl_name": "DH-DSS-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", + "openssl_name": "DH-DSS-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", + "openssl_name": "DH-DSS-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "DHE-RSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "DHE-RSA-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "DHE-RSA-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CCM_8", + "openssl_name": "DHE-RSA-AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CCM", + "openssl_name": "DHE-RSA-AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CCM_8", + "openssl_name": "DHE-RSA-AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CCM", + "openssl_name": "DHE-RSA-AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "DHE-DSS-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "DHE-DSS-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", + "openssl_name": "DHE-DSS-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", + "openssl_name": "DHE-DSS-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", + "openssl_name": "DHE-DSS-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", + "openssl_name": "DHE-DSS-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DHE-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_2" + }, + "status": "COMPLETED" + }, + "tls_1_3_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_CHACHA20_POLY1305_SHA256", + "openssl_name": "TLS_CHACHA20_POLY1305_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_AES_256_GCM_SHA384", + "openssl_name": "TLS_AES_256_GCM_SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_GCM_SHA256", + "openssl_name": "TLS_AES_128_GCM_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_CCM_SHA256", + "openssl_name": "TLS_AES_128_CCM_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_CCM_8_SHA256", + "openssl_name": "TLS_AES_128_CCM_8_SHA256" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_3" + }, + "status": "COMPLETED" + }, + "tls_1_3_early_data": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "tls_compression": { + "error_reason": null, + "error_trace": null, + "result": { + "supports_compression": false + }, + "status": "COMPLETED" + }, + "tls_fallback_scsv": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" } - ], - "sslyze_url": "https://github.com/nabla-c0d3/sslyze", - "sslyze_version": "5.0.0" -} \ No newline at end of file + }, + "scan_status": "COMPLETED", + "server_location": { + "connection_type": "DIRECT", + "hostname": "untrusted-root.badssl.com", + "http_proxy_settings": null, + "ip_address": "104.154.89.105", + "port": 443 + }, + "uuid": "785eac7a-067d-4958-a652-8b98f1d9549e" + } + ], + "sslyze_url": "https://github.com/nabla-c0d3/sslyze", + "sslyze_version": "5.0.0" +} diff --git a/scanners/sslyze/parser/__testFiles__/wrong.host.badssl.com.json b/scanners/sslyze/parser/__testFiles__/wrong.host.badssl.com.json index ca8291cd50..8b3b93150b 100644 --- a/scanners/sslyze/parser/__testFiles__/wrong.host.badssl.com.json +++ b/scanners/sslyze/parser/__testFiles__/wrong.host.badssl.com.json @@ -1,6524 +1,6503 @@ { - "date_scans_completed": "2021-12-22T13:06:29.937314", - "date_scans_started": "2021-12-22T13:05:41.588475", - "server_scan_results": [ - { - "connectivity_error_trace": null, - "connectivity_result": { - "cipher_suite_supported": "ECDHE-RSA-AES128-GCM-SHA256", - "client_auth_requirement": "DISABLED", - "highest_tls_version_supported": "TLS_1_2", - "supports_ecdh_key_exchange": true - }, - "connectivity_status": "COMPLETED", - "network_configuration": { - "network_max_retries": 3, - "network_timeout": 5, - "tls_client_auth_credentials": null, - "tls_opportunistic_encryption": null, - "tls_server_name_indication": "wrong.host.badssl.com", - "xmpp_to_hostname": null - }, - "scan_result": { - "certificate_info": { - "error_reason": null, - "error_trace": null, - "result": { - "certificate_deployments": [ - { - "leaf_certificate_has_must_staple_extension": false, - "leaf_certificate_is_ev": false, - "leaf_certificate_signed_certificate_timestamps_count": 3, - "leaf_certificate_subject_matches_hostname": false, - "ocsp_response": null, - "ocsp_response_is_trusted": null, - "path_validation_results": [ - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Android", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/google_aosp.pem", - "version": "12.0.0_r3" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", - "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", - "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-05-17T12:00:00", - "not_valid_before": "2020-03-23T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 - }, - "serial_number": 14540638993096550868240433790861531645, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=Walnut Creek", - "value": "Walnut Creek" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Lucas Garron Torres", - "value": "Lucas Garron Torres" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.badssl.com", - "value": "*.badssl.com" - } - ], - "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" - }, - "subject_alternative_name": { - "dns": [ - "*.badssl.com", - "badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", - "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", - "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-03-08T12:00:00", - "not_valid_before": "2013-03-08T12:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 - }, - "serial_number": 2646203786665923649276728595390119057, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", - "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", - "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2031-11-10T00:00:00", - "not_valid_before": "2006-11-10T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 - }, - "serial_number": 10944719598952040374951832963794454346, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Apple", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/apple.pem", - "version": "iOS 15, iPadOS 15, macOS 12, tvOS 15, and watchOS 8" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", - "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", - "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-05-17T12:00:00", - "not_valid_before": "2020-03-23T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 - }, - "serial_number": 14540638993096550868240433790861531645, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=Walnut Creek", - "value": "Walnut Creek" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Lucas Garron Torres", - "value": "Lucas Garron Torres" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.badssl.com", - "value": "*.badssl.com" - } - ], - "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" - }, - "subject_alternative_name": { - "dns": [ - "*.badssl.com", - "badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", - "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", - "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-03-08T12:00:00", - "not_valid_before": "2013-03-08T12:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 - }, - "serial_number": 2646203786665923649276728595390119057, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", - "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", - "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2031-11-10T00:00:00", - "not_valid_before": "2006-11-10T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 - }, - "serial_number": 10944719598952040374951832963794454346, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Java", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/oracle_java.pem", - "version": "jdk-13.0.2" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", - "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", - "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-05-17T12:00:00", - "not_valid_before": "2020-03-23T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 - }, - "serial_number": 14540638993096550868240433790861531645, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=Walnut Creek", - "value": "Walnut Creek" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Lucas Garron Torres", - "value": "Lucas Garron Torres" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.badssl.com", - "value": "*.badssl.com" - } - ], - "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" - }, - "subject_alternative_name": { - "dns": [ - "*.badssl.com", - "badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", - "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", - "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-03-08T12:00:00", - "not_valid_before": "2013-03-08T12:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 - }, - "serial_number": 2646203786665923649276728595390119057, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", - "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", - "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2031-11-10T00:00:00", - "not_valid_before": "2006-11-10T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 - }, - "serial_number": 10944719598952040374951832963794454346, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": [ - { - "dotted_string": "1.2.276.0.44.1.1.1.4", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.392.200091.100.721.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.40.0.17.1.22", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.616.1.113527.2.5.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.159.1.17.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.13177.10.1.3.10", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14370.1.6", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14777.6.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14777.6.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.14.2.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.14.2.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.8.12.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.8.12.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.22234.2.5.2.3.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.23223.1.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.29836.1.10", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.3", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.4", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.36305.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.40869.1.1.22.3", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.4146.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.4788.2.202.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.6334.1.100.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.6449.1.2.1.5.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.782.1.2.1.8.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.7879.13.24.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.8024.0.2.100.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.156.112554.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.528.1.1003.1.2.7", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.578.1.26.1.3.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.756.1.83.21.0", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.756.1.89.1.2.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.792.3.0.3.1.1.5", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.792.3.0.4.1.1.4", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.113733.1.7.23.6", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.113733.1.7.48.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114028.10.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114171.500.9", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114404.1.1.2.4.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114412.2.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114413.1.7.23.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114414.1.7.23.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114414.1.7.24.3", - "name": "Unknown OID" - } - ], - "name": "Mozilla", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/mozilla_nss.pem", - "version": "2021-09-25" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", - "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", - "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-05-17T12:00:00", - "not_valid_before": "2020-03-23T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 - }, - "serial_number": 14540638993096550868240433790861531645, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=Walnut Creek", - "value": "Walnut Creek" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Lucas Garron Torres", - "value": "Lucas Garron Torres" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.badssl.com", - "value": "*.badssl.com" - } - ], - "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" - }, - "subject_alternative_name": { - "dns": [ - "*.badssl.com", - "badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", - "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", - "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-03-08T12:00:00", - "not_valid_before": "2013-03-08T12:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 - }, - "serial_number": 2646203786665923649276728595390119057, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", - "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", - "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2031-11-10T00:00:00", - "not_valid_before": "2006-11-10T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 - }, - "serial_number": 10944719598952040374951832963794454346, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Windows", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/microsoft_windows.pem", - "version": "2021-09-25" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", - "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", - "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-05-17T12:00:00", - "not_valid_before": "2020-03-23T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 - }, - "serial_number": 14540638993096550868240433790861531645, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=Walnut Creek", - "value": "Walnut Creek" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Lucas Garron Torres", - "value": "Lucas Garron Torres" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.badssl.com", - "value": "*.badssl.com" - } - ], - "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" - }, - "subject_alternative_name": { - "dns": [ - "*.badssl.com", - "badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", - "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", - "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-03-08T12:00:00", - "not_valid_before": "2013-03-08T12:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 - }, - "serial_number": 2646203786665923649276728595390119057, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", - "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", - "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2031-11-10T00:00:00", - "not_valid_before": "2006-11-10T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 - }, - "serial_number": 10944719598952040374951832963794454346, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - } - ], - "received_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", - "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", - "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-05-17T12:00:00", - "not_valid_before": "2020-03-23T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 - }, - "serial_number": 14540638993096550868240433790861531645, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=Walnut Creek", - "value": "Walnut Creek" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Lucas Garron Torres", - "value": "Lucas Garron Torres" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.badssl.com", - "value": "*.badssl.com" - } - ], - "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" - }, - "subject_alternative_name": { - "dns": [ - "*.badssl.com", - "badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", - "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", - "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-03-08T12:00:00", - "not_valid_before": "2013-03-08T12:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 - }, - "serial_number": 2646203786665923649276728595390119057, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "received_chain_contains_anchor_certificate": false, - "received_chain_has_valid_order": true, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", - "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", - "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2022-05-17T12:00:00", - "not_valid_before": "2020-03-23T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 - }, - "serial_number": 14540638993096550868240433790861531645, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.8", - "name": "stateOrProvinceName" - }, - "rfc4514_string": "ST=California", - "value": "California" - }, - { - "oid": { - "dotted_string": "2.5.4.7", - "name": "localityName" - }, - "rfc4514_string": "L=Walnut Creek", - "value": "Walnut Creek" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Lucas Garron Torres", - "value": "Lucas Garron Torres" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=*.badssl.com", - "value": "*.badssl.com" - } - ], - "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" - }, - "subject_alternative_name": { - "dns": [ - "*.badssl.com", - "badssl.com" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", - "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", - "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2023-03-08T12:00:00", - "not_valid_before": "2013-03-08T12:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 - }, - "serial_number": 2646203786665923649276728595390119057, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", - "value": "DigiCert SHA2 Secure Server CA" - } - ], - "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", - "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", - "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "not_valid_after": "2031-11-10T00:00:00", - "not_valid_before": "2006-11-10T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 - }, - "serial_number": 10944719598952040374951832963794454346, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.5", - "name": "sha1WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 20, - "name": "sha1" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=DigiCert Inc", - "value": "DigiCert Inc" - }, - { - "oid": { - "dotted_string": "2.5.4.11", - "name": "organizationalUnitName" - }, - "rfc4514_string": "OU=www.digicert.com", - "value": "www.digicert.com" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DigiCert Global Root CA", - "value": "DigiCert Global Root CA" - } - ], - "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "verified_chain_has_legacy_symantec_anchor": false, - "verified_chain_has_sha1_signature": false + "date_scans_completed": "2021-12-22T13:06:29.937314", + "date_scans_started": "2021-12-22T13:05:41.588475", + "server_scan_results": [ + { + "connectivity_error_trace": null, + "connectivity_result": { + "cipher_suite_supported": "ECDHE-RSA-AES128-GCM-SHA256", + "client_auth_requirement": "DISABLED", + "highest_tls_version_supported": "TLS_1_2", + "supports_ecdh_key_exchange": true + }, + "connectivity_status": "COMPLETED", + "network_configuration": { + "network_max_retries": 3, + "network_timeout": 5, + "tls_client_auth_credentials": null, + "tls_opportunistic_encryption": null, + "tls_server_name_indication": "wrong.host.badssl.com", + "xmpp_to_hostname": null + }, + "scan_result": { + "certificate_info": { + "error_reason": null, + "error_trace": null, + "result": { + "certificate_deployments": [ + { + "leaf_certificate_has_must_staple_extension": false, + "leaf_certificate_is_ev": false, + "leaf_certificate_signed_certificate_timestamps_count": 3, + "leaf_certificate_subject_matches_hostname": false, + "ocsp_response": null, + "ocsp_response_is_trusted": null, + "path_validation_results": [ + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Android", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/google_aosp.pem", + "version": "12.0.0_r3" + }, + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", + "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", + "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2022-05-17T12:00:00", + "not_valid_before": "2020-03-23T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 + }, + "serial_number": 14540638993096550868240433790861531645, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=Walnut Creek", + "value": "Walnut Creek" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Lucas Garron Torres", + "value": "Lucas Garron Torres" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.badssl.com", + "value": "*.badssl.com" + } + ], + "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" + }, + "subject_alternative_name": { + "dns": ["*.badssl.com", "badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", + "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", + "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" } - ], - "hostname_used_for_server_name_indication": "wrong.host.badssl.com" + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-03-08T12:00:00", + "not_valid_before": "2013-03-08T12:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 + }, + "serial_number": 2646203786665923649276728595390119057, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", + "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", + "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2031-11-10T00:00:00", + "not_valid_before": "2006-11-10T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 + }, + "serial_number": 10944719598952040374951832963794454346, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Apple", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/apple.pem", + "version": "iOS 15, iPadOS 15, macOS 12, tvOS 15, and watchOS 8" }, - "status": "COMPLETED" - }, - "elliptic_curves": { - "error_reason": null, - "error_trace": null, - "result": { - "rejected_curves": [ - { - "name": "X25519", - "openssl_nid": 1034 - }, - { - "name": "X448", - "openssl_nid": 1035 - }, - { - "name": "prime192v1", - "openssl_nid": 409 - }, - { - "name": "secp160k1", - "openssl_nid": 708 - }, - { - "name": "secp160r1", - "openssl_nid": 709 - }, - { - "name": "secp160r2", - "openssl_nid": 710 - }, - { - "name": "secp192k1", - "openssl_nid": 711 - }, - { - "name": "secp224k1", - "openssl_nid": 712 - }, - { - "name": "secp224r1", - "openssl_nid": 713 - }, - { - "name": "secp256k1", - "openssl_nid": 714 - }, - { - "name": "secp384r1", - "openssl_nid": 715 - }, - { - "name": "secp521r1", - "openssl_nid": 716 - }, - { - "name": "sect163k1", - "openssl_nid": 721 - }, - { - "name": "sect163r1", - "openssl_nid": 722 - }, - { - "name": "sect163r2", - "openssl_nid": 723 - }, - { - "name": "sect193r1", - "openssl_nid": 724 - }, - { - "name": "sect193r2", - "openssl_nid": 725 - }, - { - "name": "sect233k1", - "openssl_nid": 726 - }, - { - "name": "sect233r1", - "openssl_nid": 727 - }, - { - "name": "sect239k1", - "openssl_nid": 728 - }, - { - "name": "sect283k1", - "openssl_nid": 729 - }, - { - "name": "sect283r1", - "openssl_nid": 730 - }, - { - "name": "sect409k1", - "openssl_nid": 731 - }, - { - "name": "sect409r1", - "openssl_nid": 732 - }, - { - "name": "sect571k1", - "openssl_nid": 733 - }, - { - "name": "sect571r1", - "openssl_nid": 734 + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", + "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", + "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" } - ], - "supported_curves": [ - { - "name": "prime256v1", - "openssl_nid": 415 + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2022-05-17T12:00:00", + "not_valid_before": "2020-03-23T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 + }, + "serial_number": 14540638993096550868240433790861531645, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=Walnut Creek", + "value": "Walnut Creek" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Lucas Garron Torres", + "value": "Lucas Garron Torres" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.badssl.com", + "value": "*.badssl.com" + } + ], + "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" + }, + "subject_alternative_name": { + "dns": ["*.badssl.com", "badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", + "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", + "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-03-08T12:00:00", + "not_valid_before": "2013-03-08T12:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 + }, + "serial_number": 2646203786665923649276728595390119057, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", + "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", + "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2031-11-10T00:00:00", + "not_valid_before": "2006-11-10T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 + }, + "serial_number": 10944719598952040374951832963794454346, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" } - ], - "supports_ecdh_key_exchange": true + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Java", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/oracle_java.pem", + "version": "jdk-13.0.2" }, - "status": "COMPLETED" - }, - "heartbleed": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_heartbleed": false + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", + "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", + "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2022-05-17T12:00:00", + "not_valid_before": "2020-03-23T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 + }, + "serial_number": 14540638993096550868240433790861531645, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=Walnut Creek", + "value": "Walnut Creek" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Lucas Garron Torres", + "value": "Lucas Garron Torres" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.badssl.com", + "value": "*.badssl.com" + } + ], + "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" + }, + "subject_alternative_name": { + "dns": ["*.badssl.com", "badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", + "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", + "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-03-08T12:00:00", + "not_valid_before": "2013-03-08T12:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 + }, + "serial_number": 2646203786665923649276728595390119057, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", + "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", + "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2031-11-10T00:00:00", + "not_valid_before": "2006-11-10T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 + }, + "serial_number": 10944719598952040374951832963794454346, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": [ + { + "dotted_string": "1.2.276.0.44.1.1.1.4", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.392.200091.100.721.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.40.0.17.1.22", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.616.1.113527.2.5.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.159.1.17.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.13177.10.1.3.10", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14370.1.6", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14777.6.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14777.6.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.14.2.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.14.2.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.8.12.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.8.12.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.22234.2.5.2.3.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.23223.1.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.29836.1.10", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.3", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.4", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.36305.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.40869.1.1.22.3", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.4146.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.4788.2.202.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.6334.1.100.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.6449.1.2.1.5.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.782.1.2.1.8.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.7879.13.24.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.8024.0.2.100.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.156.112554.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.528.1.1003.1.2.7", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.578.1.26.1.3.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.756.1.83.21.0", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.756.1.89.1.2.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.792.3.0.3.1.1.5", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.792.3.0.4.1.1.4", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.113733.1.7.23.6", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.113733.1.7.48.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114028.10.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114171.500.9", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114404.1.1.2.4.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114412.2.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114413.1.7.23.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114414.1.7.23.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114414.1.7.24.3", + "name": "Unknown OID" + } + ], + "name": "Mozilla", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/mozilla_nss.pem", + "version": "2021-09-25" }, - "status": "COMPLETED" - }, - "http_headers": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "openssl_ccs_injection": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_ccs_injection": false + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", + "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", + "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2022-05-17T12:00:00", + "not_valid_before": "2020-03-23T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 + }, + "serial_number": 14540638993096550868240433790861531645, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=Walnut Creek", + "value": "Walnut Creek" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Lucas Garron Torres", + "value": "Lucas Garron Torres" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.badssl.com", + "value": "*.badssl.com" + } + ], + "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" + }, + "subject_alternative_name": { + "dns": ["*.badssl.com", "badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", + "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", + "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-03-08T12:00:00", + "not_valid_before": "2013-03-08T12:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 + }, + "serial_number": 2646203786665923649276728595390119057, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", + "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", + "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2031-11-10T00:00:00", + "not_valid_before": "2006-11-10T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 + }, + "serial_number": 10944719598952040374951832963794454346, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Windows", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/microsoft_windows.pem", + "version": "2021-09-25" }, - "status": "COMPLETED" - }, - "robot": { - "error_reason": null, - "error_trace": null, - "result": { - "robot_result": "NOT_VULNERABLE_NO_ORACLE" + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", + "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", + "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2022-05-17T12:00:00", + "not_valid_before": "2020-03-23T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 + }, + "serial_number": 14540638993096550868240433790861531645, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=Walnut Creek", + "value": "Walnut Creek" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Lucas Garron Torres", + "value": "Lucas Garron Torres" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.badssl.com", + "value": "*.badssl.com" + } + ], + "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" + }, + "subject_alternative_name": { + "dns": ["*.badssl.com", "badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", + "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", + "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-03-08T12:00:00", + "not_valid_before": "2013-03-08T12:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 + }, + "serial_number": 2646203786665923649276728595390119057, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", + "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", + "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2031-11-10T00:00:00", + "not_valid_before": "2006-11-10T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 + }, + "serial_number": 10944719598952040374951832963794454346, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + } + ], + "received_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", + "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", + "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" }, - "status": "COMPLETED" - }, - "session_renegotiation": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_client_renegotiation_dos": false, - "supports_secure_renegotiation": true + "not_valid_after": "2022-05-17T12:00:00", + "not_valid_before": "2020-03-23T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 }, - "status": "COMPLETED" - }, - "session_resumption": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "ssl_2_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_RC4_128_WITH_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "SSL_CK_RC4_128_EXPORT40_WITH_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_RC2_128_CBC_WITH_MD5", - "openssl_name": "RC2-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_IDEA_128_CBC_WITH_MD5", - "openssl_name": "IDEA-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "SSL_CK_DES_64_CBC_WITH_MD5", - "openssl_name": "DES-CBC-MD5" - }, - "error_message": "Server rejected the connection" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "SSL_CK_DES_192_EDE3_CBC_WITH_MD5", - "openssl_name": "DES-CBC3-MD5" - }, - "error_message": "Server rejected the connection" - } - ], - "tls_version_used": "SSL_2_0" + "serial_number": 14540638993096550868240433790861531645, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" }, - "status": "COMPLETED" - }, - "ssl_3_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "SSL_3_0" + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" }, - "status": "COMPLETED" - }, - "tls_1_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BLbNGNYaA0RiGx+/ok6eIiojMKF6qhslhvnnhJdOAYWvWIj1bb+iexP1n5gfTBXG/awjvGbF7q9VRU3gnoyqfYA=", - "size": 256, - "type_name": "ECDH", - "x": "ts0Y1hoDRGIbH7+iTp4iKiMwoXqqGyWG+eeEl04Bha8=", - "y": "WIj1bb+iexP1n5gfTBXG/awjvGbF7q9VRU3gnoyqfYA=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BAo58RWCnTavJSARqpZOcL4XHd86OIp1yk0ODHrd4nq302g9RdxBjj8g8+k4gOfqCboPolQZcr94qaXKe/7cU4A=", - "size": 256, - "type_name": "ECDH", - "x": "CjnxFYKdNq8lIBGqlk5wvhcd3zo4inXKTQ4Met3ierc=", - "y": "02g9RdxBjj8g8+k4gOfqCboPolQZcr94qaXKe/7cU4A=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BK/ruGuqLY621R9/kkEwdbxLGiTrwweVcv7aAkeB5F1VoGVmRLAYWb5Ed8IfbcLp8E7tejZcEX75u0avGKyhXkk=", - "size": 256, - "type_name": "ECDH", - "x": "r+u4a6otjrbVH3+SQTB1vEsaJOvDB5Vy/toCR4HkXVU=", - "y": "oGVmRLAYWb5Ed8IfbcLp8E7tejZcEX75u0avGKyhXkk=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "mr3/KAXL/r07okd6pAceJT0rKwhLNsWS0F2Oj/0ZgE/0Ld5QcA5xwwwOT//0MoULlkP1zMcDc305l2ByBhr+sRkfvn0Y42wSykj4gnXfydf+skAJDNKDlSMZef37ceUIB7pPuEBO6QUrDy8PUIbx5H9VDoKUCNhQinH+54F9poVLPwT3uZyDDw6dH3dC65VynYYqPxz0h7V8fzXyiv023J83s8hpgPQ1sGPZaynXEc5BP1AByqBVtNT2asARdMBBi7qlK2KP9PEpjj07wyQTw/WtyOmWg8tzbIuQx4u8A79IYI/aPUFCgaT+6AGV51omGJm6ycyNyvHCr+Z3D75FjQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "eeoNrfqPAiAnXsRlbjbKlQJm7FZoWYJIkI6tPlvBC7nPN89kwDlMZQTJjLRvaOqN5sXOniQ0Ex1z12WIn00O2tEzbI2qyaMjfXAraz05/N2OJ+3sL94LAiaUVsvZKi97yvhtQaAj2RrVT4eM2C99vPwyDLQPYL5b61mmVZtfwZUCq1XNfiKjQllfPThYINB1LPjHDeX4urwnQVYCzRzWF1vg1ZMSwUdX68PF3pPnt5rMIhbMWUxsWdu8RsoMvGeCATm3Tlxas1eQaCELtb0xfBGoy5MJdFokskB3bZsccwkh5JsYs46IYc93pgSaW4PkZUemqYDJdrFwbVwBpycbHA==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "apSkbelllZHViWmf/JO3xiVxMcLRanwTR6r32hzNg8v9tSuBZStlN2OxGABBllRKft+jVqH4WpST7vJfVrtpk0zDGYfOmXysN/nk9QRKxoeC9tvjcj+1pt4gt30u2Jc2Poq08TJZN/9/INB8FHDtdh+KqQocm6DAt3IPjL2Kkef/mbsg2wJy3PliTqGcmbSA1kPwrxa8orY6onf9O/4QYnWuF4PY42Zc+8sw5osKqGhehzJ1el4c1tlGQCoHnCA2d5L0gNpuOEtmRHbHx1Bd6uyhYDUlh1bgl9W5Yw+q+k1Xv0nFoVGkF6IvsanxzYEY51AiYzo1+zoJ8s/e0R0dng==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "egUysb2xT8uP6diMD9i9x/pL6M7pRvBWRgroSYly7TKTmDlBnOExwOjr01508A2Od1Lk24Vr7/b4ot/UryOztRgVLdrv5xXuAYcMEJjIeGjTSsYnncfJiJmTzGkJyALdvniobrRw1S679jsGXiAYsuAeMZwG3g3QIiN88b9/fu+bbyDeo8Ww2ycgZIuyfmfUJ2ewgPXuzChCDxHdQ9hlRDkqlkytAoM2IO/uoRSQw945NNQ0w60e4hL6N/ZdPM0FPayObTXGOyDcxisnDlmWF3a31HzOaWTBtCheim4Bw9Wour0cgn/zPqblyiGoTNK7oRReecOO/fyfm5H8YAJ4tw==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_0" + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=Walnut Creek", + "value": "Walnut Creek" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Lucas Garron Torres", + "value": "Lucas Garron Torres" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.badssl.com", + "value": "*.badssl.com" + } + ], + "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" + }, + "subject_alternative_name": { + "dns": ["*.badssl.com", "badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", + "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", + "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-03-08T12:00:00", + "not_valid_before": "2013-03-08T12:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 + }, + "serial_number": 2646203786665923649276728595390119057, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "received_chain_contains_anchor_certificate": false, + "received_chain_has_valid_order": true, + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIGqDCCBZCgAwIBAgIQCvBs2jemC2QTQvCh6x1Z/TANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E\naWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMzIzMDAwMDAwWhcN\nMjIwNTE3MTIwMDAwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\nYTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g\nVG9ycmVzMRUwEwYDVQQDDAwqLmJhZHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDCBOz4jO4EwrPYUNVwWMyTGOtcqGhJsCK1+ZWesSssdj5s\nwEtgTEzqsrTAD4C2sPlyyYYC+VxBXRMrf3HES7zplC5QN6ZnHGGM9kFCxUbTFocn\nn3TrCp0RUiYhc2yETHlV5NFr6AY9SBVSrbMo26r/bv9glUp3aznxJNExtt1NwMT8\nU7ltQq21fP6u9RXSM0jnInHHwhR6bCjqN0rf6my1crR+WqIW3GmxV0TbChKr3sMP\nR3RcQSLhmvkbk+atIgYpLrG6SRwMJ56j+4v3QHIArJII2YxXhFOBBcvm/mtUmEAn\nhccQu3Nw72kYQQdFVXz5ZD89LMOpfOuTGkyG0cqFAgMBAAGjggNhMIIDXTAfBgNV\nHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUne7Be4ELOkdp\ncRh9ETeTvKUbP/swIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpiYWRzc2wuY29t\nMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Et\nc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2Nh\nLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIDMHwGCCsG\nAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\nMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\ncnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEE\nAdZ5AgQCBIIBbgSCAWoBaAB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO\nHtGFAAABcQhGXioAAAQDAEcwRQIgDfWVBXEuUZC2YP4Si3AQDidHC4U9e5XTGyG7\nSFNDlRkCIQCzikrA1nf7boAdhvaGu2Vkct3VaI+0y8p3gmonU5d9DwB2ACJFRQdZ\nVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcQhGXlsAAAQDAEcwRQIhAMWi\nVsi2vYdxRCRsu/DMmCyhY0iJPKHE2c6ejPycIbgqAiAs3kSSS0NiUFiHBw7QaQ/s\nGO+/lNYvjExlzVUWJbgNLwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U\niwXlAAABcQhGXnoAAAQDAEcwRQIgKsntiBqt8Au8DAABFkxISELhP3U/wb5lb76p\nvfenWL0CIQDr2kLhCWP/QUNxXqGmvr1GaG9EuokTOLEnGPhGv1cMkDANBgkqhkiG\n9w0BAQsFAAOCAQEA0RGxlwy3Tl0lhrUAn2mIi8LcZ9nBUyfAcCXCtYyCdEbjIP64\nxgX6pzTt0WJoxzlT+MiK6fc0hECZXqpkTNVTARYtGkJoljlTK2vAdHZ0SOpm9OT4\nRLfjGnImY0hiFbZ/LtsvS2Zg7cVJecqnrZe/za/nbDdljnnrll7C8O5naQuKr4te\nuice3e8a4TtviFwS/wdDnJ3RrE83b1IljILbU5SV0X1NajyYkUWS7AnOmrFUUByz\nMwdGrM6kt0lfJy/gvGVsgIKZocHdedPeECqAtq7FAJYanOsjNN9RbBOGhbwq0/FP\nCC01zojqS10nGowxzOiqyB4m6wytmzf0QwjpMw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "GEWyFu/Qg5oYUalXMl2jNiFwScs=", + "fingerprint_sha256": "kJTCvfppe0UD2q0RZ+sgpaRx6pjQH3ZUcmP8nq7HyPI=", + "hpkp_pin": "9SLklscvzMYj8f+52lp5ze/hY0CFHyLSPQzSpYYIBm8=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2022-05-17T12:00:00", + "not_valid_before": "2020-03-23T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 24492660100626679905549940109758101886765610555498019561237351076174546942126705991290366882656509310080501513812602706206351444964387935952263594274233370803388167168928622758093210777190425680103032107490380624850201721276806477615228126295940226807450889945207930835675033102934727992726436862717218438550009918736547634295262737442314962888280468639663924173291556081067280523421305313565638162799590985864930177996395295461079048360209103196860440439931811226709024172075892526400113878162488184158428982955287187952820072365979821268476491392572259766081582413144401029571982863046316691680331687828250550192773 + }, + "serial_number": 14540638993096550868240433790861531645, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.8", + "name": "stateOrProvinceName" + }, + "rfc4514_string": "ST=California", + "value": "California" + }, + { + "oid": { + "dotted_string": "2.5.4.7", + "name": "localityName" + }, + "rfc4514_string": "L=Walnut Creek", + "value": "Walnut Creek" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Lucas Garron Torres", + "value": "Lucas Garron Torres" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=*.badssl.com", + "value": "*.badssl.com" + } + ], + "rfc4514_string": "CN=*.badssl.com,O=Lucas Garron Torres,L=Walnut Creek,ST=California,C=US" + }, + "subject_alternative_name": { + "dns": ["*.badssl.com", "badssl.com"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg\nU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83\nnf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd\nKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f\n/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX\nkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\n/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY\naHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6\nLy9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1\noDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD\nQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v\nd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh\nxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl\n5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA\n8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC\n2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit\nc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\nj6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "H7hrEWjsdDFUBi6MnMWxcaS3zLQ=", + "fingerprint_sha256": "FUxDPEkZKcXvaG6DjjI2ZKAOag2CLMyVj7TasD5JoI8=", + "hpkp_pin": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2023-03-08T12:00:00", + "not_valid_before": "2013-03-08T12:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827 + }, + "serial_number": 2646203786665923649276728595390119057, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" }, - "status": "COMPLETED" + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA", + "value": "DigiCert SHA2 Secure Server CA" + } + ], + "rfc4514_string": "CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "qJhdOmXl5cSy19ZtQMbdL7GcVDY=", + "fingerprint_sha256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=", + "hpkp_pin": "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "not_valid_after": "2031-11-10T00:00:00", + "not_valid_before": "2006-11-10T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303 + }, + "serial_number": 10944719598952040374951832963794454346, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.5", + "name": "sha1WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 20, + "name": "sha1" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=DigiCert Inc", + "value": "DigiCert Inc" + }, + { + "oid": { + "dotted_string": "2.5.4.11", + "name": "organizationalUnitName" + }, + "rfc4514_string": "OU=www.digicert.com", + "value": "www.digicert.com" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DigiCert Global Root CA", + "value": "DigiCert Global Root CA" + } + ], + "rfc4514_string": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "verified_chain_has_legacy_symantec_anchor": false, + "verified_chain_has_sha1_signature": false + } + ], + "hostname_used_for_server_name_indication": "wrong.host.badssl.com" + }, + "status": "COMPLETED" + }, + "elliptic_curves": { + "error_reason": null, + "error_trace": null, + "result": { + "rejected_curves": [ + { + "name": "X25519", + "openssl_nid": 1034 + }, + { + "name": "X448", + "openssl_nid": 1035 + }, + { + "name": "prime192v1", + "openssl_nid": 409 + }, + { + "name": "secp160k1", + "openssl_nid": 708 + }, + { + "name": "secp160r1", + "openssl_nid": 709 + }, + { + "name": "secp160r2", + "openssl_nid": 710 + }, + { + "name": "secp192k1", + "openssl_nid": 711 + }, + { + "name": "secp224k1", + "openssl_nid": 712 + }, + { + "name": "secp224r1", + "openssl_nid": 713 + }, + { + "name": "secp256k1", + "openssl_nid": 714 + }, + { + "name": "secp384r1", + "openssl_nid": 715 + }, + { + "name": "secp521r1", + "openssl_nid": 716 + }, + { + "name": "sect163k1", + "openssl_nid": 721 + }, + { + "name": "sect163r1", + "openssl_nid": 722 + }, + { + "name": "sect163r2", + "openssl_nid": 723 + }, + { + "name": "sect193r1", + "openssl_nid": 724 + }, + { + "name": "sect193r2", + "openssl_nid": 725 + }, + { + "name": "sect233k1", + "openssl_nid": 726 + }, + { + "name": "sect233r1", + "openssl_nid": 727 + }, + { + "name": "sect239k1", + "openssl_nid": 728 + }, + { + "name": "sect283k1", + "openssl_nid": 729 + }, + { + "name": "sect283r1", + "openssl_nid": 730 + }, + { + "name": "sect409k1", + "openssl_nid": 731 + }, + { + "name": "sect409r1", + "openssl_nid": 732 + }, + { + "name": "sect571k1", + "openssl_nid": 733 + }, + { + "name": "sect571r1", + "openssl_nid": 734 + } + ], + "supported_curves": [ + { + "name": "prime256v1", + "openssl_nid": 415 + } + ], + "supports_ecdh_key_exchange": true + }, + "status": "COMPLETED" + }, + "heartbleed": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_heartbleed": false + }, + "status": "COMPLETED" + }, + "http_headers": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "openssl_ccs_injection": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_ccs_injection": false + }, + "status": "COMPLETED" + }, + "robot": { + "error_reason": null, + "error_trace": null, + "result": { + "robot_result": "NOT_VULNERABLE_NO_ORACLE" + }, + "status": "COMPLETED" + }, + "session_renegotiation": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_client_renegotiation_dos": false, + "supports_secure_renegotiation": true + }, + "status": "COMPLETED" + }, + "session_resumption": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "ssl_2_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_RC4_128_WITH_MD5", + "openssl_name": "RC4-MD5" }, - "tls_1_1_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BEmgZTGoxpqe+Aetr+AWBJ/dX1HCq394CXgbHr9tVvSWoFCsISdRUNBDjzKse+tLkF5jF1rP6ME4jkYHayaNlIk=", - "size": 256, - "type_name": "ECDH", - "x": "SaBlMajGmp74B62v4BYEn91fUcKrf3gJeBsev21W9JY=", - "y": "oFCsISdRUNBDjzKse+tLkF5jF1rP6ME4jkYHayaNlIk=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BDgXO8IwJLv4BsmiDhieAY5Q5slt6ikitFhgCvs/2cTNT6KNAKW1PM83PvIt/Zj1GTziBaJhRf/LxYngcZrVxqk=", - "size": 256, - "type_name": "ECDH", - "x": "OBc7wjAku/gGyaIOGJ4BjlDmyW3qKSK0WGAK+z/ZxM0=", - "y": "T6KNAKW1PM83PvIt/Zj1GTziBaJhRf/LxYngcZrVxqk=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BIsDYmMa7l1g5Y2nN99UJ6Sg9aR8ZuZvKxBxku8qv59ISLR3KhEEMZOR4oqzaK4qKn0PTxjNn1Efqf5ZM/5zqnc=", - "size": 256, - "type_name": "ECDH", - "x": "iwNiYxruXWDljac331QnpKD1pHxm5m8rEHGS7yq/n0g=", - "y": "SLR3KhEEMZOR4oqzaK4qKn0PTxjNn1Efqf5ZM/5zqnc=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "Z90SoiWvUKTVLRdDKG13NVmED+zWEUyHfmwdsJb//oLfq3Q1ahNnMbNJ/Uwum0ZPfDejczUhLFesHEMxbhwicFoStQGese+lHZ7OwZrfAE2ADnwTp3523trpaBZc9hsbfj3wTKFO/QeYd083wBpCP5QouKf+5wnQ76sdWAKi3qQazq/CgpwRtsSAVOxEOhUaHloOoC+lskbCppOSKZJNsPnzP/Ho/Ze2BSuxdpNnu60/Tu2HxJSvNJzTsYAsRC8JizYTGc8W9ex8Axyx+PTkyHD3pte3iifLJtiCdFhfLg3YUYs7ZYEG8/9wU7YhyW2NLn1ZaRAWvuI6xxPyeV0a6g==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "hrtvc1hSn7AiNcfwDmsfwn5Xb3MvkXAG2LkBCj2Ks4RQHdSsFuoyErXo5PyidNQ4IuBBON+2ioWRAxsWt33Ljs+cjFd8etXOtb52GPOhd9N6CgKmWFsdDXhbAKAJsnD9s2CEtAouUDPWmz8iA71DvBw+d53mM5IAMmAcmJzZk542Xo8inGPY0zSiSREqe/iMZbiJn9H5LkMuKye6NNEL7LWRTNHxHbETdBR9kwVWXZ62L/Ae5WdmFHpYhHfn6mdwXgzsRWaQM3Jat31CtnCh0ITJQ2fYmDDObu69yE3l46EfV1K+HashUqp61iP9jxKXpFo7OBBBUZBJ8ZB/URSUKw==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "dqcxLuG5V7hd4O8Y6r7rcCFLtlEBItaYgQh1UGRZLFCmsedKk8ZsJP8+O3zucyb+fOyQ7p5HlGLHzY4QpRNYvWNtgWkC8at0vRxdIqTiqBntVAww4OaYGqLrV4UZYwbJzonKFv/cCjGtkKlmwNhXcZpQAuAnOhzDkQ4+R+069oNw+ZVAuutX0XpbgbQsLQXvWsE8ox+QzKUsg4T97pyyOBodbIkFeni8ovXhShYLwvTOsFrkY7FgYd9LtPcBzjn7qPLNCZrHQEWevZw3lGdmq8od3gXuXQFLnOfD/IMw0Huzr7vUY4la3uOVRtnA9V68yYNSJpuLO1VUYs59BlU1hQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "crLZXfOKs6GhcCDwwJYfZpOH7WnxVk/loV6Govzl+qJ1jET7vF3ndo6yN7IvXImUVgeHUT6ekX+0rUQANhJU2fW/cJ2aCDdkbHDkk5xBQ7OeumDwPFea9ZqKx7JmmMf1JkEe99W0uLi0l61lkOr0CG92iWrdawHE7TU5E96pNXHmIPluY6sO/y1+6SBOSDuGhxcSFBVcea2QIZUAEuAL5bVX215rwvt2z4q6Tk7Q8P80+nqTHmjuz70L1fcv/9QRLANKNCfHydKpAuwpIdVbZZUEVaWfrGMYa7HfFfVmXX8U/pEgffpX0tRPX6KdGCNudjtPBhQUSIzRPLK9pzupKw==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_1" - }, - "status": "COMPLETED" + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "SSL_CK_RC4_128_EXPORT40_WITH_MD5", + "openssl_name": "EXP-RC4-MD5" }, - "tls_1_2_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "AES256-GCM-SHA384" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "AES256-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "AES128-GCM-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "AES128-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDHE-RSA-AES256-GCM-SHA384" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BKoMeTX7hWNbtnArw6PzXlyBwtSCHp6/oZPFBmBdOSLeB9+ufh5JxQZVI1NY/WEAkNYc/t7FdibruCHL2LiZrkY=", - "size": 256, - "type_name": "ECDH", - "x": "qgx5NfuFY1u2cCvDo/NeXIHC1IIenr+hk8UGYF05It4=", - "y": "B9+ufh5JxQZVI1NY/WEAkNYc/t7FdibruCHL2LiZrkY=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDHE-RSA-AES256-SHA384" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BJ2Czp+IxZ6ntCjxfUkf0iKC8USWcgwpOYHvOQ+P4PNC4NYYKKkqQwyyx/qNo5mvlVPBNFRUoCRzFEHD0OA7+s8=", - "size": 256, - "type_name": "ECDH", - "x": "nYLOn4jFnqe0KPF9SR/SIoLxRJZyDCk5ge85D4/g80I=", - "y": "4NYYKKkqQwyyx/qNo5mvlVPBNFRUoCRzFEHD0OA7+s8=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BMfnzpCoU+2Pj/2BP4Uj2WsgMlYf7KUzTEHPJ/hikT7jOqLTqHbYcXfbgL6JH6UNtXq9OaQdLt0U4CqZIOLg2Ew=", - "size": 256, - "type_name": "ECDH", - "x": "x+fOkKhT7Y+P/YE/hSPZayAyVh/spTNMQc8n+GKRPuM=", - "y": "OqLTqHbYcXfbgL6JH6UNtXq9OaQdLt0U4CqZIOLg2Ew=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDHE-RSA-AES128-GCM-SHA256" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BImmd0zjRxETolLFeOILXyuPO0NkDrUXd2dyxaDfYoWFxaFywB3feTHjHBo0h9m/KCV7KNfGoMfNgPQwYKQA63U=", - "size": 256, - "type_name": "ECDH", - "x": "iaZ3TONHEROiUsV44gtfK487Q2QOtRd3Z3LFoN9ihYU=", - "y": "xaFywB3feTHjHBo0h9m/KCV7KNfGoMfNgPQwYKQA63U=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDHE-RSA-AES128-SHA256" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BH1EtOMsVyQylMuVKjeykbdcDkHofaVya4Dk7a04dGDkR7eEsygOKD5aRZCckTN2h5W3QUQ+r4uzyc00o6vXelo=", - "size": 256, - "type_name": "ECDH", - "x": "fUS04yxXJDKUy5UqN7KRt1wOQeh9pXJrgOTtrTh0YOQ=", - "y": "R7eEsygOKD5aRZCckTN2h5W3QUQ+r4uzyc00o6vXelo=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BPEuzwZqmNQ+4OY3xJo2neiMJn0Jzq1/nKpyXatNDRNrO23D/FryK6ft1pQi8+j+BF1x8AUTlUKWOtwgzBELf3c=", - "size": 256, - "type_name": "ECDH", - "x": "8S7PBmqY1D7g5jfEmjad6IwmfQnOrX+cqnJdq00NE2s=", - "y": "O23D/FryK6ft1pQi8+j+BF1x8AUTlUKWOtwgzBELf3c=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BCdaVR1CTRgIcNVeLEfrC+diIxbko2xDSeg4PL9w/GuMItEl/ZpvhBF+JhkeB88Z7bUf2De3LsRkmbfXF9Qf01Q=", - "size": 256, - "type_name": "ECDH", - "x": "J1pVHUJNGAhw1V4sR+sL52IjFuSjbENJ6Dg8v3D8a4w=", - "y": "ItEl/ZpvhBF+JhkeB88Z7bUf2De3LsRkmbfXF9Qf01Q=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "AZQ0uu/miXo0DgiJ0nCPZF1CuRzqr29MiY0qrEOKMzz2SSET1FakxCLXfPjVdPjnxZB2aPsNo62Bwi+7UboyLkNvKwfSVnxKde2Fqq2IOivoIORdxs9SaTXCecnG7GkSMfykhVw76QFxht+MWZhR6bVDC0bMOIbG5sCab0uVkVlLXHHQt4r+CTAqXP5DoxbgSjOwBBxYwsxN1sSfwLOqbLtVAGo7w7drZNFC+7uwl3IBx3cds5U1O4r0fcF/DzRWl/dcw+I9LxauoRKT639evbQYQw77WhRK08mnxjwVb7q6vSbLdvN2i7IAC6PiKQbQIlQxD09C4WGnYpdeaMlXmQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "GvVYrRJ6zwYMi6kdMj4VEmCfJ4y979Ih48FVNzW9V3aArAXuFnX+ddoGPCT4kL8ryGcIo9F8wbAvc6oJJA5BKBA3I4eTNoMVREIhiEiByXsRWT1EB2cO5mNgAHFCR23R8DnQelklQvMY4cQ5YjR9wWFGLBUFYRWQgYyfgtrJYQ18gFkfPwqpjz4dR79O6PQUns8MY/QTLXB/ipFFJw5dMD0xrbxQ8icEAbD3gltAaloWdMIaQqHQMWOa5SeKnwYvneME3J/T9MoFXWQg/3uQT5faNttJtVHV7k2U42cPbJByzcGOvBUsTgJjubzi0VjJocnk5SihbdJ7cM9Z91jAiw==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "DHE-RSA-AES256-GCM-SHA384" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "rQeRiKxdZbOo3Xdqg6c2hC8mZ0O03EZrJAvHwRzBmGZdfYgmAq+JAuYJTZ6GjY0v+pMqNZUyLkIQygvgT8EQ3aQ2vkbCxfrI59eF6uFR5io/OeOkoWtM6ovA80kNffoIp2PpxRdOKitB3irjd2Cd/caZJx9MEzMA2ykZa3NbllfJV/vKQ4d1wGOEeSfK8FX5XiPCVBcz/3MVHmc48C5l0+zLzFYnDKcO/jHhsxh/Ldo9Q990JNLOeS/4y7rPKOFUOJW8imuavQUoo9YYU8WWb6oiFWYdmXRzG3yrmTSbYVvTrAPoVG7LDs1shH6kkAid0YUE0DhPRO8LKA0WCOSMiA==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "DHE-RSA-AES256-SHA256" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "KSMNn5ymo/2EmShpV9/CnuYGmAOGDIBCui7CtnviMpyVj/3roQW8hSjHzPRFLq8Up+ezBKYQVMkRvMUDIK1k/rcKyd4iM96XTSeDf7ZiYmNyXizfRGUsTUPB6VhpAKXp6hZrA0mbD9/acpomRW3PmtgIPC/hSV/xLHKxXxICH6tBPWhxaigwzdvObXq4lA6XQ98Lui/HUpkB0tBSko89YAqhvOPGQu0zk1saNKMvSoK+ObfBqQWBJjG0gdCJKLZj9V4YFM55wrOJNdXnBBH7wtHC3m5UIqbZVtnrA30BICSHfJukXXyz5j+zs2rzAgHGEqphR3LOSlx3QhMcDQPYYQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "uUj5Nmu6tZZGaEko31ZssOJL19qqPObHYI4UVODWI1BIBg8du5cdOhcbrU5Sc2mklv3jvKYmK6YtqJPAgsvI6k1zXlpZmBsTPTrdkuOuxtosWj6p/b0LcczeXiWOqBsY17aXUwri/qfpfTBTQ6XWWll8WUqJxths5DdB1Ok0MMy1vrYV5ryIOAIxL2DZ324HxjdzS3Dayxp+kJCHCcvv2XXl+TgD0TqhJHHfKQ7x1SBOBCnMxQ8ikI9qgE3khYj2Iz/cptVxN0EsupwYvuVeo++SG70hALagySvugr2S5og0Vf+gUcKTXXuuAO5b69X7zQhBnSq07ZsBY/a2qXw1mQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "DHE-RSA-AES128-GCM-SHA256" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "YxS6bFe+dBKdGFqY6fSzO7pGhQ4HpJF8ZFzZVfVfO6ugh1zlcwwQlEe3AIZGKgPRVWaYSb0IIdy8ynYCvGyJXzMEyK87GEiO91WyANHm80K66vD/DVpAYY1043Y0rQnkw8RtqkQi0cRtaTsnhcLQe1bJc4Oc00j8qM9VdDoEuEFrWjQhNygS1n4rmyMacUKO5nciVEwpK6nWorRkFrpPwLZ9+lu1Yy5/Ys6hxt0OZLIi6ivATn+R8fg86hu2mTysAhMYE9XlUbj1K44ybUkx8zq5tQ+Z2KFC8MTfVazY9w1b2YxMYM3d0tEZH/j6it5WESb8XYEJQZULF+O5cw5fsg==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "DHE-RSA-AES128-SHA256" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "Qx4G0rXhuAC4TbclOqMQHTTPxonvgfd+PSx3l9aGMCP/ZlSwL8XUeZHPgJFPgXEeg1Wee4JFOWQVH84iXAinppOprwBtOOeFHgketzD+jUf3UqbvzjHm39gc4tfjGPe2FqMsT6i9hy0KV1GPUz/UEjPjeTSQXlixMo9WzqYpCWNyCYClp3CcFKi8NBPoL0nJZdqjxGQs+Dsy6tc5rmDMpl7SxuZ45c3PuuVCk0gwXvNBBDz0s/qC60h4Br2CajaIpPxcxzz7rtqRxzX5+AJgOER6JvpDU3rtbcOP0ruzNWnii1SG9jKf00bEKwfTBiLeubBS+PyLSyxCwCspV+p8sQ==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": null, - "generator": "Ag==", - "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", - "public_bytes": "Bm33b9Mvue0f+ZDwNgGBOZBcT8lMzd8Nw4AgWpDNpBvFqz52/zgJVpmu/qFvdEopWuJ89hGJX4Wzw0k6DmFwkDP4I/tcwidVfE2tnmfP72y+0kPm7oInhxO2TVprb70ATlSVui1MzIzzK6CVaPEJD+SeXGHLqOqPU1tnOeae47UFotuRA3FkcynNBz8788d9jMN99ONHDrLkQAIaeMGeY3+fThAH1fryZgJQ6nKVIdDy/7KeFpSKq1hO4t8hRKe86fKkvwSx9qwsYyUjef1BrjTN+i3ZNDfqS+eC/DNmOH4om9uksgnR8iGjgOzPC8JAqY+RhmlRETgwR4pamHg6Jw==", - "size": 2048, - "type_name": "DH", - "x": null, - "y": null - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA256", - "openssl_name": "NULL-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_256_CCM_8", - "openssl_name": "AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CCM", - "openssl_name": "AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CCM_8", - "openssl_name": "AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CCM", - "openssl_name": "AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDH-RSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDH-RSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDH-RSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDH-RSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDH-ECDSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDH-ECDSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDH-ECDSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDH-ECDSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "ECDHE-RSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", - "openssl_name": "ECDHE-RSA-CAMELLIA256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "ECDHE-RSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ECDHE-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ECDHE-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "ECDHE-ECDSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", - "openssl_name": "ECDHE-ECDSA-CAMELLIA256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "ECDHE-ECDSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ECDHE-ECDSA-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ECDHE-ECDSA-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDHE-ECDSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", - "openssl_name": "ECDHE-ECDSA-AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", - "openssl_name": "ECDHE-ECDSA-AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDHE-ECDSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDHE-ECDSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", - "openssl_name": "ECDHE-ECDSA-AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", - "openssl_name": "ECDHE-ECDSA-AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDHE-ECDSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_GCM_SHA384", - "openssl_name": "ADH-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA256", - "openssl_name": "ADH-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_GCM_SHA256", - "openssl_name": "ADH-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA256", - "openssl_name": "ADH-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "DH-RSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "DH-RSA-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "DH-RSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "DH-RSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", - "openssl_name": "DH-DSS-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", - "openssl_name": "DH-DSS-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", - "openssl_name": "DH-DSS-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", - "openssl_name": "DH-DSS-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "DHE-RSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "DHE-RSA-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "DHE-RSA-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CCM_8", - "openssl_name": "DHE-RSA-AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CCM", - "openssl_name": "DHE-RSA-AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CCM_8", - "openssl_name": "DHE-RSA-AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CCM", - "openssl_name": "DHE-RSA-AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "DHE-DSS-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "DHE-DSS-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", - "openssl_name": "DHE-DSS-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", - "openssl_name": "DHE-DSS-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", - "openssl_name": "DHE-DSS-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", - "openssl_name": "DHE-DSS-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DHE-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_2" - }, - "status": "COMPLETED" - }, - "tls_1_3_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_CHACHA20_POLY1305_SHA256", - "openssl_name": "TLS_CHACHA20_POLY1305_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_AES_256_GCM_SHA384", - "openssl_name": "TLS_AES_256_GCM_SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_GCM_SHA256", - "openssl_name": "TLS_AES_128_GCM_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_CCM_SHA256", - "openssl_name": "TLS_AES_128_CCM_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_CCM_8_SHA256", - "openssl_name": "TLS_AES_128_CCM_8_SHA256" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_3" - }, - "status": "COMPLETED" - }, - "tls_1_3_early_data": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "tls_compression": { - "error_reason": null, - "error_trace": null, - "result": { - "supports_compression": false - }, - "status": "COMPLETED" + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_RC2_128_CBC_WITH_MD5", + "openssl_name": "RC2-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_IDEA_128_CBC_WITH_MD5", + "openssl_name": "IDEA-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "SSL_CK_DES_64_CBC_WITH_MD5", + "openssl_name": "DES-CBC-MD5" + }, + "error_message": "Server rejected the connection" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "SSL_CK_DES_192_EDE3_CBC_WITH_MD5", + "openssl_name": "DES-CBC3-MD5" + }, + "error_message": "Server rejected the connection" + } + ], + "tls_version_used": "SSL_2_0" + }, + "status": "COMPLETED" + }, + "ssl_3_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "SSL_3_0" + }, + "status": "COMPLETED" + }, + "tls_1_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BLbNGNYaA0RiGx+/ok6eIiojMKF6qhslhvnnhJdOAYWvWIj1bb+iexP1n5gfTBXG/awjvGbF7q9VRU3gnoyqfYA=", + "size": 256, + "type_name": "ECDH", + "x": "ts0Y1hoDRGIbH7+iTp4iKiMwoXqqGyWG+eeEl04Bha8=", + "y": "WIj1bb+iexP1n5gfTBXG/awjvGbF7q9VRU3gnoyqfYA=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BAo58RWCnTavJSARqpZOcL4XHd86OIp1yk0ODHrd4nq302g9RdxBjj8g8+k4gOfqCboPolQZcr94qaXKe/7cU4A=", + "size": 256, + "type_name": "ECDH", + "x": "CjnxFYKdNq8lIBGqlk5wvhcd3zo4inXKTQ4Met3ierc=", + "y": "02g9RdxBjj8g8+k4gOfqCboPolQZcr94qaXKe/7cU4A=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BK/ruGuqLY621R9/kkEwdbxLGiTrwweVcv7aAkeB5F1VoGVmRLAYWb5Ed8IfbcLp8E7tejZcEX75u0avGKyhXkk=", + "size": 256, + "type_name": "ECDH", + "x": "r+u4a6otjrbVH3+SQTB1vEsaJOvDB5Vy/toCR4HkXVU=", + "y": "oGVmRLAYWb5Ed8IfbcLp8E7tejZcEX75u0avGKyhXkk=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "mr3/KAXL/r07okd6pAceJT0rKwhLNsWS0F2Oj/0ZgE/0Ld5QcA5xwwwOT//0MoULlkP1zMcDc305l2ByBhr+sRkfvn0Y42wSykj4gnXfydf+skAJDNKDlSMZef37ceUIB7pPuEBO6QUrDy8PUIbx5H9VDoKUCNhQinH+54F9poVLPwT3uZyDDw6dH3dC65VynYYqPxz0h7V8fzXyiv023J83s8hpgPQ1sGPZaynXEc5BP1AByqBVtNT2asARdMBBi7qlK2KP9PEpjj07wyQTw/WtyOmWg8tzbIuQx4u8A79IYI/aPUFCgaT+6AGV51omGJm6ycyNyvHCr+Z3D75FjQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "eeoNrfqPAiAnXsRlbjbKlQJm7FZoWYJIkI6tPlvBC7nPN89kwDlMZQTJjLRvaOqN5sXOniQ0Ex1z12WIn00O2tEzbI2qyaMjfXAraz05/N2OJ+3sL94LAiaUVsvZKi97yvhtQaAj2RrVT4eM2C99vPwyDLQPYL5b61mmVZtfwZUCq1XNfiKjQllfPThYINB1LPjHDeX4urwnQVYCzRzWF1vg1ZMSwUdX68PF3pPnt5rMIhbMWUxsWdu8RsoMvGeCATm3Tlxas1eQaCELtb0xfBGoy5MJdFokskB3bZsccwkh5JsYs46IYc93pgSaW4PkZUemqYDJdrFwbVwBpycbHA==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "apSkbelllZHViWmf/JO3xiVxMcLRanwTR6r32hzNg8v9tSuBZStlN2OxGABBllRKft+jVqH4WpST7vJfVrtpk0zDGYfOmXysN/nk9QRKxoeC9tvjcj+1pt4gt30u2Jc2Poq08TJZN/9/INB8FHDtdh+KqQocm6DAt3IPjL2Kkef/mbsg2wJy3PliTqGcmbSA1kPwrxa8orY6onf9O/4QYnWuF4PY42Zc+8sw5osKqGhehzJ1el4c1tlGQCoHnCA2d5L0gNpuOEtmRHbHx1Bd6uyhYDUlh1bgl9W5Yw+q+k1Xv0nFoVGkF6IvsanxzYEY51AiYzo1+zoJ8s/e0R0dng==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "egUysb2xT8uP6diMD9i9x/pL6M7pRvBWRgroSYly7TKTmDlBnOExwOjr01508A2Od1Lk24Vr7/b4ot/UryOztRgVLdrv5xXuAYcMEJjIeGjTSsYnncfJiJmTzGkJyALdvniobrRw1S679jsGXiAYsuAeMZwG3g3QIiN88b9/fu+bbyDeo8Ww2ycgZIuyfmfUJ2ewgPXuzChCDxHdQ9hlRDkqlkytAoM2IO/uoRSQw945NNQ0w60e4hL6N/ZdPM0FPayObTXGOyDcxisnDlmWF3a31HzOaWTBtCheim4Bw9Wour0cgn/zPqblyiGoTNK7oRReecOO/fyfm5H8YAJ4tw==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_0" + }, + "status": "COMPLETED" + }, + "tls_1_1_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" }, - "tls_fallback_scsv": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BEmgZTGoxpqe+Aetr+AWBJ/dX1HCq394CXgbHr9tVvSWoFCsISdRUNBDjzKse+tLkF5jF1rP6ME4jkYHayaNlIk=", + "size": 256, + "type_name": "ECDH", + "x": "SaBlMajGmp74B62v4BYEn91fUcKrf3gJeBsev21W9JY=", + "y": "oFCsISdRUNBDjzKse+tLkF5jF1rP6ME4jkYHayaNlIk=" } - }, - "scan_status": "COMPLETED", - "server_location": { - "connection_type": "DIRECT", - "hostname": "wrong.host.badssl.com", - "http_proxy_settings": null, - "ip_address": "104.154.89.105", - "port": 443 - }, - "uuid": "fd8bffb6-f788-46ef-8956-cc71c5d28dd9" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BDgXO8IwJLv4BsmiDhieAY5Q5slt6ikitFhgCvs/2cTNT6KNAKW1PM83PvIt/Zj1GTziBaJhRf/LxYngcZrVxqk=", + "size": 256, + "type_name": "ECDH", + "x": "OBc7wjAku/gGyaIOGJ4BjlDmyW3qKSK0WGAK+z/ZxM0=", + "y": "T6KNAKW1PM83PvIt/Zj1GTziBaJhRf/LxYngcZrVxqk=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BIsDYmMa7l1g5Y2nN99UJ6Sg9aR8ZuZvKxBxku8qv59ISLR3KhEEMZOR4oqzaK4qKn0PTxjNn1Efqf5ZM/5zqnc=", + "size": 256, + "type_name": "ECDH", + "x": "iwNiYxruXWDljac331QnpKD1pHxm5m8rEHGS7yq/n0g=", + "y": "SLR3KhEEMZOR4oqzaK4qKn0PTxjNn1Efqf5ZM/5zqnc=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "Z90SoiWvUKTVLRdDKG13NVmED+zWEUyHfmwdsJb//oLfq3Q1ahNnMbNJ/Uwum0ZPfDejczUhLFesHEMxbhwicFoStQGese+lHZ7OwZrfAE2ADnwTp3523trpaBZc9hsbfj3wTKFO/QeYd083wBpCP5QouKf+5wnQ76sdWAKi3qQazq/CgpwRtsSAVOxEOhUaHloOoC+lskbCppOSKZJNsPnzP/Ho/Ze2BSuxdpNnu60/Tu2HxJSvNJzTsYAsRC8JizYTGc8W9ex8Axyx+PTkyHD3pte3iifLJtiCdFhfLg3YUYs7ZYEG8/9wU7YhyW2NLn1ZaRAWvuI6xxPyeV0a6g==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "hrtvc1hSn7AiNcfwDmsfwn5Xb3MvkXAG2LkBCj2Ks4RQHdSsFuoyErXo5PyidNQ4IuBBON+2ioWRAxsWt33Ljs+cjFd8etXOtb52GPOhd9N6CgKmWFsdDXhbAKAJsnD9s2CEtAouUDPWmz8iA71DvBw+d53mM5IAMmAcmJzZk542Xo8inGPY0zSiSREqe/iMZbiJn9H5LkMuKye6NNEL7LWRTNHxHbETdBR9kwVWXZ62L/Ae5WdmFHpYhHfn6mdwXgzsRWaQM3Jat31CtnCh0ITJQ2fYmDDObu69yE3l46EfV1K+HashUqp61iP9jxKXpFo7OBBBUZBJ8ZB/URSUKw==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "dqcxLuG5V7hd4O8Y6r7rcCFLtlEBItaYgQh1UGRZLFCmsedKk8ZsJP8+O3zucyb+fOyQ7p5HlGLHzY4QpRNYvWNtgWkC8at0vRxdIqTiqBntVAww4OaYGqLrV4UZYwbJzonKFv/cCjGtkKlmwNhXcZpQAuAnOhzDkQ4+R+069oNw+ZVAuutX0XpbgbQsLQXvWsE8ox+QzKUsg4T97pyyOBodbIkFeni8ovXhShYLwvTOsFrkY7FgYd9LtPcBzjn7qPLNCZrHQEWevZw3lGdmq8od3gXuXQFLnOfD/IMw0Huzr7vUY4la3uOVRtnA9V68yYNSJpuLO1VUYs59BlU1hQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "crLZXfOKs6GhcCDwwJYfZpOH7WnxVk/loV6Govzl+qJ1jET7vF3ndo6yN7IvXImUVgeHUT6ekX+0rUQANhJU2fW/cJ2aCDdkbHDkk5xBQ7OeumDwPFea9ZqKx7JmmMf1JkEe99W0uLi0l61lkOr0CG92iWrdawHE7TU5E96pNXHmIPluY6sO/y1+6SBOSDuGhxcSFBVcea2QIZUAEuAL5bVX215rwvt2z4q6Tk7Q8P80+nqTHmjuz70L1fcv/9QRLANKNCfHydKpAuwpIdVbZZUEVaWfrGMYa7HfFfVmXX8U/pEgffpX0tRPX6KdGCNudjtPBhQUSIzRPLK9pzupKw==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_1" + }, + "status": "COMPLETED" + }, + "tls_1_2_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "AES256-GCM-SHA384" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "AES256-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "AES128-GCM-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "AES128-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDHE-RSA-AES256-GCM-SHA384" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BKoMeTX7hWNbtnArw6PzXlyBwtSCHp6/oZPFBmBdOSLeB9+ufh5JxQZVI1NY/WEAkNYc/t7FdibruCHL2LiZrkY=", + "size": 256, + "type_name": "ECDH", + "x": "qgx5NfuFY1u2cCvDo/NeXIHC1IIenr+hk8UGYF05It4=", + "y": "B9+ufh5JxQZVI1NY/WEAkNYc/t7FdibruCHL2LiZrkY=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDHE-RSA-AES256-SHA384" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BJ2Czp+IxZ6ntCjxfUkf0iKC8USWcgwpOYHvOQ+P4PNC4NYYKKkqQwyyx/qNo5mvlVPBNFRUoCRzFEHD0OA7+s8=", + "size": 256, + "type_name": "ECDH", + "x": "nYLOn4jFnqe0KPF9SR/SIoLxRJZyDCk5ge85D4/g80I=", + "y": "4NYYKKkqQwyyx/qNo5mvlVPBNFRUoCRzFEHD0OA7+s8=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BMfnzpCoU+2Pj/2BP4Uj2WsgMlYf7KUzTEHPJ/hikT7jOqLTqHbYcXfbgL6JH6UNtXq9OaQdLt0U4CqZIOLg2Ew=", + "size": 256, + "type_name": "ECDH", + "x": "x+fOkKhT7Y+P/YE/hSPZayAyVh/spTNMQc8n+GKRPuM=", + "y": "OqLTqHbYcXfbgL6JH6UNtXq9OaQdLt0U4CqZIOLg2Ew=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDHE-RSA-AES128-GCM-SHA256" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BImmd0zjRxETolLFeOILXyuPO0NkDrUXd2dyxaDfYoWFxaFywB3feTHjHBo0h9m/KCV7KNfGoMfNgPQwYKQA63U=", + "size": 256, + "type_name": "ECDH", + "x": "iaZ3TONHEROiUsV44gtfK487Q2QOtRd3Z3LFoN9ihYU=", + "y": "xaFywB3feTHjHBo0h9m/KCV7KNfGoMfNgPQwYKQA63U=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDHE-RSA-AES128-SHA256" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BH1EtOMsVyQylMuVKjeykbdcDkHofaVya4Dk7a04dGDkR7eEsygOKD5aRZCckTN2h5W3QUQ+r4uzyc00o6vXelo=", + "size": 256, + "type_name": "ECDH", + "x": "fUS04yxXJDKUy5UqN7KRt1wOQeh9pXJrgOTtrTh0YOQ=", + "y": "R7eEsygOKD5aRZCckTN2h5W3QUQ+r4uzyc00o6vXelo=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BPEuzwZqmNQ+4OY3xJo2neiMJn0Jzq1/nKpyXatNDRNrO23D/FryK6ft1pQi8+j+BF1x8AUTlUKWOtwgzBELf3c=", + "size": 256, + "type_name": "ECDH", + "x": "8S7PBmqY1D7g5jfEmjad6IwmfQnOrX+cqnJdq00NE2s=", + "y": "O23D/FryK6ft1pQi8+j+BF1x8AUTlUKWOtwgzBELf3c=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BCdaVR1CTRgIcNVeLEfrC+diIxbko2xDSeg4PL9w/GuMItEl/ZpvhBF+JhkeB88Z7bUf2De3LsRkmbfXF9Qf01Q=", + "size": 256, + "type_name": "ECDH", + "x": "J1pVHUJNGAhw1V4sR+sL52IjFuSjbENJ6Dg8v3D8a4w=", + "y": "ItEl/ZpvhBF+JhkeB88Z7bUf2De3LsRkmbfXF9Qf01Q=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "AZQ0uu/miXo0DgiJ0nCPZF1CuRzqr29MiY0qrEOKMzz2SSET1FakxCLXfPjVdPjnxZB2aPsNo62Bwi+7UboyLkNvKwfSVnxKde2Fqq2IOivoIORdxs9SaTXCecnG7GkSMfykhVw76QFxht+MWZhR6bVDC0bMOIbG5sCab0uVkVlLXHHQt4r+CTAqXP5DoxbgSjOwBBxYwsxN1sSfwLOqbLtVAGo7w7drZNFC+7uwl3IBx3cds5U1O4r0fcF/DzRWl/dcw+I9LxauoRKT639evbQYQw77WhRK08mnxjwVb7q6vSbLdvN2i7IAC6PiKQbQIlQxD09C4WGnYpdeaMlXmQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "GvVYrRJ6zwYMi6kdMj4VEmCfJ4y979Ih48FVNzW9V3aArAXuFnX+ddoGPCT4kL8ryGcIo9F8wbAvc6oJJA5BKBA3I4eTNoMVREIhiEiByXsRWT1EB2cO5mNgAHFCR23R8DnQelklQvMY4cQ5YjR9wWFGLBUFYRWQgYyfgtrJYQ18gFkfPwqpjz4dR79O6PQUns8MY/QTLXB/ipFFJw5dMD0xrbxQ8icEAbD3gltAaloWdMIaQqHQMWOa5SeKnwYvneME3J/T9MoFXWQg/3uQT5faNttJtVHV7k2U42cPbJByzcGOvBUsTgJjubzi0VjJocnk5SihbdJ7cM9Z91jAiw==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "DHE-RSA-AES256-GCM-SHA384" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "rQeRiKxdZbOo3Xdqg6c2hC8mZ0O03EZrJAvHwRzBmGZdfYgmAq+JAuYJTZ6GjY0v+pMqNZUyLkIQygvgT8EQ3aQ2vkbCxfrI59eF6uFR5io/OeOkoWtM6ovA80kNffoIp2PpxRdOKitB3irjd2Cd/caZJx9MEzMA2ykZa3NbllfJV/vKQ4d1wGOEeSfK8FX5XiPCVBcz/3MVHmc48C5l0+zLzFYnDKcO/jHhsxh/Ldo9Q990JNLOeS/4y7rPKOFUOJW8imuavQUoo9YYU8WWb6oiFWYdmXRzG3yrmTSbYVvTrAPoVG7LDs1shH6kkAid0YUE0DhPRO8LKA0WCOSMiA==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "DHE-RSA-AES256-SHA256" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "KSMNn5ymo/2EmShpV9/CnuYGmAOGDIBCui7CtnviMpyVj/3roQW8hSjHzPRFLq8Up+ezBKYQVMkRvMUDIK1k/rcKyd4iM96XTSeDf7ZiYmNyXizfRGUsTUPB6VhpAKXp6hZrA0mbD9/acpomRW3PmtgIPC/hSV/xLHKxXxICH6tBPWhxaigwzdvObXq4lA6XQ98Lui/HUpkB0tBSko89YAqhvOPGQu0zk1saNKMvSoK+ObfBqQWBJjG0gdCJKLZj9V4YFM55wrOJNdXnBBH7wtHC3m5UIqbZVtnrA30BICSHfJukXXyz5j+zs2rzAgHGEqphR3LOSlx3QhMcDQPYYQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "uUj5Nmu6tZZGaEko31ZssOJL19qqPObHYI4UVODWI1BIBg8du5cdOhcbrU5Sc2mklv3jvKYmK6YtqJPAgsvI6k1zXlpZmBsTPTrdkuOuxtosWj6p/b0LcczeXiWOqBsY17aXUwri/qfpfTBTQ6XWWll8WUqJxths5DdB1Ok0MMy1vrYV5ryIOAIxL2DZ324HxjdzS3Dayxp+kJCHCcvv2XXl+TgD0TqhJHHfKQ7x1SBOBCnMxQ8ikI9qgE3khYj2Iz/cptVxN0EsupwYvuVeo++SG70hALagySvugr2S5og0Vf+gUcKTXXuuAO5b69X7zQhBnSq07ZsBY/a2qXw1mQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "DHE-RSA-AES128-GCM-SHA256" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "YxS6bFe+dBKdGFqY6fSzO7pGhQ4HpJF8ZFzZVfVfO6ugh1zlcwwQlEe3AIZGKgPRVWaYSb0IIdy8ynYCvGyJXzMEyK87GEiO91WyANHm80K66vD/DVpAYY1043Y0rQnkw8RtqkQi0cRtaTsnhcLQe1bJc4Oc00j8qM9VdDoEuEFrWjQhNygS1n4rmyMacUKO5nciVEwpK6nWorRkFrpPwLZ9+lu1Yy5/Ys6hxt0OZLIi6ivATn+R8fg86hu2mTysAhMYE9XlUbj1K44ybUkx8zq5tQ+Z2KFC8MTfVazY9w1b2YxMYM3d0tEZH/j6it5WESb8XYEJQZULF+O5cw5fsg==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "DHE-RSA-AES128-SHA256" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "Qx4G0rXhuAC4TbclOqMQHTTPxonvgfd+PSx3l9aGMCP/ZlSwL8XUeZHPgJFPgXEeg1Wee4JFOWQVH84iXAinppOprwBtOOeFHgketzD+jUf3UqbvzjHm39gc4tfjGPe2FqMsT6i9hy0KV1GPUz/UEjPjeTSQXlixMo9WzqYpCWNyCYClp3CcFKi8NBPoL0nJZdqjxGQs+Dsy6tc5rmDMpl7SxuZ45c3PuuVCk0gwXvNBBDz0s/qC60h4Br2CajaIpPxcxzz7rtqRxzX5+AJgOER6JvpDU3rtbcOP0ruzNWnii1SG9jKf00bEKwfTBiLeubBS+PyLSyxCwCspV+p8sQ==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": null, + "generator": "Ag==", + "prime": "ueXoMKt5EQxJ/5GfvyMB0HJdemRV7dSCzKy1qgZE6GTrxc46aJhg7ZUDu5p3iYd+Po4W15oHR1zNhXX3WeiFcKXn9fGuDRgaPI3zqFaV8JT3xiF8dW5TJuucNaYsk7lOhXl4HS+pfmKiDr7PljAcq2Hg+lByUO/MYTX3jruxlhePjU+bmNADy+N0Rumx1aGOU7Jny45nvCVgdFG3UqOD6iHxL7manSi+6TqKmv0Jp0TqJqXEvB5or4PdaSCTdN7gKKGwNzG4PYrkPAS+0TWMyO9FwV9hi6o3DajIK5jprtgxOpJXBszsUH4J9uV5WakHuzHzp8nUTIiL+FDW5b7hYw==", + "public_bytes": "Bm33b9Mvue0f+ZDwNgGBOZBcT8lMzd8Nw4AgWpDNpBvFqz52/zgJVpmu/qFvdEopWuJ89hGJX4Wzw0k6DmFwkDP4I/tcwidVfE2tnmfP72y+0kPm7oInhxO2TVprb70ATlSVui1MzIzzK6CVaPEJD+SeXGHLqOqPU1tnOeae47UFotuRA3FkcynNBz8788d9jMN99ONHDrLkQAIaeMGeY3+fThAH1fryZgJQ6nKVIdDy/7KeFpSKq1hO4t8hRKe86fKkvwSx9qwsYyUjef1BrjTN+i3ZNDfqS+eC/DNmOH4om9uksgnR8iGjgOzPC8JAqY+RhmlRETgwR4pamHg6Jw==", + "size": 2048, + "type_name": "DH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA256", + "openssl_name": "NULL-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_256_CCM_8", + "openssl_name": "AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CCM", + "openssl_name": "AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CCM_8", + "openssl_name": "AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CCM", + "openssl_name": "AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDH-RSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDH-RSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDH-RSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDH-RSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDH-ECDSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDH-ECDSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDH-ECDSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDH-ECDSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "ECDHE-RSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", + "openssl_name": "ECDHE-RSA-CAMELLIA256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "ECDHE-RSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ECDHE-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ECDHE-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "ECDHE-ECDSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", + "openssl_name": "ECDHE-ECDSA-CAMELLIA256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "ECDHE-ECDSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ECDHE-ECDSA-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ECDHE-ECDSA-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDHE-ECDSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", + "openssl_name": "ECDHE-ECDSA-AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", + "openssl_name": "ECDHE-ECDSA-AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDHE-ECDSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDHE-ECDSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", + "openssl_name": "ECDHE-ECDSA-AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", + "openssl_name": "ECDHE-ECDSA-AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDHE-ECDSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_GCM_SHA384", + "openssl_name": "ADH-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA256", + "openssl_name": "ADH-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_GCM_SHA256", + "openssl_name": "ADH-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA256", + "openssl_name": "ADH-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "DH-RSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "DH-RSA-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "DH-RSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "DH-RSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", + "openssl_name": "DH-DSS-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", + "openssl_name": "DH-DSS-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", + "openssl_name": "DH-DSS-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", + "openssl_name": "DH-DSS-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "DHE-RSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "DHE-RSA-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "DHE-RSA-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CCM_8", + "openssl_name": "DHE-RSA-AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CCM", + "openssl_name": "DHE-RSA-AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CCM_8", + "openssl_name": "DHE-RSA-AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CCM", + "openssl_name": "DHE-RSA-AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "DHE-DSS-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "DHE-DSS-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", + "openssl_name": "DHE-DSS-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", + "openssl_name": "DHE-DSS-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", + "openssl_name": "DHE-DSS-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", + "openssl_name": "DHE-DSS-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DHE-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_2" + }, + "status": "COMPLETED" + }, + "tls_1_3_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_CHACHA20_POLY1305_SHA256", + "openssl_name": "TLS_CHACHA20_POLY1305_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_AES_256_GCM_SHA384", + "openssl_name": "TLS_AES_256_GCM_SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_GCM_SHA256", + "openssl_name": "TLS_AES_128_GCM_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_CCM_SHA256", + "openssl_name": "TLS_AES_128_CCM_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_CCM_8_SHA256", + "openssl_name": "TLS_AES_128_CCM_8_SHA256" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_3" + }, + "status": "COMPLETED" + }, + "tls_1_3_early_data": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "tls_compression": { + "error_reason": null, + "error_trace": null, + "result": { + "supports_compression": false + }, + "status": "COMPLETED" + }, + "tls_fallback_scsv": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" } - ], - "sslyze_url": "https://github.com/nabla-c0d3/sslyze", - "sslyze_version": "5.0.0" -} \ No newline at end of file + }, + "scan_status": "COMPLETED", + "server_location": { + "connection_type": "DIRECT", + "hostname": "wrong.host.badssl.com", + "http_proxy_settings": null, + "ip_address": "104.154.89.105", + "port": 443 + }, + "uuid": "fd8bffb6-f788-46ef-8956-cc71c5d28dd9" + } + ], + "sslyze_url": "https://github.com/nabla-c0d3/sslyze", + "sslyze_version": "5.0.0" +} diff --git a/scanners/sslyze/parser/__testFiles__/www.securecodebox.io.json b/scanners/sslyze/parser/__testFiles__/www.securecodebox.io.json index be78922fa6..7c18942032 100644 --- a/scanners/sslyze/parser/__testFiles__/www.securecodebox.io.json +++ b/scanners/sslyze/parser/__testFiles__/www.securecodebox.io.json @@ -1,6063 +1,6042 @@ { - "date_scans_completed": "2021-12-22T13:07:17.614702", - "date_scans_started": "2021-12-22T13:07:03.729194", - "server_scan_results": [ - { - "connectivity_error_trace": null, - "connectivity_result": { - "cipher_suite_supported": "TLS_AES_256_GCM_SHA384", - "client_auth_requirement": "DISABLED", - "highest_tls_version_supported": "TLS_1_3", - "supports_ecdh_key_exchange": true - }, - "connectivity_status": "COMPLETED", - "network_configuration": { - "network_max_retries": 3, - "network_timeout": 5, - "tls_client_auth_credentials": null, - "tls_opportunistic_encryption": null, - "tls_server_name_indication": "www.securecodebox.io", - "xmpp_to_hostname": null - }, - "scan_result": { - "certificate_info": { - "error_reason": null, - "error_trace": null, - "result": { - "certificate_deployments": [ - { - "leaf_certificate_has_must_staple_extension": false, - "leaf_certificate_is_ev": false, - "leaf_certificate_signed_certificate_timestamps_count": 2, - "leaf_certificate_subject_matches_hostname": true, - "ocsp_response": { - "certificate_status": "GOOD", - "next_update": "2021-12-26T04:59:58", - "produced_at": "2021-12-19T05:56:00", - "response_status": "SUCCESSFUL", - "revocation_time": null, - "serial_number": 392005520187502488709701634685005369415544, - "this_update": "2021-12-19T05:00:00" - }, - "ocsp_response_is_trusted": true, - "path_validation_results": [ - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Android", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/google_aosp.pem", - "version": "12.0.0_r3" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFQDCCBCigAwIBAgISBIAALPgr8wS6fLmUy7/XQ5d4MA0GCSqGSIb3DQEBCwUA\nMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\nEwJSMzAeFw0yMTExMjQwNDQyNDJaFw0yMjAyMjIwNDQyNDFaMB8xHTAbBgNVBAMT\nFHd3dy5zZWN1cmVjb2RlYm94LmlvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAq8cbDO3GAfjqqbPPCBdPost8NMRmEubv85gXecll7mZMH5qSfTPuB/ou\nFWL3tPMf1U8usWeoSUK/48yatzBGwmj1KKlkaW9MS2QkydztRp+kH8LvbzbQvGkn\nuOLWGHBALLT17o/3DYxuA5LnXdY+vLvJWygQoFr2N/XhnhUjcm6OaQEJpIykydfb\nBQGQSEuQIIw4egpgdHkYJjCOYAsXuSSggN8/FADTCec0RzVjfFTSoJ3hV9HLE9M8\nMCSXjuo0AJ/MbAxq91S8XmDcRjHCCd7Zw+NjHo8cxZCQ6NqGvn3xwx8ahmmbC+Cy\nDEcIyJJZK2Yv+qE4oS8QZfaX/RaHMwIDAQABo4ICYTCCAl0wDgYDVR0PAQH/BAQD\nAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRjThWFVlqklALCFkKkpZeaOAJXlzAfBgNVHSMEGDAWgBQULrMX\nt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0\ndHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu\nY3Iub3JnLzAxBgNVHREEKjAoghBzZWN1cmVjb2RlYm94LmlvghR3d3cuc2VjdXJl\nY29kZWJveC5pbzBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAo\nMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisG\nAQQB1nkCBAIEgfUEgfIA8AB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw\n/m1HAAABfVB3t9gAAAQDAEcwRQIgbHJlvE5I/0ALsu917bfb+h24zU7ktWhAmah1\n4vrHlx8CIQDhvR54pgh45Y5qHSuPjS9YUhzvXShtT1mc3tMyAfEiSwB2AN+lXqto\ngk8fbK3uuF9OPlrqzaISpGpejjsSwCBEXCpzAAABfVB3uxMAAAQDAEcwRQIgZeHp\nbawSJPKvC17EYx/IgcCrSXCVqHFBuBUlH7rVGy0CIQDwV985dVXua4vNvv/cW7N+\ntikFedVGTYNcu7TZbRF+EzANBgkqhkiG9w0BAQsFAAOCAQEAhix/Azs1jsaXWI0W\n5innmbFCRvc9arGuKKRyeyljVadzmTaDLSR72CCX7SnXOp3A2ghTeuRAKTryeQbK\nAxML1sdJzKoh05osmJVlw6Lyu80NICqMOWNzaJyvMwKi1tP0FmAXXwsPvFLCU/TB\nY0XdGTZYVSTWHKt6O5Mez63EnMtAx+zMHouNjNBd11T40PpH6YWJg/tzaoVCABAk\nep1ujVuvLBwgztwBHmp+KTUX4O/VjQS5u/+nPZHYfVb+aqdeqcSgLL0cDx62xx/C\nItdbSpSCoKiHM4x5+yqrL1MBUswbhz0SOtAbrboj+x6Shiu4QJmtfs7kERYcfyy5\n/L5dpw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "wFfmw+HnmK3qYoMe0lyRww2Xh6E=", - "fingerprint_sha256": "A12epuoC0CC34kGoFcWan/Y1T/sV6FE/JxbypS6ZkiM=", - "hpkp_pin": "tl87oc9yrrqJ46gC3uBMBqBed5wM/qzdbLjO+1XE4to=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Let's Encrypt", - "value": "Let's Encrypt" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=R3", - "value": "R3" - } - ], - "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" - }, - "not_valid_after": "2022-02-22T04:42:41", - "not_valid_before": "2021-11-24T04:42:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 21684932812432339646485683289655448296763540159596927263572843107755452821772205858541782411956564211973624337617207176622427042211013286642959366491304222944727866775172072982367814387353074518963001766468903543469337743825150329977113528125897698254486215006583088920422238693934709511770745506935307541283380282216423639407749721171137985135319637461835549367631299935702939510878201137001564437372006570938688782647412537759804896865989512853861860648627621268112490228810625334887949996480090147872368112925042345727211662765214683746309439757755278105132904504583883278031982199528718312111745903516814279083827 - }, - "serial_number": 392005520187502488709701634685005369415544, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=www.securecodebox.io", - "value": "www.securecodebox.io" - } - ], - "rfc4514_string": "CN=www.securecodebox.io" - }, - "subject_alternative_name": { - "dns": [ - "securecodebox.io", - "www.securecodebox.io" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw\nWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\nRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP\nR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx\nsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm\nNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg\nZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG\n/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC\nAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB\nAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA\nFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw\nAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw\nOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB\ngt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W\nPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl\nikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz\nCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm\nlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4\navAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2\nyJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O\nyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids\nhCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+\nHlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv\nMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX\nnLRbwHOoq7hHwg==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "oFM3W/6E6LdIeCx87hWCemr1pAU=", - "fingerprint_sha256": "Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=", - "hpkp_pin": "jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "not_valid_after": "2025-09-15T16:00:00", - "not_valid_before": "2020-09-04T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 23607590023527405233483514815960094733025362836439268915823566209453533788829410729612693188664033965601284889382200672291623712219351579442466292134025779170871903029675641332227720513370499414392174777629378433333281492782006644003508406669842374574620445942041275265465205367002253387972103578862358103547035353751037986892891938939537013712276962031758303128178118156019997818459064793797705051611931042977322694991611263911077235433119719504206173897534215486225391156231168313218127765624386188467360149426877213161912342004781300247624712380387337803861727744706241919394251136381590874774264144198228326996757 - }, - "serial_number": 192961496339968674994309121183282847578, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Let's Encrypt", - "value": "Let's Encrypt" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=R3", - "value": "R3" - } - ], - "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4\nWhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu\nZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY\nMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc\nh77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+\n0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U\nA5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW\nT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH\nB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC\nB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv\nKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn\nOlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn\njh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw\nqHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI\nrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV\nHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq\nhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL\nubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ\n3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK\nNFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5\nORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur\nTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC\njNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc\noyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq\n4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA\nmRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d\nemyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "yr0qeaEHajHyHSU2NcsDnUMppeg=", - "fingerprint_sha256": "lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=", - "hpkp_pin": "C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "not_valid_after": "2035-06-04T11:04:38", - "not_valid_before": "2015-06-04T11:04:38", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 709477870415445373015359016562426660610553770685944520893298396600226760899977879191004898543350831842119174188613678136510262472550532722234131754439181090009824131001234702144200501816519311599904090606194984753842587622398776018408050245574116028550608708896478977104703101364577377554823893350339376892984086676842821506637376561471221178677513035811884589888230947855482554780924844280661412982827405878164907670403886160896655313460186264922042760067692235383478494519985672059698752915965998412445946254227413232257276525240006651483130792248112417425846451951438781260632137645358927568158361961710185115502577127010922344394993078948994750404287047493247048147066090211292167313905862438457453781042040498702821432013765502024105065778257759178356925494156447570322373310256999609083201778278588599854706241788119448943034477370959349516873162063461521707809689839710972753590949570167489887658749686740890549110678989462474318310617765270337415238713770800711236563610171101328052424145478220993016515262478543813796899677215192789612682845145008993144513547444131126029557147570005369943143213525671105288817016183804256755470528641042403865830064493168693765438364296560479053823886598989258655438933191724193029337334607 - }, - "serial_number": 172886928669790476064670243504169061120, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Apple", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/apple.pem", - "version": "iOS 15, iPadOS 15, macOS 12, tvOS 15, and watchOS 8" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFQDCCBCigAwIBAgISBIAALPgr8wS6fLmUy7/XQ5d4MA0GCSqGSIb3DQEBCwUA\nMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\nEwJSMzAeFw0yMTExMjQwNDQyNDJaFw0yMjAyMjIwNDQyNDFaMB8xHTAbBgNVBAMT\nFHd3dy5zZWN1cmVjb2RlYm94LmlvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAq8cbDO3GAfjqqbPPCBdPost8NMRmEubv85gXecll7mZMH5qSfTPuB/ou\nFWL3tPMf1U8usWeoSUK/48yatzBGwmj1KKlkaW9MS2QkydztRp+kH8LvbzbQvGkn\nuOLWGHBALLT17o/3DYxuA5LnXdY+vLvJWygQoFr2N/XhnhUjcm6OaQEJpIykydfb\nBQGQSEuQIIw4egpgdHkYJjCOYAsXuSSggN8/FADTCec0RzVjfFTSoJ3hV9HLE9M8\nMCSXjuo0AJ/MbAxq91S8XmDcRjHCCd7Zw+NjHo8cxZCQ6NqGvn3xwx8ahmmbC+Cy\nDEcIyJJZK2Yv+qE4oS8QZfaX/RaHMwIDAQABo4ICYTCCAl0wDgYDVR0PAQH/BAQD\nAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRjThWFVlqklALCFkKkpZeaOAJXlzAfBgNVHSMEGDAWgBQULrMX\nt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0\ndHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu\nY3Iub3JnLzAxBgNVHREEKjAoghBzZWN1cmVjb2RlYm94LmlvghR3d3cuc2VjdXJl\nY29kZWJveC5pbzBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAo\nMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisG\nAQQB1nkCBAIEgfUEgfIA8AB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw\n/m1HAAABfVB3t9gAAAQDAEcwRQIgbHJlvE5I/0ALsu917bfb+h24zU7ktWhAmah1\n4vrHlx8CIQDhvR54pgh45Y5qHSuPjS9YUhzvXShtT1mc3tMyAfEiSwB2AN+lXqto\ngk8fbK3uuF9OPlrqzaISpGpejjsSwCBEXCpzAAABfVB3uxMAAAQDAEcwRQIgZeHp\nbawSJPKvC17EYx/IgcCrSXCVqHFBuBUlH7rVGy0CIQDwV985dVXua4vNvv/cW7N+\ntikFedVGTYNcu7TZbRF+EzANBgkqhkiG9w0BAQsFAAOCAQEAhix/Azs1jsaXWI0W\n5innmbFCRvc9arGuKKRyeyljVadzmTaDLSR72CCX7SnXOp3A2ghTeuRAKTryeQbK\nAxML1sdJzKoh05osmJVlw6Lyu80NICqMOWNzaJyvMwKi1tP0FmAXXwsPvFLCU/TB\nY0XdGTZYVSTWHKt6O5Mez63EnMtAx+zMHouNjNBd11T40PpH6YWJg/tzaoVCABAk\nep1ujVuvLBwgztwBHmp+KTUX4O/VjQS5u/+nPZHYfVb+aqdeqcSgLL0cDx62xx/C\nItdbSpSCoKiHM4x5+yqrL1MBUswbhz0SOtAbrboj+x6Shiu4QJmtfs7kERYcfyy5\n/L5dpw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "wFfmw+HnmK3qYoMe0lyRww2Xh6E=", - "fingerprint_sha256": "A12epuoC0CC34kGoFcWan/Y1T/sV6FE/JxbypS6ZkiM=", - "hpkp_pin": "tl87oc9yrrqJ46gC3uBMBqBed5wM/qzdbLjO+1XE4to=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Let's Encrypt", - "value": "Let's Encrypt" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=R3", - "value": "R3" - } - ], - "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" - }, - "not_valid_after": "2022-02-22T04:42:41", - "not_valid_before": "2021-11-24T04:42:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 21684932812432339646485683289655448296763540159596927263572843107755452821772205858541782411956564211973624337617207176622427042211013286642959366491304222944727866775172072982367814387353074518963001766468903543469337743825150329977113528125897698254486215006583088920422238693934709511770745506935307541283380282216423639407749721171137985135319637461835549367631299935702939510878201137001564437372006570938688782647412537759804896865989512853861860648627621268112490228810625334887949996480090147872368112925042345727211662765214683746309439757755278105132904504583883278031982199528718312111745903516814279083827 - }, - "serial_number": 392005520187502488709701634685005369415544, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=www.securecodebox.io", - "value": "www.securecodebox.io" - } - ], - "rfc4514_string": "CN=www.securecodebox.io" - }, - "subject_alternative_name": { - "dns": [ - "securecodebox.io", - "www.securecodebox.io" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw\nWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\nRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP\nR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx\nsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm\nNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg\nZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG\n/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC\nAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB\nAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA\nFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw\nAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw\nOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB\ngt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W\nPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl\nikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz\nCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm\nlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4\navAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2\nyJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O\nyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids\nhCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+\nHlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv\nMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX\nnLRbwHOoq7hHwg==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "oFM3W/6E6LdIeCx87hWCemr1pAU=", - "fingerprint_sha256": "Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=", - "hpkp_pin": "jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "not_valid_after": "2025-09-15T16:00:00", - "not_valid_before": "2020-09-04T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 23607590023527405233483514815960094733025362836439268915823566209453533788829410729612693188664033965601284889382200672291623712219351579442466292134025779170871903029675641332227720513370499414392174777629378433333281492782006644003508406669842374574620445942041275265465205367002253387972103578862358103547035353751037986892891938939537013712276962031758303128178118156019997818459064793797705051611931042977322694991611263911077235433119719504206173897534215486225391156231168313218127765624386188467360149426877213161912342004781300247624712380387337803861727744706241919394251136381590874774264144198228326996757 - }, - "serial_number": 192961496339968674994309121183282847578, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Let's Encrypt", - "value": "Let's Encrypt" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=R3", - "value": "R3" - } - ], - "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4\nWhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu\nZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY\nMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc\nh77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+\n0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U\nA5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW\nT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH\nB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC\nB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv\nKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn\nOlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn\njh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw\nqHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI\nrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV\nHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq\nhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL\nubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ\n3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK\nNFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5\nORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur\nTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC\njNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc\noyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq\n4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA\nmRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d\nemyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "yr0qeaEHajHyHSU2NcsDnUMppeg=", - "fingerprint_sha256": "lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=", - "hpkp_pin": "C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "not_valid_after": "2035-06-04T11:04:38", - "not_valid_before": "2015-06-04T11:04:38", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 709477870415445373015359016562426660610553770685944520893298396600226760899977879191004898543350831842119174188613678136510262472550532722234131754439181090009824131001234702144200501816519311599904090606194984753842587622398776018408050245574116028550608708896478977104703101364577377554823893350339376892984086676842821506637376561471221178677513035811884589888230947855482554780924844280661412982827405878164907670403886160896655313460186264922042760067692235383478494519985672059698752915965998412445946254227413232257276525240006651483130792248112417425846451951438781260632137645358927568158361961710185115502577127010922344394993078948994750404287047493247048147066090211292167313905862438457453781042040498702821432013765502024105065778257759178356925494156447570322373310256999609083201778278588599854706241788119448943034477370959349516873162063461521707809689839710972753590949570167489887658749686740890549110678989462474318310617765270337415238713770800711236563610171101328052424145478220993016515262478543813796899677215192789612682845145008993144513547444131126029557147570005369943143213525671105288817016183804256755470528641042403865830064493168693765438364296560479053823886598989258655438933191724193029337334607 - }, - "serial_number": 172886928669790476064670243504169061120, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Java", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/oracle_java.pem", - "version": "jdk-13.0.2" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFQDCCBCigAwIBAgISBIAALPgr8wS6fLmUy7/XQ5d4MA0GCSqGSIb3DQEBCwUA\nMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\nEwJSMzAeFw0yMTExMjQwNDQyNDJaFw0yMjAyMjIwNDQyNDFaMB8xHTAbBgNVBAMT\nFHd3dy5zZWN1cmVjb2RlYm94LmlvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAq8cbDO3GAfjqqbPPCBdPost8NMRmEubv85gXecll7mZMH5qSfTPuB/ou\nFWL3tPMf1U8usWeoSUK/48yatzBGwmj1KKlkaW9MS2QkydztRp+kH8LvbzbQvGkn\nuOLWGHBALLT17o/3DYxuA5LnXdY+vLvJWygQoFr2N/XhnhUjcm6OaQEJpIykydfb\nBQGQSEuQIIw4egpgdHkYJjCOYAsXuSSggN8/FADTCec0RzVjfFTSoJ3hV9HLE9M8\nMCSXjuo0AJ/MbAxq91S8XmDcRjHCCd7Zw+NjHo8cxZCQ6NqGvn3xwx8ahmmbC+Cy\nDEcIyJJZK2Yv+qE4oS8QZfaX/RaHMwIDAQABo4ICYTCCAl0wDgYDVR0PAQH/BAQD\nAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRjThWFVlqklALCFkKkpZeaOAJXlzAfBgNVHSMEGDAWgBQULrMX\nt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0\ndHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu\nY3Iub3JnLzAxBgNVHREEKjAoghBzZWN1cmVjb2RlYm94LmlvghR3d3cuc2VjdXJl\nY29kZWJveC5pbzBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAo\nMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisG\nAQQB1nkCBAIEgfUEgfIA8AB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw\n/m1HAAABfVB3t9gAAAQDAEcwRQIgbHJlvE5I/0ALsu917bfb+h24zU7ktWhAmah1\n4vrHlx8CIQDhvR54pgh45Y5qHSuPjS9YUhzvXShtT1mc3tMyAfEiSwB2AN+lXqto\ngk8fbK3uuF9OPlrqzaISpGpejjsSwCBEXCpzAAABfVB3uxMAAAQDAEcwRQIgZeHp\nbawSJPKvC17EYx/IgcCrSXCVqHFBuBUlH7rVGy0CIQDwV985dVXua4vNvv/cW7N+\ntikFedVGTYNcu7TZbRF+EzANBgkqhkiG9w0BAQsFAAOCAQEAhix/Azs1jsaXWI0W\n5innmbFCRvc9arGuKKRyeyljVadzmTaDLSR72CCX7SnXOp3A2ghTeuRAKTryeQbK\nAxML1sdJzKoh05osmJVlw6Lyu80NICqMOWNzaJyvMwKi1tP0FmAXXwsPvFLCU/TB\nY0XdGTZYVSTWHKt6O5Mez63EnMtAx+zMHouNjNBd11T40PpH6YWJg/tzaoVCABAk\nep1ujVuvLBwgztwBHmp+KTUX4O/VjQS5u/+nPZHYfVb+aqdeqcSgLL0cDx62xx/C\nItdbSpSCoKiHM4x5+yqrL1MBUswbhz0SOtAbrboj+x6Shiu4QJmtfs7kERYcfyy5\n/L5dpw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "wFfmw+HnmK3qYoMe0lyRww2Xh6E=", - "fingerprint_sha256": "A12epuoC0CC34kGoFcWan/Y1T/sV6FE/JxbypS6ZkiM=", - "hpkp_pin": "tl87oc9yrrqJ46gC3uBMBqBed5wM/qzdbLjO+1XE4to=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Let's Encrypt", - "value": "Let's Encrypt" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=R3", - "value": "R3" - } - ], - "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" - }, - "not_valid_after": "2022-02-22T04:42:41", - "not_valid_before": "2021-11-24T04:42:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 21684932812432339646485683289655448296763540159596927263572843107755452821772205858541782411956564211973624337617207176622427042211013286642959366491304222944727866775172072982367814387353074518963001766468903543469337743825150329977113528125897698254486215006583088920422238693934709511770745506935307541283380282216423639407749721171137985135319637461835549367631299935702939510878201137001564437372006570938688782647412537759804896865989512853861860648627621268112490228810625334887949996480090147872368112925042345727211662765214683746309439757755278105132904504583883278031982199528718312111745903516814279083827 - }, - "serial_number": 392005520187502488709701634685005369415544, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=www.securecodebox.io", - "value": "www.securecodebox.io" - } - ], - "rfc4514_string": "CN=www.securecodebox.io" - }, - "subject_alternative_name": { - "dns": [ - "securecodebox.io", - "www.securecodebox.io" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw\nWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\nRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP\nR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx\nsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm\nNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg\nZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG\n/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC\nAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB\nAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA\nFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw\nAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw\nOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB\ngt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W\nPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl\nikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz\nCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm\nlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4\navAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2\nyJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O\nyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids\nhCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+\nHlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv\nMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX\nnLRbwHOoq7hHwg==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "oFM3W/6E6LdIeCx87hWCemr1pAU=", - "fingerprint_sha256": "Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=", - "hpkp_pin": "jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "not_valid_after": "2025-09-15T16:00:00", - "not_valid_before": "2020-09-04T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 23607590023527405233483514815960094733025362836439268915823566209453533788829410729612693188664033965601284889382200672291623712219351579442466292134025779170871903029675641332227720513370499414392174777629378433333281492782006644003508406669842374574620445942041275265465205367002253387972103578862358103547035353751037986892891938939537013712276962031758303128178118156019997818459064793797705051611931042977322694991611263911077235433119719504206173897534215486225391156231168313218127765624386188467360149426877213161912342004781300247624712380387337803861727744706241919394251136381590874774264144198228326996757 - }, - "serial_number": 192961496339968674994309121183282847578, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Let's Encrypt", - "value": "Let's Encrypt" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=R3", - "value": "R3" - } - ], - "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4\nWhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu\nZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY\nMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc\nh77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+\n0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U\nA5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW\nT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH\nB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC\nB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv\nKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn\nOlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn\njh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw\nqHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI\nrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV\nHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq\nhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL\nubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ\n3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK\nNFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5\nORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur\nTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC\njNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc\noyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq\n4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA\nmRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d\nemyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "yr0qeaEHajHyHSU2NcsDnUMppeg=", - "fingerprint_sha256": "lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=", - "hpkp_pin": "C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "not_valid_after": "2035-06-04T11:04:38", - "not_valid_before": "2015-06-04T11:04:38", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 709477870415445373015359016562426660610553770685944520893298396600226760899977879191004898543350831842119174188613678136510262472550532722234131754439181090009824131001234702144200501816519311599904090606194984753842587622398776018408050245574116028550608708896478977104703101364577377554823893350339376892984086676842821506637376561471221178677513035811884589888230947855482554780924844280661412982827405878164907670403886160896655313460186264922042760067692235383478494519985672059698752915965998412445946254227413232257276525240006651483130792248112417425846451951438781260632137645358927568158361961710185115502577127010922344394993078948994750404287047493247048147066090211292167313905862438457453781042040498702821432013765502024105065778257759178356925494156447570322373310256999609083201778278588599854706241788119448943034477370959349516873162063461521707809689839710972753590949570167489887658749686740890549110678989462474318310617765270337415238713770800711236563610171101328052424145478220993016515262478543813796899677215192789612682845145008993144513547444131126029557147570005369943143213525671105288817016183804256755470528641042403865830064493168693765438364296560479053823886598989258655438933191724193029337334607 - }, - "serial_number": 172886928669790476064670243504169061120, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": [ - { - "dotted_string": "1.2.276.0.44.1.1.1.4", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.392.200091.100.721.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.40.0.17.1.22", - "name": "Unknown OID" - }, - { - "dotted_string": "1.2.616.1.113527.2.5.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.159.1.17.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.13177.10.1.3.10", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14370.1.6", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14777.6.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.14777.6.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.14.2.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.14.2.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.8.12.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.17326.10.8.12.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.22234.2.5.2.3.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.23223.1.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.29836.1.10", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.3", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.34697.2.4", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.36305.2", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.40869.1.1.22.3", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.4146.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.4788.2.202.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.6334.1.100.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.6449.1.2.1.5.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.782.1.2.1.8.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.7879.13.24.1", - "name": "Unknown OID" - }, - { - "dotted_string": "1.3.6.1.4.1.8024.0.2.100.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.156.112554.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.528.1.1003.1.2.7", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.578.1.26.1.3.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.756.1.83.21.0", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.756.1.89.1.2.1.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.792.3.0.3.1.1.5", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.792.3.0.4.1.1.4", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.113733.1.7.23.6", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.113733.1.7.48.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114028.10.1.2", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114171.500.9", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114404.1.1.2.4.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114412.2.1", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114413.1.7.23.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114414.1.7.23.3", - "name": "Unknown OID" - }, - { - "dotted_string": "2.16.840.1.114414.1.7.24.3", - "name": "Unknown OID" - } - ], - "name": "Mozilla", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/mozilla_nss.pem", - "version": "2021-09-25" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFQDCCBCigAwIBAgISBIAALPgr8wS6fLmUy7/XQ5d4MA0GCSqGSIb3DQEBCwUA\nMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\nEwJSMzAeFw0yMTExMjQwNDQyNDJaFw0yMjAyMjIwNDQyNDFaMB8xHTAbBgNVBAMT\nFHd3dy5zZWN1cmVjb2RlYm94LmlvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAq8cbDO3GAfjqqbPPCBdPost8NMRmEubv85gXecll7mZMH5qSfTPuB/ou\nFWL3tPMf1U8usWeoSUK/48yatzBGwmj1KKlkaW9MS2QkydztRp+kH8LvbzbQvGkn\nuOLWGHBALLT17o/3DYxuA5LnXdY+vLvJWygQoFr2N/XhnhUjcm6OaQEJpIykydfb\nBQGQSEuQIIw4egpgdHkYJjCOYAsXuSSggN8/FADTCec0RzVjfFTSoJ3hV9HLE9M8\nMCSXjuo0AJ/MbAxq91S8XmDcRjHCCd7Zw+NjHo8cxZCQ6NqGvn3xwx8ahmmbC+Cy\nDEcIyJJZK2Yv+qE4oS8QZfaX/RaHMwIDAQABo4ICYTCCAl0wDgYDVR0PAQH/BAQD\nAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRjThWFVlqklALCFkKkpZeaOAJXlzAfBgNVHSMEGDAWgBQULrMX\nt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0\ndHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu\nY3Iub3JnLzAxBgNVHREEKjAoghBzZWN1cmVjb2RlYm94LmlvghR3d3cuc2VjdXJl\nY29kZWJveC5pbzBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAo\nMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisG\nAQQB1nkCBAIEgfUEgfIA8AB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw\n/m1HAAABfVB3t9gAAAQDAEcwRQIgbHJlvE5I/0ALsu917bfb+h24zU7ktWhAmah1\n4vrHlx8CIQDhvR54pgh45Y5qHSuPjS9YUhzvXShtT1mc3tMyAfEiSwB2AN+lXqto\ngk8fbK3uuF9OPlrqzaISpGpejjsSwCBEXCpzAAABfVB3uxMAAAQDAEcwRQIgZeHp\nbawSJPKvC17EYx/IgcCrSXCVqHFBuBUlH7rVGy0CIQDwV985dVXua4vNvv/cW7N+\ntikFedVGTYNcu7TZbRF+EzANBgkqhkiG9w0BAQsFAAOCAQEAhix/Azs1jsaXWI0W\n5innmbFCRvc9arGuKKRyeyljVadzmTaDLSR72CCX7SnXOp3A2ghTeuRAKTryeQbK\nAxML1sdJzKoh05osmJVlw6Lyu80NICqMOWNzaJyvMwKi1tP0FmAXXwsPvFLCU/TB\nY0XdGTZYVSTWHKt6O5Mez63EnMtAx+zMHouNjNBd11T40PpH6YWJg/tzaoVCABAk\nep1ujVuvLBwgztwBHmp+KTUX4O/VjQS5u/+nPZHYfVb+aqdeqcSgLL0cDx62xx/C\nItdbSpSCoKiHM4x5+yqrL1MBUswbhz0SOtAbrboj+x6Shiu4QJmtfs7kERYcfyy5\n/L5dpw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "wFfmw+HnmK3qYoMe0lyRww2Xh6E=", - "fingerprint_sha256": "A12epuoC0CC34kGoFcWan/Y1T/sV6FE/JxbypS6ZkiM=", - "hpkp_pin": "tl87oc9yrrqJ46gC3uBMBqBed5wM/qzdbLjO+1XE4to=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Let's Encrypt", - "value": "Let's Encrypt" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=R3", - "value": "R3" - } - ], - "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" - }, - "not_valid_after": "2022-02-22T04:42:41", - "not_valid_before": "2021-11-24T04:42:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 21684932812432339646485683289655448296763540159596927263572843107755452821772205858541782411956564211973624337617207176622427042211013286642959366491304222944727866775172072982367814387353074518963001766468903543469337743825150329977113528125897698254486215006583088920422238693934709511770745506935307541283380282216423639407749721171137985135319637461835549367631299935702939510878201137001564437372006570938688782647412537759804896865989512853861860648627621268112490228810625334887949996480090147872368112925042345727211662765214683746309439757755278105132904504583883278031982199528718312111745903516814279083827 - }, - "serial_number": 392005520187502488709701634685005369415544, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=www.securecodebox.io", - "value": "www.securecodebox.io" - } - ], - "rfc4514_string": "CN=www.securecodebox.io" - }, - "subject_alternative_name": { - "dns": [ - "securecodebox.io", - "www.securecodebox.io" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw\nWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\nRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP\nR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx\nsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm\nNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg\nZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG\n/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC\nAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB\nAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA\nFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw\nAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw\nOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB\ngt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W\nPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl\nikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz\nCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm\nlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4\navAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2\nyJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O\nyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids\nhCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+\nHlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv\nMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX\nnLRbwHOoq7hHwg==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "oFM3W/6E6LdIeCx87hWCemr1pAU=", - "fingerprint_sha256": "Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=", - "hpkp_pin": "jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "not_valid_after": "2025-09-15T16:00:00", - "not_valid_before": "2020-09-04T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 23607590023527405233483514815960094733025362836439268915823566209453533788829410729612693188664033965601284889382200672291623712219351579442466292134025779170871903029675641332227720513370499414392174777629378433333281492782006644003508406669842374574620445942041275265465205367002253387972103578862358103547035353751037986892891938939537013712276962031758303128178118156019997818459064793797705051611931042977322694991611263911077235433119719504206173897534215486225391156231168313218127765624386188467360149426877213161912342004781300247624712380387337803861727744706241919394251136381590874774264144198228326996757 - }, - "serial_number": 192961496339968674994309121183282847578, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Let's Encrypt", - "value": "Let's Encrypt" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=R3", - "value": "R3" - } - ], - "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4\nWhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu\nZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY\nMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc\nh77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+\n0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U\nA5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW\nT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH\nB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC\nB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv\nKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn\nOlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn\njh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw\nqHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI\nrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV\nHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq\nhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL\nubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ\n3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK\nNFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5\nORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur\nTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC\njNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc\noyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq\n4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA\nmRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d\nemyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "yr0qeaEHajHyHSU2NcsDnUMppeg=", - "fingerprint_sha256": "lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=", - "hpkp_pin": "C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "not_valid_after": "2035-06-04T11:04:38", - "not_valid_before": "2015-06-04T11:04:38", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 709477870415445373015359016562426660610553770685944520893298396600226760899977879191004898543350831842119174188613678136510262472550532722234131754439181090009824131001234702144200501816519311599904090606194984753842587622398776018408050245574116028550608708896478977104703101364577377554823893350339376892984086676842821506637376561471221178677513035811884589888230947855482554780924844280661412982827405878164907670403886160896655313460186264922042760067692235383478494519985672059698752915965998412445946254227413232257276525240006651483130792248112417425846451951438781260632137645358927568158361961710185115502577127010922344394993078948994750404287047493247048147066090211292167313905862438457453781042040498702821432013765502024105065778257759178356925494156447570322373310256999609083201778278588599854706241788119448943034477370959349516873162063461521707809689839710972753590949570167489887658749686740890549110678989462474318310617765270337415238713770800711236563610171101328052424145478220993016515262478543813796899677215192789612682845145008993144513547444131126029557147570005369943143213525671105288817016183804256755470528641042403865830064493168693765438364296560479053823886598989258655438933191724193029337334607 - }, - "serial_number": 172886928669790476064670243504169061120, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - }, - { - "openssl_error_string": null, - "trust_store": { - "ev_oids": null, - "name": "Windows", - "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/microsoft_windows.pem", - "version": "2021-09-25" - }, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFQDCCBCigAwIBAgISBIAALPgr8wS6fLmUy7/XQ5d4MA0GCSqGSIb3DQEBCwUA\nMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\nEwJSMzAeFw0yMTExMjQwNDQyNDJaFw0yMjAyMjIwNDQyNDFaMB8xHTAbBgNVBAMT\nFHd3dy5zZWN1cmVjb2RlYm94LmlvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAq8cbDO3GAfjqqbPPCBdPost8NMRmEubv85gXecll7mZMH5qSfTPuB/ou\nFWL3tPMf1U8usWeoSUK/48yatzBGwmj1KKlkaW9MS2QkydztRp+kH8LvbzbQvGkn\nuOLWGHBALLT17o/3DYxuA5LnXdY+vLvJWygQoFr2N/XhnhUjcm6OaQEJpIykydfb\nBQGQSEuQIIw4egpgdHkYJjCOYAsXuSSggN8/FADTCec0RzVjfFTSoJ3hV9HLE9M8\nMCSXjuo0AJ/MbAxq91S8XmDcRjHCCd7Zw+NjHo8cxZCQ6NqGvn3xwx8ahmmbC+Cy\nDEcIyJJZK2Yv+qE4oS8QZfaX/RaHMwIDAQABo4ICYTCCAl0wDgYDVR0PAQH/BAQD\nAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRjThWFVlqklALCFkKkpZeaOAJXlzAfBgNVHSMEGDAWgBQULrMX\nt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0\ndHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu\nY3Iub3JnLzAxBgNVHREEKjAoghBzZWN1cmVjb2RlYm94LmlvghR3d3cuc2VjdXJl\nY29kZWJveC5pbzBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAo\nMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisG\nAQQB1nkCBAIEgfUEgfIA8AB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw\n/m1HAAABfVB3t9gAAAQDAEcwRQIgbHJlvE5I/0ALsu917bfb+h24zU7ktWhAmah1\n4vrHlx8CIQDhvR54pgh45Y5qHSuPjS9YUhzvXShtT1mc3tMyAfEiSwB2AN+lXqto\ngk8fbK3uuF9OPlrqzaISpGpejjsSwCBEXCpzAAABfVB3uxMAAAQDAEcwRQIgZeHp\nbawSJPKvC17EYx/IgcCrSXCVqHFBuBUlH7rVGy0CIQDwV985dVXua4vNvv/cW7N+\ntikFedVGTYNcu7TZbRF+EzANBgkqhkiG9w0BAQsFAAOCAQEAhix/Azs1jsaXWI0W\n5innmbFCRvc9arGuKKRyeyljVadzmTaDLSR72CCX7SnXOp3A2ghTeuRAKTryeQbK\nAxML1sdJzKoh05osmJVlw6Lyu80NICqMOWNzaJyvMwKi1tP0FmAXXwsPvFLCU/TB\nY0XdGTZYVSTWHKt6O5Mez63EnMtAx+zMHouNjNBd11T40PpH6YWJg/tzaoVCABAk\nep1ujVuvLBwgztwBHmp+KTUX4O/VjQS5u/+nPZHYfVb+aqdeqcSgLL0cDx62xx/C\nItdbSpSCoKiHM4x5+yqrL1MBUswbhz0SOtAbrboj+x6Shiu4QJmtfs7kERYcfyy5\n/L5dpw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "wFfmw+HnmK3qYoMe0lyRww2Xh6E=", - "fingerprint_sha256": "A12epuoC0CC34kGoFcWan/Y1T/sV6FE/JxbypS6ZkiM=", - "hpkp_pin": "tl87oc9yrrqJ46gC3uBMBqBed5wM/qzdbLjO+1XE4to=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Let's Encrypt", - "value": "Let's Encrypt" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=R3", - "value": "R3" - } - ], - "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" - }, - "not_valid_after": "2022-02-22T04:42:41", - "not_valid_before": "2021-11-24T04:42:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 21684932812432339646485683289655448296763540159596927263572843107755452821772205858541782411956564211973624337617207176622427042211013286642959366491304222944727866775172072982367814387353074518963001766468903543469337743825150329977113528125897698254486215006583088920422238693934709511770745506935307541283380282216423639407749721171137985135319637461835549367631299935702939510878201137001564437372006570938688782647412537759804896865989512853861860648627621268112490228810625334887949996480090147872368112925042345727211662765214683746309439757755278105132904504583883278031982199528718312111745903516814279083827 - }, - "serial_number": 392005520187502488709701634685005369415544, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=www.securecodebox.io", - "value": "www.securecodebox.io" - } - ], - "rfc4514_string": "CN=www.securecodebox.io" - }, - "subject_alternative_name": { - "dns": [ - "securecodebox.io", - "www.securecodebox.io" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw\nWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\nRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP\nR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx\nsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm\nNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg\nZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG\n/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC\nAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB\nAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA\nFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw\nAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw\nOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB\ngt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W\nPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl\nikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz\nCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm\nlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4\navAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2\nyJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O\nyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids\nhCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+\nHlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv\nMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX\nnLRbwHOoq7hHwg==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "oFM3W/6E6LdIeCx87hWCemr1pAU=", - "fingerprint_sha256": "Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=", - "hpkp_pin": "jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "not_valid_after": "2025-09-15T16:00:00", - "not_valid_before": "2020-09-04T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 23607590023527405233483514815960094733025362836439268915823566209453533788829410729612693188664033965601284889382200672291623712219351579442466292134025779170871903029675641332227720513370499414392174777629378433333281492782006644003508406669842374574620445942041275265465205367002253387972103578862358103547035353751037986892891938939537013712276962031758303128178118156019997818459064793797705051611931042977322694991611263911077235433119719504206173897534215486225391156231168313218127765624386188467360149426877213161912342004781300247624712380387337803861727744706241919394251136381590874774264144198228326996757 - }, - "serial_number": 192961496339968674994309121183282847578, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Let's Encrypt", - "value": "Let's Encrypt" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=R3", - "value": "R3" - } - ], - "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4\nWhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu\nZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY\nMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc\nh77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+\n0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U\nA5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW\nT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH\nB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC\nB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv\nKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn\nOlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn\njh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw\nqHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI\nrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV\nHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq\nhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL\nubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ\n3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK\nNFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5\nORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur\nTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC\njNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc\noyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq\n4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA\nmRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d\nemyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "yr0qeaEHajHyHSU2NcsDnUMppeg=", - "fingerprint_sha256": "lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=", - "hpkp_pin": "C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "not_valid_after": "2035-06-04T11:04:38", - "not_valid_before": "2015-06-04T11:04:38", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 709477870415445373015359016562426660610553770685944520893298396600226760899977879191004898543350831842119174188613678136510262472550532722234131754439181090009824131001234702144200501816519311599904090606194984753842587622398776018408050245574116028550608708896478977104703101364577377554823893350339376892984086676842821506637376561471221178677513035811884589888230947855482554780924844280661412982827405878164907670403886160896655313460186264922042760067692235383478494519985672059698752915965998412445946254227413232257276525240006651483130792248112417425846451951438781260632137645358927568158361961710185115502577127010922344394993078948994750404287047493247048147066090211292167313905862438457453781042040498702821432013765502024105065778257759178356925494156447570322373310256999609083201778278588599854706241788119448943034477370959349516873162063461521707809689839710972753590949570167489887658749686740890549110678989462474318310617765270337415238713770800711236563610171101328052424145478220993016515262478543813796899677215192789612682845145008993144513547444131126029557147570005369943143213525671105288817016183804256755470528641042403865830064493168693765438364296560479053823886598989258655438933191724193029337334607 - }, - "serial_number": 172886928669790476064670243504169061120, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "was_validation_successful": true - } - ], - "received_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFQDCCBCigAwIBAgISBIAALPgr8wS6fLmUy7/XQ5d4MA0GCSqGSIb3DQEBCwUA\nMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\nEwJSMzAeFw0yMTExMjQwNDQyNDJaFw0yMjAyMjIwNDQyNDFaMB8xHTAbBgNVBAMT\nFHd3dy5zZWN1cmVjb2RlYm94LmlvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAq8cbDO3GAfjqqbPPCBdPost8NMRmEubv85gXecll7mZMH5qSfTPuB/ou\nFWL3tPMf1U8usWeoSUK/48yatzBGwmj1KKlkaW9MS2QkydztRp+kH8LvbzbQvGkn\nuOLWGHBALLT17o/3DYxuA5LnXdY+vLvJWygQoFr2N/XhnhUjcm6OaQEJpIykydfb\nBQGQSEuQIIw4egpgdHkYJjCOYAsXuSSggN8/FADTCec0RzVjfFTSoJ3hV9HLE9M8\nMCSXjuo0AJ/MbAxq91S8XmDcRjHCCd7Zw+NjHo8cxZCQ6NqGvn3xwx8ahmmbC+Cy\nDEcIyJJZK2Yv+qE4oS8QZfaX/RaHMwIDAQABo4ICYTCCAl0wDgYDVR0PAQH/BAQD\nAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRjThWFVlqklALCFkKkpZeaOAJXlzAfBgNVHSMEGDAWgBQULrMX\nt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0\ndHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu\nY3Iub3JnLzAxBgNVHREEKjAoghBzZWN1cmVjb2RlYm94LmlvghR3d3cuc2VjdXJl\nY29kZWJveC5pbzBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAo\nMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisG\nAQQB1nkCBAIEgfUEgfIA8AB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw\n/m1HAAABfVB3t9gAAAQDAEcwRQIgbHJlvE5I/0ALsu917bfb+h24zU7ktWhAmah1\n4vrHlx8CIQDhvR54pgh45Y5qHSuPjS9YUhzvXShtT1mc3tMyAfEiSwB2AN+lXqto\ngk8fbK3uuF9OPlrqzaISpGpejjsSwCBEXCpzAAABfVB3uxMAAAQDAEcwRQIgZeHp\nbawSJPKvC17EYx/IgcCrSXCVqHFBuBUlH7rVGy0CIQDwV985dVXua4vNvv/cW7N+\ntikFedVGTYNcu7TZbRF+EzANBgkqhkiG9w0BAQsFAAOCAQEAhix/Azs1jsaXWI0W\n5innmbFCRvc9arGuKKRyeyljVadzmTaDLSR72CCX7SnXOp3A2ghTeuRAKTryeQbK\nAxML1sdJzKoh05osmJVlw6Lyu80NICqMOWNzaJyvMwKi1tP0FmAXXwsPvFLCU/TB\nY0XdGTZYVSTWHKt6O5Mez63EnMtAx+zMHouNjNBd11T40PpH6YWJg/tzaoVCABAk\nep1ujVuvLBwgztwBHmp+KTUX4O/VjQS5u/+nPZHYfVb+aqdeqcSgLL0cDx62xx/C\nItdbSpSCoKiHM4x5+yqrL1MBUswbhz0SOtAbrboj+x6Shiu4QJmtfs7kERYcfyy5\n/L5dpw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "wFfmw+HnmK3qYoMe0lyRww2Xh6E=", - "fingerprint_sha256": "A12epuoC0CC34kGoFcWan/Y1T/sV6FE/JxbypS6ZkiM=", - "hpkp_pin": "tl87oc9yrrqJ46gC3uBMBqBed5wM/qzdbLjO+1XE4to=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Let's Encrypt", - "value": "Let's Encrypt" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=R3", - "value": "R3" - } - ], - "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" - }, - "not_valid_after": "2022-02-22T04:42:41", - "not_valid_before": "2021-11-24T04:42:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 21684932812432339646485683289655448296763540159596927263572843107755452821772205858541782411956564211973624337617207176622427042211013286642959366491304222944727866775172072982367814387353074518963001766468903543469337743825150329977113528125897698254486215006583088920422238693934709511770745506935307541283380282216423639407749721171137985135319637461835549367631299935702939510878201137001564437372006570938688782647412537759804896865989512853861860648627621268112490228810625334887949996480090147872368112925042345727211662765214683746309439757755278105132904504583883278031982199528718312111745903516814279083827 - }, - "serial_number": 392005520187502488709701634685005369415544, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=www.securecodebox.io", - "value": "www.securecodebox.io" - } - ], - "rfc4514_string": "CN=www.securecodebox.io" - }, - "subject_alternative_name": { - "dns": [ - "securecodebox.io", - "www.securecodebox.io" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw\nWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\nRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP\nR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx\nsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm\nNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg\nZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG\n/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC\nAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB\nAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA\nFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw\nAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw\nOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB\ngt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W\nPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl\nikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz\nCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm\nlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4\navAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2\nyJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O\nyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids\nhCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+\nHlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv\nMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX\nnLRbwHOoq7hHwg==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "oFM3W/6E6LdIeCx87hWCemr1pAU=", - "fingerprint_sha256": "Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=", - "hpkp_pin": "jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "not_valid_after": "2025-09-15T16:00:00", - "not_valid_before": "2020-09-04T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 23607590023527405233483514815960094733025362836439268915823566209453533788829410729612693188664033965601284889382200672291623712219351579442466292134025779170871903029675641332227720513370499414392174777629378433333281492782006644003508406669842374574620445942041275265465205367002253387972103578862358103547035353751037986892891938939537013712276962031758303128178118156019997818459064793797705051611931042977322694991611263911077235433119719504206173897534215486225391156231168313218127765624386188467360149426877213161912342004781300247624712380387337803861727744706241919394251136381590874774264144198228326996757 - }, - "serial_number": 192961496339968674994309121183282847578, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Let's Encrypt", - "value": "Let's Encrypt" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=R3", - "value": "R3" - } - ], - "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/\nMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\nDkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC\nov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL\nwYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D\nLtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK\n4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5\nbHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y\nsR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ\nXmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4\nFQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc\nSLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql\nPRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND\nTwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw\nSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1\nc3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx\n+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB\nATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu\nb3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E\nU1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu\nMA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC\n5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW\n9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG\nWCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O\nhe8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC\nDfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "kzxt3ulcnEGkD59QST2CvgOth78=", - "fingerprint_sha256": "bZn7Jl6xxbN0R2X8vGSPPNjhv/r9xML5m51Hz3/xwk8=", - "hpkp_pin": "C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Digital Signature Trust Co.", - "value": "Digital Signature Trust Co." - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=DST Root CA X3", - "value": "DST Root CA X3" - } - ], - "rfc4514_string": "CN=DST Root CA X3,O=Digital Signature Trust Co." - }, - "not_valid_after": "2024-09-30T18:14:03", - "not_valid_before": "2021-01-20T19:14:03", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 709477870415445373015359016562426660610553770685944520893298396600226760899977879191004898543350831842119174188613678136510262472550532722234131754439181090009824131001234702144200501816519311599904090606194984753842587622398776018408050245574116028550608708896478977104703101364577377554823893350339376892984086676842821506637376561471221178677513035811884589888230947855482554780924844280661412982827405878164907670403886160896655313460186264922042760067692235383478494519985672059698752915965998412445946254227413232257276525240006651483130792248112417425846451951438781260632137645358927568158361961710185115502577127010922344394993078948994750404287047493247048147066090211292167313905862438457453781042040498702821432013765502024105065778257759178356925494156447570322373310256999609083201778278588599854706241788119448943034477370959349516873162063461521707809689839710972753590949570167489887658749686740890549110678989462474318310617765270337415238713770800711236563610171101328052424145478220993016515262478543813796899677215192789612682845145008993144513547444131126029557147570005369943143213525671105288817016183804256755470528641042403865830064493168693765438364296560479053823886598989258655438933191724193029337334607 - }, - "serial_number": 85078200265644417569109389142156118711, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "received_chain_contains_anchor_certificate": false, - "received_chain_has_valid_order": true, - "verified_certificate_chain": [ - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFQDCCBCigAwIBAgISBIAALPgr8wS6fLmUy7/XQ5d4MA0GCSqGSIb3DQEBCwUA\nMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\nEwJSMzAeFw0yMTExMjQwNDQyNDJaFw0yMjAyMjIwNDQyNDFaMB8xHTAbBgNVBAMT\nFHd3dy5zZWN1cmVjb2RlYm94LmlvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAq8cbDO3GAfjqqbPPCBdPost8NMRmEubv85gXecll7mZMH5qSfTPuB/ou\nFWL3tPMf1U8usWeoSUK/48yatzBGwmj1KKlkaW9MS2QkydztRp+kH8LvbzbQvGkn\nuOLWGHBALLT17o/3DYxuA5LnXdY+vLvJWygQoFr2N/XhnhUjcm6OaQEJpIykydfb\nBQGQSEuQIIw4egpgdHkYJjCOYAsXuSSggN8/FADTCec0RzVjfFTSoJ3hV9HLE9M8\nMCSXjuo0AJ/MbAxq91S8XmDcRjHCCd7Zw+NjHo8cxZCQ6NqGvn3xwx8ahmmbC+Cy\nDEcIyJJZK2Yv+qE4oS8QZfaX/RaHMwIDAQABo4ICYTCCAl0wDgYDVR0PAQH/BAQD\nAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRjThWFVlqklALCFkKkpZeaOAJXlzAfBgNVHSMEGDAWgBQULrMX\nt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0\ndHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu\nY3Iub3JnLzAxBgNVHREEKjAoghBzZWN1cmVjb2RlYm94LmlvghR3d3cuc2VjdXJl\nY29kZWJveC5pbzBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAo\nMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisG\nAQQB1nkCBAIEgfUEgfIA8AB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw\n/m1HAAABfVB3t9gAAAQDAEcwRQIgbHJlvE5I/0ALsu917bfb+h24zU7ktWhAmah1\n4vrHlx8CIQDhvR54pgh45Y5qHSuPjS9YUhzvXShtT1mc3tMyAfEiSwB2AN+lXqto\ngk8fbK3uuF9OPlrqzaISpGpejjsSwCBEXCpzAAABfVB3uxMAAAQDAEcwRQIgZeHp\nbawSJPKvC17EYx/IgcCrSXCVqHFBuBUlH7rVGy0CIQDwV985dVXua4vNvv/cW7N+\ntikFedVGTYNcu7TZbRF+EzANBgkqhkiG9w0BAQsFAAOCAQEAhix/Azs1jsaXWI0W\n5innmbFCRvc9arGuKKRyeyljVadzmTaDLSR72CCX7SnXOp3A2ghTeuRAKTryeQbK\nAxML1sdJzKoh05osmJVlw6Lyu80NICqMOWNzaJyvMwKi1tP0FmAXXwsPvFLCU/TB\nY0XdGTZYVSTWHKt6O5Mez63EnMtAx+zMHouNjNBd11T40PpH6YWJg/tzaoVCABAk\nep1ujVuvLBwgztwBHmp+KTUX4O/VjQS5u/+nPZHYfVb+aqdeqcSgLL0cDx62xx/C\nItdbSpSCoKiHM4x5+yqrL1MBUswbhz0SOtAbrboj+x6Shiu4QJmtfs7kERYcfyy5\n/L5dpw==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "wFfmw+HnmK3qYoMe0lyRww2Xh6E=", - "fingerprint_sha256": "A12epuoC0CC34kGoFcWan/Y1T/sV6FE/JxbypS6ZkiM=", - "hpkp_pin": "tl87oc9yrrqJ46gC3uBMBqBed5wM/qzdbLjO+1XE4to=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Let's Encrypt", - "value": "Let's Encrypt" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=R3", - "value": "R3" - } - ], - "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" - }, - "not_valid_after": "2022-02-22T04:42:41", - "not_valid_before": "2021-11-24T04:42:42", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 21684932812432339646485683289655448296763540159596927263572843107755452821772205858541782411956564211973624337617207176622427042211013286642959366491304222944727866775172072982367814387353074518963001766468903543469337743825150329977113528125897698254486215006583088920422238693934709511770745506935307541283380282216423639407749721171137985135319637461835549367631299935702939510878201137001564437372006570938688782647412537759804896865989512853861860648627621268112490228810625334887949996480090147872368112925042345727211662765214683746309439757755278105132904504583883278031982199528718312111745903516814279083827 - }, - "serial_number": 392005520187502488709701634685005369415544, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=www.securecodebox.io", - "value": "www.securecodebox.io" - } - ], - "rfc4514_string": "CN=www.securecodebox.io" - }, - "subject_alternative_name": { - "dns": [ - "securecodebox.io", - "www.securecodebox.io" - ] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw\nWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\nRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP\nR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx\nsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm\nNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg\nZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG\n/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC\nAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB\nAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA\nFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw\nAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw\nOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB\ngt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W\nPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl\nikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz\nCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm\nlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4\navAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2\nyJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O\nyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids\nhCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+\nHlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv\nMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX\nnLRbwHOoq7hHwg==\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "oFM3W/6E6LdIeCx87hWCemr1pAU=", - "fingerprint_sha256": "Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=", - "hpkp_pin": "jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "not_valid_after": "2025-09-15T16:00:00", - "not_valid_before": "2020-09-04T00:00:00", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 2048, - "rsa_e": 65537, - "rsa_n": 23607590023527405233483514815960094733025362836439268915823566209453533788829410729612693188664033965601284889382200672291623712219351579442466292134025779170871903029675641332227720513370499414392174777629378433333281492782006644003508406669842374574620445942041275265465205367002253387972103578862358103547035353751037986892891938939537013712276962031758303128178118156019997818459064793797705051611931042977322694991611263911077235433119719504206173897534215486225391156231168313218127765624386188467360149426877213161912342004781300247624712380387337803861727744706241919394251136381590874774264144198228326996757 - }, - "serial_number": 192961496339968674994309121183282847578, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Let's Encrypt", - "value": "Let's Encrypt" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=R3", - "value": "R3" - } - ], - "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - }, - { - "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4\nWhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu\nZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY\nMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc\nh77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+\n0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U\nA5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW\nT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH\nB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC\nB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv\nKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn\nOlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn\njh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw\nqHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI\nrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV\nHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq\nhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL\nubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ\n3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK\nNFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5\nORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur\nTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC\njNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc\noyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq\n4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA\nmRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d\nemyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=\n-----END CERTIFICATE-----\n", - "fingerprint_sha1": "yr0qeaEHajHyHSU2NcsDnUMppeg=", - "fingerprint_sha256": "lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=", - "hpkp_pin": "C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M=", - "issuer": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "not_valid_after": "2035-06-04T11:04:38", - "not_valid_before": "2015-06-04T11:04:38", - "public_key": { - "algorithm": "_RSAPublicKey", - "ec_curve_name": null, - "ec_x": null, - "ec_y": null, - "key_size": 4096, - "rsa_e": 65537, - "rsa_n": 709477870415445373015359016562426660610553770685944520893298396600226760899977879191004898543350831842119174188613678136510262472550532722234131754439181090009824131001234702144200501816519311599904090606194984753842587622398776018408050245574116028550608708896478977104703101364577377554823893350339376892984086676842821506637376561471221178677513035811884589888230947855482554780924844280661412982827405878164907670403886160896655313460186264922042760067692235383478494519985672059698752915965998412445946254227413232257276525240006651483130792248112417425846451951438781260632137645358927568158361961710185115502577127010922344394993078948994750404287047493247048147066090211292167313905862438457453781042040498702821432013765502024105065778257759178356925494156447570322373310256999609083201778278588599854706241788119448943034477370959349516873162063461521707809689839710972753590949570167489887658749686740890549110678989462474318310617765270337415238713770800711236563610171101328052424145478220993016515262478543813796899677215192789612682845145008993144513547444131126029557147570005369943143213525671105288817016183804256755470528641042403865830064493168693765438364296560479053823886598989258655438933191724193029337334607 - }, - "serial_number": 172886928669790476064670243504169061120, - "signature_algorithm_oid": { - "dotted_string": "1.2.840.113549.1.1.11", - "name": "sha256WithRSAEncryption" - }, - "signature_hash_algorithm": { - "digest_size": 32, - "name": "sha256" - }, - "subject": { - "attributes": [ - { - "oid": { - "dotted_string": "2.5.4.6", - "name": "countryName" - }, - "rfc4514_string": "C=US", - "value": "US" - }, - { - "oid": { - "dotted_string": "2.5.4.10", - "name": "organizationName" - }, - "rfc4514_string": "O=Internet Security Research Group", - "value": "Internet Security Research Group" - }, - { - "oid": { - "dotted_string": "2.5.4.3", - "name": "commonName" - }, - "rfc4514_string": "CN=ISRG Root X1", - "value": "ISRG Root X1" - } - ], - "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" - }, - "subject_alternative_name": { - "dns": [] - } - } - ], - "verified_chain_has_legacy_symantec_anchor": false, - "verified_chain_has_sha1_signature": false + "date_scans_completed": "2021-12-22T13:07:17.614702", + "date_scans_started": "2021-12-22T13:07:03.729194", + "server_scan_results": [ + { + "connectivity_error_trace": null, + "connectivity_result": { + "cipher_suite_supported": "TLS_AES_256_GCM_SHA384", + "client_auth_requirement": "DISABLED", + "highest_tls_version_supported": "TLS_1_3", + "supports_ecdh_key_exchange": true + }, + "connectivity_status": "COMPLETED", + "network_configuration": { + "network_max_retries": 3, + "network_timeout": 5, + "tls_client_auth_credentials": null, + "tls_opportunistic_encryption": null, + "tls_server_name_indication": "www.securecodebox.io", + "xmpp_to_hostname": null + }, + "scan_result": { + "certificate_info": { + "error_reason": null, + "error_trace": null, + "result": { + "certificate_deployments": [ + { + "leaf_certificate_has_must_staple_extension": false, + "leaf_certificate_is_ev": false, + "leaf_certificate_signed_certificate_timestamps_count": 2, + "leaf_certificate_subject_matches_hostname": true, + "ocsp_response": { + "certificate_status": "GOOD", + "next_update": "2021-12-26T04:59:58", + "produced_at": "2021-12-19T05:56:00", + "response_status": "SUCCESSFUL", + "revocation_time": null, + "serial_number": 392005520187502488709701634685005369415544, + "this_update": "2021-12-19T05:00:00" + }, + "ocsp_response_is_trusted": true, + "path_validation_results": [ + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Android", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/google_aosp.pem", + "version": "12.0.0_r3" + }, + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFQDCCBCigAwIBAgISBIAALPgr8wS6fLmUy7/XQ5d4MA0GCSqGSIb3DQEBCwUA\nMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\nEwJSMzAeFw0yMTExMjQwNDQyNDJaFw0yMjAyMjIwNDQyNDFaMB8xHTAbBgNVBAMT\nFHd3dy5zZWN1cmVjb2RlYm94LmlvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAq8cbDO3GAfjqqbPPCBdPost8NMRmEubv85gXecll7mZMH5qSfTPuB/ou\nFWL3tPMf1U8usWeoSUK/48yatzBGwmj1KKlkaW9MS2QkydztRp+kH8LvbzbQvGkn\nuOLWGHBALLT17o/3DYxuA5LnXdY+vLvJWygQoFr2N/XhnhUjcm6OaQEJpIykydfb\nBQGQSEuQIIw4egpgdHkYJjCOYAsXuSSggN8/FADTCec0RzVjfFTSoJ3hV9HLE9M8\nMCSXjuo0AJ/MbAxq91S8XmDcRjHCCd7Zw+NjHo8cxZCQ6NqGvn3xwx8ahmmbC+Cy\nDEcIyJJZK2Yv+qE4oS8QZfaX/RaHMwIDAQABo4ICYTCCAl0wDgYDVR0PAQH/BAQD\nAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRjThWFVlqklALCFkKkpZeaOAJXlzAfBgNVHSMEGDAWgBQULrMX\nt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0\ndHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu\nY3Iub3JnLzAxBgNVHREEKjAoghBzZWN1cmVjb2RlYm94LmlvghR3d3cuc2VjdXJl\nY29kZWJveC5pbzBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAo\nMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisG\nAQQB1nkCBAIEgfUEgfIA8AB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw\n/m1HAAABfVB3t9gAAAQDAEcwRQIgbHJlvE5I/0ALsu917bfb+h24zU7ktWhAmah1\n4vrHlx8CIQDhvR54pgh45Y5qHSuPjS9YUhzvXShtT1mc3tMyAfEiSwB2AN+lXqto\ngk8fbK3uuF9OPlrqzaISpGpejjsSwCBEXCpzAAABfVB3uxMAAAQDAEcwRQIgZeHp\nbawSJPKvC17EYx/IgcCrSXCVqHFBuBUlH7rVGy0CIQDwV985dVXua4vNvv/cW7N+\ntikFedVGTYNcu7TZbRF+EzANBgkqhkiG9w0BAQsFAAOCAQEAhix/Azs1jsaXWI0W\n5innmbFCRvc9arGuKKRyeyljVadzmTaDLSR72CCX7SnXOp3A2ghTeuRAKTryeQbK\nAxML1sdJzKoh05osmJVlw6Lyu80NICqMOWNzaJyvMwKi1tP0FmAXXwsPvFLCU/TB\nY0XdGTZYVSTWHKt6O5Mez63EnMtAx+zMHouNjNBd11T40PpH6YWJg/tzaoVCABAk\nep1ujVuvLBwgztwBHmp+KTUX4O/VjQS5u/+nPZHYfVb+aqdeqcSgLL0cDx62xx/C\nItdbSpSCoKiHM4x5+yqrL1MBUswbhz0SOtAbrboj+x6Shiu4QJmtfs7kERYcfyy5\n/L5dpw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "wFfmw+HnmK3qYoMe0lyRww2Xh6E=", + "fingerprint_sha256": "A12epuoC0CC34kGoFcWan/Y1T/sV6FE/JxbypS6ZkiM=", + "hpkp_pin": "tl87oc9yrrqJ46gC3uBMBqBed5wM/qzdbLjO+1XE4to=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Let's Encrypt", + "value": "Let's Encrypt" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=R3", + "value": "R3" + } + ], + "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" + }, + "not_valid_after": "2022-02-22T04:42:41", + "not_valid_before": "2021-11-24T04:42:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 21684932812432339646485683289655448296763540159596927263572843107755452821772205858541782411956564211973624337617207176622427042211013286642959366491304222944727866775172072982367814387353074518963001766468903543469337743825150329977113528125897698254486215006583088920422238693934709511770745506935307541283380282216423639407749721171137985135319637461835549367631299935702939510878201137001564437372006570938688782647412537759804896865989512853861860648627621268112490228810625334887949996480090147872368112925042345727211662765214683746309439757755278105132904504583883278031982199528718312111745903516814279083827 + }, + "serial_number": 392005520187502488709701634685005369415544, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=www.securecodebox.io", + "value": "www.securecodebox.io" + } + ], + "rfc4514_string": "CN=www.securecodebox.io" + }, + "subject_alternative_name": { + "dns": ["securecodebox.io", "www.securecodebox.io"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw\nWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\nRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP\nR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx\nsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm\nNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg\nZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG\n/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC\nAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB\nAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA\nFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw\nAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw\nOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB\ngt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W\nPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl\nikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz\nCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm\nlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4\navAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2\nyJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O\nyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids\nhCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+\nHlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv\nMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX\nnLRbwHOoq7hHwg==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "oFM3W/6E6LdIeCx87hWCemr1pAU=", + "fingerprint_sha256": "Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=", + "hpkp_pin": "jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" + } + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "not_valid_after": "2025-09-15T16:00:00", + "not_valid_before": "2020-09-04T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 23607590023527405233483514815960094733025362836439268915823566209453533788829410729612693188664033965601284889382200672291623712219351579442466292134025779170871903029675641332227720513370499414392174777629378433333281492782006644003508406669842374574620445942041275265465205367002253387972103578862358103547035353751037986892891938939537013712276962031758303128178118156019997818459064793797705051611931042977322694991611263911077235433119719504206173897534215486225391156231168313218127765624386188467360149426877213161912342004781300247624712380387337803861727744706241919394251136381590874774264144198228326996757 + }, + "serial_number": 192961496339968674994309121183282847578, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Let's Encrypt", + "value": "Let's Encrypt" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=R3", + "value": "R3" + } + ], + "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4\nWhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu\nZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY\nMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc\nh77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+\n0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U\nA5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW\nT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH\nB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC\nB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv\nKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn\nOlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn\njh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw\nqHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI\nrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV\nHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq\nhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL\nubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ\n3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK\nNFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5\nORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur\nTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC\njNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc\noyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq\n4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA\nmRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d\nemyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "yr0qeaEHajHyHSU2NcsDnUMppeg=", + "fingerprint_sha256": "lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=", + "hpkp_pin": "C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" + } + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "not_valid_after": "2035-06-04T11:04:38", + "not_valid_before": "2015-06-04T11:04:38", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 709477870415445373015359016562426660610553770685944520893298396600226760899977879191004898543350831842119174188613678136510262472550532722234131754439181090009824131001234702144200501816519311599904090606194984753842587622398776018408050245574116028550608708896478977104703101364577377554823893350339376892984086676842821506637376561471221178677513035811884589888230947855482554780924844280661412982827405878164907670403886160896655313460186264922042760067692235383478494519985672059698752915965998412445946254227413232257276525240006651483130792248112417425846451951438781260632137645358927568158361961710185115502577127010922344394993078948994750404287047493247048147066090211292167313905862438457453781042040498702821432013765502024105065778257759178356925494156447570322373310256999609083201778278588599854706241788119448943034477370959349516873162063461521707809689839710972753590949570167489887658749686740890549110678989462474318310617765270337415238713770800711236563610171101328052424145478220993016515262478543813796899677215192789612682845145008993144513547444131126029557147570005369943143213525671105288817016183804256755470528641042403865830064493168693765438364296560479053823886598989258655438933191724193029337334607 + }, + "serial_number": 172886928669790476064670243504169061120, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" } - ], - "hostname_used_for_server_name_indication": "www.securecodebox.io" + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Apple", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/apple.pem", + "version": "iOS 15, iPadOS 15, macOS 12, tvOS 15, and watchOS 8" }, - "status": "COMPLETED" - }, - "elliptic_curves": { - "error_reason": null, - "error_trace": null, - "result": { - "rejected_curves": [ - { - "name": "X448", - "openssl_nid": 1035 - }, - { - "name": "prime192v1", - "openssl_nid": 409 - }, - { - "name": "secp160k1", - "openssl_nid": 708 - }, - { - "name": "secp160r1", - "openssl_nid": 709 - }, - { - "name": "secp160r2", - "openssl_nid": 710 - }, - { - "name": "secp192k1", - "openssl_nid": 711 - }, - { - "name": "secp224k1", - "openssl_nid": 712 - }, - { - "name": "secp224r1", - "openssl_nid": 713 - }, - { - "name": "secp256k1", - "openssl_nid": 714 - }, - { - "name": "secp384r1", - "openssl_nid": 715 - }, - { - "name": "secp521r1", - "openssl_nid": 716 - }, - { - "name": "sect163k1", - "openssl_nid": 721 - }, - { - "name": "sect163r1", - "openssl_nid": 722 - }, - { - "name": "sect163r2", - "openssl_nid": 723 - }, - { - "name": "sect193r1", - "openssl_nid": 724 - }, - { - "name": "sect193r2", - "openssl_nid": 725 - }, - { - "name": "sect233k1", - "openssl_nid": 726 - }, - { - "name": "sect233r1", - "openssl_nid": 727 - }, - { - "name": "sect239k1", - "openssl_nid": 728 - }, - { - "name": "sect283k1", - "openssl_nid": 729 - }, - { - "name": "sect283r1", - "openssl_nid": 730 - }, - { - "name": "sect409k1", - "openssl_nid": 731 - }, - { - "name": "sect409r1", - "openssl_nid": 732 - }, - { - "name": "sect571k1", - "openssl_nid": 733 - }, - { - "name": "sect571r1", - "openssl_nid": 734 + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFQDCCBCigAwIBAgISBIAALPgr8wS6fLmUy7/XQ5d4MA0GCSqGSIb3DQEBCwUA\nMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\nEwJSMzAeFw0yMTExMjQwNDQyNDJaFw0yMjAyMjIwNDQyNDFaMB8xHTAbBgNVBAMT\nFHd3dy5zZWN1cmVjb2RlYm94LmlvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAq8cbDO3GAfjqqbPPCBdPost8NMRmEubv85gXecll7mZMH5qSfTPuB/ou\nFWL3tPMf1U8usWeoSUK/48yatzBGwmj1KKlkaW9MS2QkydztRp+kH8LvbzbQvGkn\nuOLWGHBALLT17o/3DYxuA5LnXdY+vLvJWygQoFr2N/XhnhUjcm6OaQEJpIykydfb\nBQGQSEuQIIw4egpgdHkYJjCOYAsXuSSggN8/FADTCec0RzVjfFTSoJ3hV9HLE9M8\nMCSXjuo0AJ/MbAxq91S8XmDcRjHCCd7Zw+NjHo8cxZCQ6NqGvn3xwx8ahmmbC+Cy\nDEcIyJJZK2Yv+qE4oS8QZfaX/RaHMwIDAQABo4ICYTCCAl0wDgYDVR0PAQH/BAQD\nAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRjThWFVlqklALCFkKkpZeaOAJXlzAfBgNVHSMEGDAWgBQULrMX\nt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0\ndHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu\nY3Iub3JnLzAxBgNVHREEKjAoghBzZWN1cmVjb2RlYm94LmlvghR3d3cuc2VjdXJl\nY29kZWJveC5pbzBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAo\nMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisG\nAQQB1nkCBAIEgfUEgfIA8AB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw\n/m1HAAABfVB3t9gAAAQDAEcwRQIgbHJlvE5I/0ALsu917bfb+h24zU7ktWhAmah1\n4vrHlx8CIQDhvR54pgh45Y5qHSuPjS9YUhzvXShtT1mc3tMyAfEiSwB2AN+lXqto\ngk8fbK3uuF9OPlrqzaISpGpejjsSwCBEXCpzAAABfVB3uxMAAAQDAEcwRQIgZeHp\nbawSJPKvC17EYx/IgcCrSXCVqHFBuBUlH7rVGy0CIQDwV985dVXua4vNvv/cW7N+\ntikFedVGTYNcu7TZbRF+EzANBgkqhkiG9w0BAQsFAAOCAQEAhix/Azs1jsaXWI0W\n5innmbFCRvc9arGuKKRyeyljVadzmTaDLSR72CCX7SnXOp3A2ghTeuRAKTryeQbK\nAxML1sdJzKoh05osmJVlw6Lyu80NICqMOWNzaJyvMwKi1tP0FmAXXwsPvFLCU/TB\nY0XdGTZYVSTWHKt6O5Mez63EnMtAx+zMHouNjNBd11T40PpH6YWJg/tzaoVCABAk\nep1ujVuvLBwgztwBHmp+KTUX4O/VjQS5u/+nPZHYfVb+aqdeqcSgLL0cDx62xx/C\nItdbSpSCoKiHM4x5+yqrL1MBUswbhz0SOtAbrboj+x6Shiu4QJmtfs7kERYcfyy5\n/L5dpw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "wFfmw+HnmK3qYoMe0lyRww2Xh6E=", + "fingerprint_sha256": "A12epuoC0CC34kGoFcWan/Y1T/sV6FE/JxbypS6ZkiM=", + "hpkp_pin": "tl87oc9yrrqJ46gC3uBMBqBed5wM/qzdbLjO+1XE4to=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Let's Encrypt", + "value": "Let's Encrypt" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=R3", + "value": "R3" } - ], - "supported_curves": [ - { - "name": "X25519", - "openssl_nid": 1034 - }, - { - "name": "prime256v1", - "openssl_nid": 415 + ], + "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" + }, + "not_valid_after": "2022-02-22T04:42:41", + "not_valid_before": "2021-11-24T04:42:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 21684932812432339646485683289655448296763540159596927263572843107755452821772205858541782411956564211973624337617207176622427042211013286642959366491304222944727866775172072982367814387353074518963001766468903543469337743825150329977113528125897698254486215006583088920422238693934709511770745506935307541283380282216423639407749721171137985135319637461835549367631299935702939510878201137001564437372006570938688782647412537759804896865989512853861860648627621268112490228810625334887949996480090147872368112925042345727211662765214683746309439757755278105132904504583883278031982199528718312111745903516814279083827 + }, + "serial_number": 392005520187502488709701634685005369415544, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=www.securecodebox.io", + "value": "www.securecodebox.io" + } + ], + "rfc4514_string": "CN=www.securecodebox.io" + }, + "subject_alternative_name": { + "dns": ["securecodebox.io", "www.securecodebox.io"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw\nWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\nRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP\nR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx\nsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm\nNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg\nZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG\n/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC\nAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB\nAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA\nFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw\nAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw\nOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB\ngt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W\nPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl\nikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz\nCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm\nlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4\navAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2\nyJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O\nyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids\nhCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+\nHlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv\nMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX\nnLRbwHOoq7hHwg==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "oFM3W/6E6LdIeCx87hWCemr1pAU=", + "fingerprint_sha256": "Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=", + "hpkp_pin": "jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" + } + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "not_valid_after": "2025-09-15T16:00:00", + "not_valid_before": "2020-09-04T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 23607590023527405233483514815960094733025362836439268915823566209453533788829410729612693188664033965601284889382200672291623712219351579442466292134025779170871903029675641332227720513370499414392174777629378433333281492782006644003508406669842374574620445942041275265465205367002253387972103578862358103547035353751037986892891938939537013712276962031758303128178118156019997818459064793797705051611931042977322694991611263911077235433119719504206173897534215486225391156231168313218127765624386188467360149426877213161912342004781300247624712380387337803861727744706241919394251136381590874774264144198228326996757 + }, + "serial_number": 192961496339968674994309121183282847578, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Let's Encrypt", + "value": "Let's Encrypt" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=R3", + "value": "R3" + } + ], + "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4\nWhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu\nZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY\nMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc\nh77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+\n0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U\nA5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW\nT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH\nB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC\nB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv\nKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn\nOlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn\njh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw\nqHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI\nrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV\nHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq\nhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL\nubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ\n3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK\nNFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5\nORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur\nTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC\njNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc\noyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq\n4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA\nmRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d\nemyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "yr0qeaEHajHyHSU2NcsDnUMppeg=", + "fingerprint_sha256": "lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=", + "hpkp_pin": "C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" } - ], - "supports_ecdh_key_exchange": true + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "not_valid_after": "2035-06-04T11:04:38", + "not_valid_before": "2015-06-04T11:04:38", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 709477870415445373015359016562426660610553770685944520893298396600226760899977879191004898543350831842119174188613678136510262472550532722234131754439181090009824131001234702144200501816519311599904090606194984753842587622398776018408050245574116028550608708896478977104703101364577377554823893350339376892984086676842821506637376561471221178677513035811884589888230947855482554780924844280661412982827405878164907670403886160896655313460186264922042760067692235383478494519985672059698752915965998412445946254227413232257276525240006651483130792248112417425846451951438781260632137645358927568158361961710185115502577127010922344394993078948994750404287047493247048147066090211292167313905862438457453781042040498702821432013765502024105065778257759178356925494156447570322373310256999609083201778278588599854706241788119448943034477370959349516873162063461521707809689839710972753590949570167489887658749686740890549110678989462474318310617765270337415238713770800711236563610171101328052424145478220993016515262478543813796899677215192789612682845145008993144513547444131126029557147570005369943143213525671105288817016183804256755470528641042403865830064493168693765438364296560479053823886598989258655438933191724193029337334607 + }, + "serial_number": 172886928669790476064670243504169061120, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" + } + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Java", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/oracle_java.pem", + "version": "jdk-13.0.2" }, - "status": "COMPLETED" - }, - "heartbleed": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_heartbleed": false + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFQDCCBCigAwIBAgISBIAALPgr8wS6fLmUy7/XQ5d4MA0GCSqGSIb3DQEBCwUA\nMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\nEwJSMzAeFw0yMTExMjQwNDQyNDJaFw0yMjAyMjIwNDQyNDFaMB8xHTAbBgNVBAMT\nFHd3dy5zZWN1cmVjb2RlYm94LmlvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAq8cbDO3GAfjqqbPPCBdPost8NMRmEubv85gXecll7mZMH5qSfTPuB/ou\nFWL3tPMf1U8usWeoSUK/48yatzBGwmj1KKlkaW9MS2QkydztRp+kH8LvbzbQvGkn\nuOLWGHBALLT17o/3DYxuA5LnXdY+vLvJWygQoFr2N/XhnhUjcm6OaQEJpIykydfb\nBQGQSEuQIIw4egpgdHkYJjCOYAsXuSSggN8/FADTCec0RzVjfFTSoJ3hV9HLE9M8\nMCSXjuo0AJ/MbAxq91S8XmDcRjHCCd7Zw+NjHo8cxZCQ6NqGvn3xwx8ahmmbC+Cy\nDEcIyJJZK2Yv+qE4oS8QZfaX/RaHMwIDAQABo4ICYTCCAl0wDgYDVR0PAQH/BAQD\nAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRjThWFVlqklALCFkKkpZeaOAJXlzAfBgNVHSMEGDAWgBQULrMX\nt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0\ndHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu\nY3Iub3JnLzAxBgNVHREEKjAoghBzZWN1cmVjb2RlYm94LmlvghR3d3cuc2VjdXJl\nY29kZWJveC5pbzBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAo\nMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisG\nAQQB1nkCBAIEgfUEgfIA8AB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw\n/m1HAAABfVB3t9gAAAQDAEcwRQIgbHJlvE5I/0ALsu917bfb+h24zU7ktWhAmah1\n4vrHlx8CIQDhvR54pgh45Y5qHSuPjS9YUhzvXShtT1mc3tMyAfEiSwB2AN+lXqto\ngk8fbK3uuF9OPlrqzaISpGpejjsSwCBEXCpzAAABfVB3uxMAAAQDAEcwRQIgZeHp\nbawSJPKvC17EYx/IgcCrSXCVqHFBuBUlH7rVGy0CIQDwV985dVXua4vNvv/cW7N+\ntikFedVGTYNcu7TZbRF+EzANBgkqhkiG9w0BAQsFAAOCAQEAhix/Azs1jsaXWI0W\n5innmbFCRvc9arGuKKRyeyljVadzmTaDLSR72CCX7SnXOp3A2ghTeuRAKTryeQbK\nAxML1sdJzKoh05osmJVlw6Lyu80NICqMOWNzaJyvMwKi1tP0FmAXXwsPvFLCU/TB\nY0XdGTZYVSTWHKt6O5Mez63EnMtAx+zMHouNjNBd11T40PpH6YWJg/tzaoVCABAk\nep1ujVuvLBwgztwBHmp+KTUX4O/VjQS5u/+nPZHYfVb+aqdeqcSgLL0cDx62xx/C\nItdbSpSCoKiHM4x5+yqrL1MBUswbhz0SOtAbrboj+x6Shiu4QJmtfs7kERYcfyy5\n/L5dpw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "wFfmw+HnmK3qYoMe0lyRww2Xh6E=", + "fingerprint_sha256": "A12epuoC0CC34kGoFcWan/Y1T/sV6FE/JxbypS6ZkiM=", + "hpkp_pin": "tl87oc9yrrqJ46gC3uBMBqBed5wM/qzdbLjO+1XE4to=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Let's Encrypt", + "value": "Let's Encrypt" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=R3", + "value": "R3" + } + ], + "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" + }, + "not_valid_after": "2022-02-22T04:42:41", + "not_valid_before": "2021-11-24T04:42:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 21684932812432339646485683289655448296763540159596927263572843107755452821772205858541782411956564211973624337617207176622427042211013286642959366491304222944727866775172072982367814387353074518963001766468903543469337743825150329977113528125897698254486215006583088920422238693934709511770745506935307541283380282216423639407749721171137985135319637461835549367631299935702939510878201137001564437372006570938688782647412537759804896865989512853861860648627621268112490228810625334887949996480090147872368112925042345727211662765214683746309439757755278105132904504583883278031982199528718312111745903516814279083827 + }, + "serial_number": 392005520187502488709701634685005369415544, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=www.securecodebox.io", + "value": "www.securecodebox.io" + } + ], + "rfc4514_string": "CN=www.securecodebox.io" + }, + "subject_alternative_name": { + "dns": ["securecodebox.io", "www.securecodebox.io"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw\nWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\nRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP\nR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx\nsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm\nNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg\nZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG\n/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC\nAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB\nAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA\nFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw\nAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw\nOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB\ngt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W\nPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl\nikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz\nCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm\nlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4\navAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2\nyJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O\nyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids\nhCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+\nHlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv\nMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX\nnLRbwHOoq7hHwg==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "oFM3W/6E6LdIeCx87hWCemr1pAU=", + "fingerprint_sha256": "Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=", + "hpkp_pin": "jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" + } + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "not_valid_after": "2025-09-15T16:00:00", + "not_valid_before": "2020-09-04T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 23607590023527405233483514815960094733025362836439268915823566209453533788829410729612693188664033965601284889382200672291623712219351579442466292134025779170871903029675641332227720513370499414392174777629378433333281492782006644003508406669842374574620445942041275265465205367002253387972103578862358103547035353751037986892891938939537013712276962031758303128178118156019997818459064793797705051611931042977322694991611263911077235433119719504206173897534215486225391156231168313218127765624386188467360149426877213161912342004781300247624712380387337803861727744706241919394251136381590874774264144198228326996757 + }, + "serial_number": 192961496339968674994309121183282847578, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Let's Encrypt", + "value": "Let's Encrypt" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=R3", + "value": "R3" + } + ], + "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4\nWhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu\nZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY\nMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc\nh77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+\n0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U\nA5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW\nT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH\nB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC\nB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv\nKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn\nOlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn\njh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw\nqHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI\nrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV\nHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq\nhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL\nubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ\n3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK\nNFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5\nORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur\nTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC\njNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc\noyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq\n4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA\nmRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d\nemyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "yr0qeaEHajHyHSU2NcsDnUMppeg=", + "fingerprint_sha256": "lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=", + "hpkp_pin": "C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" + } + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "not_valid_after": "2035-06-04T11:04:38", + "not_valid_before": "2015-06-04T11:04:38", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 709477870415445373015359016562426660610553770685944520893298396600226760899977879191004898543350831842119174188613678136510262472550532722234131754439181090009824131001234702144200501816519311599904090606194984753842587622398776018408050245574116028550608708896478977104703101364577377554823893350339376892984086676842821506637376561471221178677513035811884589888230947855482554780924844280661412982827405878164907670403886160896655313460186264922042760067692235383478494519985672059698752915965998412445946254227413232257276525240006651483130792248112417425846451951438781260632137645358927568158361961710185115502577127010922344394993078948994750404287047493247048147066090211292167313905862438457453781042040498702821432013765502024105065778257759178356925494156447570322373310256999609083201778278588599854706241788119448943034477370959349516873162063461521707809689839710972753590949570167489887658749686740890549110678989462474318310617765270337415238713770800711236563610171101328052424145478220993016515262478543813796899677215192789612682845145008993144513547444131126029557147570005369943143213525671105288817016183804256755470528641042403865830064493168693765438364296560479053823886598989258655438933191724193029337334607 + }, + "serial_number": 172886928669790476064670243504169061120, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" + } + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": [ + { + "dotted_string": "1.2.276.0.44.1.1.1.4", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.392.200091.100.721.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.40.0.17.1.22", + "name": "Unknown OID" + }, + { + "dotted_string": "1.2.616.1.113527.2.5.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.159.1.17.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.13177.10.1.3.10", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14370.1.6", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14777.6.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.14777.6.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.14.2.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.14.2.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.8.12.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.17326.10.8.12.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.22234.2.5.2.3.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.23223.1.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.29836.1.10", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.3", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.34697.2.4", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.36305.2", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.40869.1.1.22.3", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.4146.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.4788.2.202.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.6334.1.100.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.6449.1.2.1.5.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.782.1.2.1.8.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.7879.13.24.1", + "name": "Unknown OID" + }, + { + "dotted_string": "1.3.6.1.4.1.8024.0.2.100.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.156.112554.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.528.1.1003.1.2.7", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.578.1.26.1.3.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.756.1.83.21.0", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.756.1.89.1.2.1.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.792.3.0.3.1.1.5", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.792.3.0.4.1.1.4", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.113733.1.7.23.6", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.113733.1.7.48.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114028.10.1.2", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114171.500.9", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114404.1.1.2.4.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114412.2.1", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114413.1.7.23.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114414.1.7.23.3", + "name": "Unknown OID" + }, + { + "dotted_string": "2.16.840.1.114414.1.7.24.3", + "name": "Unknown OID" + } + ], + "name": "Mozilla", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/mozilla_nss.pem", + "version": "2021-09-25" }, - "status": "COMPLETED" - }, - "http_headers": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "openssl_ccs_injection": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_ccs_injection": false + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFQDCCBCigAwIBAgISBIAALPgr8wS6fLmUy7/XQ5d4MA0GCSqGSIb3DQEBCwUA\nMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\nEwJSMzAeFw0yMTExMjQwNDQyNDJaFw0yMjAyMjIwNDQyNDFaMB8xHTAbBgNVBAMT\nFHd3dy5zZWN1cmVjb2RlYm94LmlvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAq8cbDO3GAfjqqbPPCBdPost8NMRmEubv85gXecll7mZMH5qSfTPuB/ou\nFWL3tPMf1U8usWeoSUK/48yatzBGwmj1KKlkaW9MS2QkydztRp+kH8LvbzbQvGkn\nuOLWGHBALLT17o/3DYxuA5LnXdY+vLvJWygQoFr2N/XhnhUjcm6OaQEJpIykydfb\nBQGQSEuQIIw4egpgdHkYJjCOYAsXuSSggN8/FADTCec0RzVjfFTSoJ3hV9HLE9M8\nMCSXjuo0AJ/MbAxq91S8XmDcRjHCCd7Zw+NjHo8cxZCQ6NqGvn3xwx8ahmmbC+Cy\nDEcIyJJZK2Yv+qE4oS8QZfaX/RaHMwIDAQABo4ICYTCCAl0wDgYDVR0PAQH/BAQD\nAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRjThWFVlqklALCFkKkpZeaOAJXlzAfBgNVHSMEGDAWgBQULrMX\nt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0\ndHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu\nY3Iub3JnLzAxBgNVHREEKjAoghBzZWN1cmVjb2RlYm94LmlvghR3d3cuc2VjdXJl\nY29kZWJveC5pbzBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAo\nMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisG\nAQQB1nkCBAIEgfUEgfIA8AB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw\n/m1HAAABfVB3t9gAAAQDAEcwRQIgbHJlvE5I/0ALsu917bfb+h24zU7ktWhAmah1\n4vrHlx8CIQDhvR54pgh45Y5qHSuPjS9YUhzvXShtT1mc3tMyAfEiSwB2AN+lXqto\ngk8fbK3uuF9OPlrqzaISpGpejjsSwCBEXCpzAAABfVB3uxMAAAQDAEcwRQIgZeHp\nbawSJPKvC17EYx/IgcCrSXCVqHFBuBUlH7rVGy0CIQDwV985dVXua4vNvv/cW7N+\ntikFedVGTYNcu7TZbRF+EzANBgkqhkiG9w0BAQsFAAOCAQEAhix/Azs1jsaXWI0W\n5innmbFCRvc9arGuKKRyeyljVadzmTaDLSR72CCX7SnXOp3A2ghTeuRAKTryeQbK\nAxML1sdJzKoh05osmJVlw6Lyu80NICqMOWNzaJyvMwKi1tP0FmAXXwsPvFLCU/TB\nY0XdGTZYVSTWHKt6O5Mez63EnMtAx+zMHouNjNBd11T40PpH6YWJg/tzaoVCABAk\nep1ujVuvLBwgztwBHmp+KTUX4O/VjQS5u/+nPZHYfVb+aqdeqcSgLL0cDx62xx/C\nItdbSpSCoKiHM4x5+yqrL1MBUswbhz0SOtAbrboj+x6Shiu4QJmtfs7kERYcfyy5\n/L5dpw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "wFfmw+HnmK3qYoMe0lyRww2Xh6E=", + "fingerprint_sha256": "A12epuoC0CC34kGoFcWan/Y1T/sV6FE/JxbypS6ZkiM=", + "hpkp_pin": "tl87oc9yrrqJ46gC3uBMBqBed5wM/qzdbLjO+1XE4to=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Let's Encrypt", + "value": "Let's Encrypt" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=R3", + "value": "R3" + } + ], + "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" + }, + "not_valid_after": "2022-02-22T04:42:41", + "not_valid_before": "2021-11-24T04:42:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 21684932812432339646485683289655448296763540159596927263572843107755452821772205858541782411956564211973624337617207176622427042211013286642959366491304222944727866775172072982367814387353074518963001766468903543469337743825150329977113528125897698254486215006583088920422238693934709511770745506935307541283380282216423639407749721171137985135319637461835549367631299935702939510878201137001564437372006570938688782647412537759804896865989512853861860648627621268112490228810625334887949996480090147872368112925042345727211662765214683746309439757755278105132904504583883278031982199528718312111745903516814279083827 + }, + "serial_number": 392005520187502488709701634685005369415544, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=www.securecodebox.io", + "value": "www.securecodebox.io" + } + ], + "rfc4514_string": "CN=www.securecodebox.io" + }, + "subject_alternative_name": { + "dns": ["securecodebox.io", "www.securecodebox.io"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw\nWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\nRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP\nR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx\nsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm\nNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg\nZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG\n/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC\nAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB\nAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA\nFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw\nAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw\nOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB\ngt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W\nPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl\nikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz\nCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm\nlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4\navAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2\nyJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O\nyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids\nhCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+\nHlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv\nMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX\nnLRbwHOoq7hHwg==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "oFM3W/6E6LdIeCx87hWCemr1pAU=", + "fingerprint_sha256": "Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=", + "hpkp_pin": "jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" + } + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "not_valid_after": "2025-09-15T16:00:00", + "not_valid_before": "2020-09-04T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 23607590023527405233483514815960094733025362836439268915823566209453533788829410729612693188664033965601284889382200672291623712219351579442466292134025779170871903029675641332227720513370499414392174777629378433333281492782006644003508406669842374574620445942041275265465205367002253387972103578862358103547035353751037986892891938939537013712276962031758303128178118156019997818459064793797705051611931042977322694991611263911077235433119719504206173897534215486225391156231168313218127765624386188467360149426877213161912342004781300247624712380387337803861727744706241919394251136381590874774264144198228326996757 + }, + "serial_number": 192961496339968674994309121183282847578, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Let's Encrypt", + "value": "Let's Encrypt" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=R3", + "value": "R3" + } + ], + "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4\nWhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu\nZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY\nMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc\nh77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+\n0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U\nA5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW\nT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH\nB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC\nB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv\nKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn\nOlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn\njh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw\nqHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI\nrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV\nHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq\nhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL\nubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ\n3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK\nNFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5\nORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur\nTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC\njNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc\noyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq\n4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA\nmRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d\nemyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "yr0qeaEHajHyHSU2NcsDnUMppeg=", + "fingerprint_sha256": "lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=", + "hpkp_pin": "C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" + } + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "not_valid_after": "2035-06-04T11:04:38", + "not_valid_before": "2015-06-04T11:04:38", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 709477870415445373015359016562426660610553770685944520893298396600226760899977879191004898543350831842119174188613678136510262472550532722234131754439181090009824131001234702144200501816519311599904090606194984753842587622398776018408050245574116028550608708896478977104703101364577377554823893350339376892984086676842821506637376561471221178677513035811884589888230947855482554780924844280661412982827405878164907670403886160896655313460186264922042760067692235383478494519985672059698752915965998412445946254227413232257276525240006651483130792248112417425846451951438781260632137645358927568158361961710185115502577127010922344394993078948994750404287047493247048147066090211292167313905862438457453781042040498702821432013765502024105065778257759178356925494156447570322373310256999609083201778278588599854706241788119448943034477370959349516873162063461521707809689839710972753590949570167489887658749686740890549110678989462474318310617765270337415238713770800711236563610171101328052424145478220993016515262478543813796899677215192789612682845145008993144513547444131126029557147570005369943143213525671105288817016183804256755470528641042403865830064493168693765438364296560479053823886598989258655438933191724193029337334607 + }, + "serial_number": 172886928669790476064670243504169061120, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" + } + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + }, + { + "openssl_error_string": null, + "trust_store": { + "ev_oids": null, + "name": "Windows", + "path": "/home/ilyesbd/Projects/secureCodeBox/sslyze_versions/sslyze-5.0.0/sslyze/plugins/certificate_info/trust_stores/pem_files/microsoft_windows.pem", + "version": "2021-09-25" }, - "status": "COMPLETED" - }, - "robot": { - "error_reason": null, - "error_trace": null, - "result": { - "robot_result": "NOT_VULNERABLE_NO_ORACLE" + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFQDCCBCigAwIBAgISBIAALPgr8wS6fLmUy7/XQ5d4MA0GCSqGSIb3DQEBCwUA\nMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\nEwJSMzAeFw0yMTExMjQwNDQyNDJaFw0yMjAyMjIwNDQyNDFaMB8xHTAbBgNVBAMT\nFHd3dy5zZWN1cmVjb2RlYm94LmlvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAq8cbDO3GAfjqqbPPCBdPost8NMRmEubv85gXecll7mZMH5qSfTPuB/ou\nFWL3tPMf1U8usWeoSUK/48yatzBGwmj1KKlkaW9MS2QkydztRp+kH8LvbzbQvGkn\nuOLWGHBALLT17o/3DYxuA5LnXdY+vLvJWygQoFr2N/XhnhUjcm6OaQEJpIykydfb\nBQGQSEuQIIw4egpgdHkYJjCOYAsXuSSggN8/FADTCec0RzVjfFTSoJ3hV9HLE9M8\nMCSXjuo0AJ/MbAxq91S8XmDcRjHCCd7Zw+NjHo8cxZCQ6NqGvn3xwx8ahmmbC+Cy\nDEcIyJJZK2Yv+qE4oS8QZfaX/RaHMwIDAQABo4ICYTCCAl0wDgYDVR0PAQH/BAQD\nAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRjThWFVlqklALCFkKkpZeaOAJXlzAfBgNVHSMEGDAWgBQULrMX\nt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0\ndHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu\nY3Iub3JnLzAxBgNVHREEKjAoghBzZWN1cmVjb2RlYm94LmlvghR3d3cuc2VjdXJl\nY29kZWJveC5pbzBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAo\nMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisG\nAQQB1nkCBAIEgfUEgfIA8AB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw\n/m1HAAABfVB3t9gAAAQDAEcwRQIgbHJlvE5I/0ALsu917bfb+h24zU7ktWhAmah1\n4vrHlx8CIQDhvR54pgh45Y5qHSuPjS9YUhzvXShtT1mc3tMyAfEiSwB2AN+lXqto\ngk8fbK3uuF9OPlrqzaISpGpejjsSwCBEXCpzAAABfVB3uxMAAAQDAEcwRQIgZeHp\nbawSJPKvC17EYx/IgcCrSXCVqHFBuBUlH7rVGy0CIQDwV985dVXua4vNvv/cW7N+\ntikFedVGTYNcu7TZbRF+EzANBgkqhkiG9w0BAQsFAAOCAQEAhix/Azs1jsaXWI0W\n5innmbFCRvc9arGuKKRyeyljVadzmTaDLSR72CCX7SnXOp3A2ghTeuRAKTryeQbK\nAxML1sdJzKoh05osmJVlw6Lyu80NICqMOWNzaJyvMwKi1tP0FmAXXwsPvFLCU/TB\nY0XdGTZYVSTWHKt6O5Mez63EnMtAx+zMHouNjNBd11T40PpH6YWJg/tzaoVCABAk\nep1ujVuvLBwgztwBHmp+KTUX4O/VjQS5u/+nPZHYfVb+aqdeqcSgLL0cDx62xx/C\nItdbSpSCoKiHM4x5+yqrL1MBUswbhz0SOtAbrboj+x6Shiu4QJmtfs7kERYcfyy5\n/L5dpw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "wFfmw+HnmK3qYoMe0lyRww2Xh6E=", + "fingerprint_sha256": "A12epuoC0CC34kGoFcWan/Y1T/sV6FE/JxbypS6ZkiM=", + "hpkp_pin": "tl87oc9yrrqJ46gC3uBMBqBed5wM/qzdbLjO+1XE4to=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Let's Encrypt", + "value": "Let's Encrypt" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=R3", + "value": "R3" + } + ], + "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" + }, + "not_valid_after": "2022-02-22T04:42:41", + "not_valid_before": "2021-11-24T04:42:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 21684932812432339646485683289655448296763540159596927263572843107755452821772205858541782411956564211973624337617207176622427042211013286642959366491304222944727866775172072982367814387353074518963001766468903543469337743825150329977113528125897698254486215006583088920422238693934709511770745506935307541283380282216423639407749721171137985135319637461835549367631299935702939510878201137001564437372006570938688782647412537759804896865989512853861860648627621268112490228810625334887949996480090147872368112925042345727211662765214683746309439757755278105132904504583883278031982199528718312111745903516814279083827 + }, + "serial_number": 392005520187502488709701634685005369415544, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=www.securecodebox.io", + "value": "www.securecodebox.io" + } + ], + "rfc4514_string": "CN=www.securecodebox.io" + }, + "subject_alternative_name": { + "dns": ["securecodebox.io", "www.securecodebox.io"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw\nWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\nRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP\nR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx\nsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm\nNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg\nZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG\n/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC\nAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB\nAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA\nFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw\nAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw\nOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB\ngt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W\nPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl\nikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz\nCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm\nlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4\navAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2\nyJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O\nyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids\nhCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+\nHlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv\nMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX\nnLRbwHOoq7hHwg==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "oFM3W/6E6LdIeCx87hWCemr1pAU=", + "fingerprint_sha256": "Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=", + "hpkp_pin": "jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" + } + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "not_valid_after": "2025-09-15T16:00:00", + "not_valid_before": "2020-09-04T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 23607590023527405233483514815960094733025362836439268915823566209453533788829410729612693188664033965601284889382200672291623712219351579442466292134025779170871903029675641332227720513370499414392174777629378433333281492782006644003508406669842374574620445942041275265465205367002253387972103578862358103547035353751037986892891938939537013712276962031758303128178118156019997818459064793797705051611931042977322694991611263911077235433119719504206173897534215486225391156231168313218127765624386188467360149426877213161912342004781300247624712380387337803861727744706241919394251136381590874774264144198228326996757 + }, + "serial_number": 192961496339968674994309121183282847578, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Let's Encrypt", + "value": "Let's Encrypt" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=R3", + "value": "R3" + } + ], + "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4\nWhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu\nZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY\nMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc\nh77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+\n0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U\nA5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW\nT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH\nB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC\nB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv\nKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn\nOlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn\njh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw\nqHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI\nrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV\nHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq\nhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL\nubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ\n3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK\nNFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5\nORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur\nTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC\njNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc\noyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq\n4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA\nmRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d\nemyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "yr0qeaEHajHyHSU2NcsDnUMppeg=", + "fingerprint_sha256": "lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=", + "hpkp_pin": "C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" + } + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "not_valid_after": "2035-06-04T11:04:38", + "not_valid_before": "2015-06-04T11:04:38", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 709477870415445373015359016562426660610553770685944520893298396600226760899977879191004898543350831842119174188613678136510262472550532722234131754439181090009824131001234702144200501816519311599904090606194984753842587622398776018408050245574116028550608708896478977104703101364577377554823893350339376892984086676842821506637376561471221178677513035811884589888230947855482554780924844280661412982827405878164907670403886160896655313460186264922042760067692235383478494519985672059698752915965998412445946254227413232257276525240006651483130792248112417425846451951438781260632137645358927568158361961710185115502577127010922344394993078948994750404287047493247048147066090211292167313905862438457453781042040498702821432013765502024105065778257759178356925494156447570322373310256999609083201778278588599854706241788119448943034477370959349516873162063461521707809689839710972753590949570167489887658749686740890549110678989462474318310617765270337415238713770800711236563610171101328052424145478220993016515262478543813796899677215192789612682845145008993144513547444131126029557147570005369943143213525671105288817016183804256755470528641042403865830064493168693765438364296560479053823886598989258655438933191724193029337334607 + }, + "serial_number": 172886928669790476064670243504169061120, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" + } + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "was_validation_successful": true + } + ], + "received_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFQDCCBCigAwIBAgISBIAALPgr8wS6fLmUy7/XQ5d4MA0GCSqGSIb3DQEBCwUA\nMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\nEwJSMzAeFw0yMTExMjQwNDQyNDJaFw0yMjAyMjIwNDQyNDFaMB8xHTAbBgNVBAMT\nFHd3dy5zZWN1cmVjb2RlYm94LmlvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAq8cbDO3GAfjqqbPPCBdPost8NMRmEubv85gXecll7mZMH5qSfTPuB/ou\nFWL3tPMf1U8usWeoSUK/48yatzBGwmj1KKlkaW9MS2QkydztRp+kH8LvbzbQvGkn\nuOLWGHBALLT17o/3DYxuA5LnXdY+vLvJWygQoFr2N/XhnhUjcm6OaQEJpIykydfb\nBQGQSEuQIIw4egpgdHkYJjCOYAsXuSSggN8/FADTCec0RzVjfFTSoJ3hV9HLE9M8\nMCSXjuo0AJ/MbAxq91S8XmDcRjHCCd7Zw+NjHo8cxZCQ6NqGvn3xwx8ahmmbC+Cy\nDEcIyJJZK2Yv+qE4oS8QZfaX/RaHMwIDAQABo4ICYTCCAl0wDgYDVR0PAQH/BAQD\nAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRjThWFVlqklALCFkKkpZeaOAJXlzAfBgNVHSMEGDAWgBQULrMX\nt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0\ndHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu\nY3Iub3JnLzAxBgNVHREEKjAoghBzZWN1cmVjb2RlYm94LmlvghR3d3cuc2VjdXJl\nY29kZWJveC5pbzBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAo\nMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisG\nAQQB1nkCBAIEgfUEgfIA8AB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw\n/m1HAAABfVB3t9gAAAQDAEcwRQIgbHJlvE5I/0ALsu917bfb+h24zU7ktWhAmah1\n4vrHlx8CIQDhvR54pgh45Y5qHSuPjS9YUhzvXShtT1mc3tMyAfEiSwB2AN+lXqto\ngk8fbK3uuF9OPlrqzaISpGpejjsSwCBEXCpzAAABfVB3uxMAAAQDAEcwRQIgZeHp\nbawSJPKvC17EYx/IgcCrSXCVqHFBuBUlH7rVGy0CIQDwV985dVXua4vNvv/cW7N+\ntikFedVGTYNcu7TZbRF+EzANBgkqhkiG9w0BAQsFAAOCAQEAhix/Azs1jsaXWI0W\n5innmbFCRvc9arGuKKRyeyljVadzmTaDLSR72CCX7SnXOp3A2ghTeuRAKTryeQbK\nAxML1sdJzKoh05osmJVlw6Lyu80NICqMOWNzaJyvMwKi1tP0FmAXXwsPvFLCU/TB\nY0XdGTZYVSTWHKt6O5Mez63EnMtAx+zMHouNjNBd11T40PpH6YWJg/tzaoVCABAk\nep1ujVuvLBwgztwBHmp+KTUX4O/VjQS5u/+nPZHYfVb+aqdeqcSgLL0cDx62xx/C\nItdbSpSCoKiHM4x5+yqrL1MBUswbhz0SOtAbrboj+x6Shiu4QJmtfs7kERYcfyy5\n/L5dpw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "wFfmw+HnmK3qYoMe0lyRww2Xh6E=", + "fingerprint_sha256": "A12epuoC0CC34kGoFcWan/Y1T/sV6FE/JxbypS6ZkiM=", + "hpkp_pin": "tl87oc9yrrqJ46gC3uBMBqBed5wM/qzdbLjO+1XE4to=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Let's Encrypt", + "value": "Let's Encrypt" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=R3", + "value": "R3" + } + ], + "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" }, - "status": "COMPLETED" - }, - "session_renegotiation": { - "error_reason": null, - "error_trace": null, - "result": { - "is_vulnerable_to_client_renegotiation_dos": false, - "supports_secure_renegotiation": true + "not_valid_after": "2022-02-22T04:42:41", + "not_valid_before": "2021-11-24T04:42:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 21684932812432339646485683289655448296763540159596927263572843107755452821772205858541782411956564211973624337617207176622427042211013286642959366491304222944727866775172072982367814387353074518963001766468903543469337743825150329977113528125897698254486215006583088920422238693934709511770745506935307541283380282216423639407749721171137985135319637461835549367631299935702939510878201137001564437372006570938688782647412537759804896865989512853861860648627621268112490228810625334887949996480090147872368112925042345727211662765214683746309439757755278105132904504583883278031982199528718312111745903516814279083827 }, - "status": "COMPLETED" - }, - "session_resumption": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "ssl_2_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_RC4_128_WITH_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "Server interrupted the TLS handshake" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "SSL_CK_RC4_128_EXPORT40_WITH_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "Server interrupted the TLS handshake" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_RC2_128_CBC_WITH_MD5", - "openssl_name": "RC2-CBC-MD5" - }, - "error_message": "Server interrupted the TLS handshake" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "Server interrupted the TLS handshake" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "SSL_CK_IDEA_128_CBC_WITH_MD5", - "openssl_name": "IDEA-CBC-MD5" - }, - "error_message": "Server interrupted the TLS handshake" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "SSL_CK_DES_64_CBC_WITH_MD5", - "openssl_name": "DES-CBC-MD5" - }, - "error_message": "Server interrupted the TLS handshake" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "SSL_CK_DES_192_EDE3_CBC_WITH_MD5", - "openssl_name": "DES-CBC3-MD5" - }, - "error_message": "Server interrupted the TLS handshake" - } - ], - "tls_version_used": "SSL_2_0" + "serial_number": 392005520187502488709701634685005369415544, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" }, - "status": "COMPLETED" - }, - "ssl_3_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "SSL_3_0" + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" }, - "status": "COMPLETED" - }, - "tls_1_0_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - } - ], - "tls_version_used": "TLS_1_0" + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=www.securecodebox.io", + "value": "www.securecodebox.io" + } + ], + "rfc4514_string": "CN=www.securecodebox.io" }, - "status": "COMPLETED" - }, - "tls_1_1_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [], - "is_tls_version_supported": false, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: protocol version " - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: protocol version " - } - ], - "tls_version_used": "TLS_1_1" + "subject_alternative_name": { + "dns": ["securecodebox.io", "www.securecodebox.io"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw\nWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\nRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP\nR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx\nsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm\nNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg\nZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG\n/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC\nAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB\nAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA\nFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw\nAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw\nOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB\ngt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W\nPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl\nikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz\nCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm\nlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4\navAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2\nyJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O\nyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids\nhCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+\nHlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv\nMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX\nnLRbwHOoq7hHwg==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "oFM3W/6E6LdIeCx87hWCemr1pAU=", + "fingerprint_sha256": "Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=", + "hpkp_pin": "jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" + } + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "not_valid_after": "2025-09-15T16:00:00", + "not_valid_before": "2020-09-04T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 23607590023527405233483514815960094733025362836439268915823566209453533788829410729612693188664033965601284889382200672291623712219351579442466292134025779170871903029675641332227720513370499414392174777629378433333281492782006644003508406669842374574620445942041275265465205367002253387972103578862358103547035353751037986892891938939537013712276962031758303128178118156019997818459064793797705051611931042977322694991611263911077235433119719504206173897534215486225391156231168313218127765624386188467360149426877213161912342004781300247624712380387337803861727744706241919394251136381590874774264144198228326996757 + }, + "serial_number": 192961496339968674994309121183282847578, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Let's Encrypt", + "value": "Let's Encrypt" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=R3", + "value": "R3" + } + ], + "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/\nMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\nDkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB\nAQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC\nov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL\nwYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D\nLtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK\n4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5\nbHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y\nsR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ\nXmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4\nFQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc\nSLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql\nPRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND\nTwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw\nSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1\nc3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx\n+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB\nATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu\nb3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E\nU1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu\nMA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC\n5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW\n9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG\nWCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O\nhe8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC\nDfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "kzxt3ulcnEGkD59QST2CvgOth78=", + "fingerprint_sha256": "bZn7Jl6xxbN0R2X8vGSPPNjhv/r9xML5m51Hz3/xwk8=", + "hpkp_pin": "C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Digital Signature Trust Co.", + "value": "Digital Signature Trust Co." + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=DST Root CA X3", + "value": "DST Root CA X3" + } + ], + "rfc4514_string": "CN=DST Root CA X3,O=Digital Signature Trust Co." + }, + "not_valid_after": "2024-09-30T18:14:03", + "not_valid_before": "2021-01-20T19:14:03", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 709477870415445373015359016562426660610553770685944520893298396600226760899977879191004898543350831842119174188613678136510262472550532722234131754439181090009824131001234702144200501816519311599904090606194984753842587622398776018408050245574116028550608708896478977104703101364577377554823893350339376892984086676842821506637376561471221178677513035811884589888230947855482554780924844280661412982827405878164907670403886160896655313460186264922042760067692235383478494519985672059698752915965998412445946254227413232257276525240006651483130792248112417425846451951438781260632137645358927568158361961710185115502577127010922344394993078948994750404287047493247048147066090211292167313905862438457453781042040498702821432013765502024105065778257759178356925494156447570322373310256999609083201778278588599854706241788119448943034477370959349516873162063461521707809689839710972753590949570167489887658749686740890549110678989462474318310617765270337415238713770800711236563610171101328052424145478220993016515262478543813796899677215192789612682845145008993144513547444131126029557147570005369943143213525671105288817016183804256755470528641042403865830064493168693765438364296560479053823886598989258655438933191724193029337334607 + }, + "serial_number": 85078200265644417569109389142156118711, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" + } + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "received_chain_contains_anchor_certificate": false, + "received_chain_has_valid_order": true, + "verified_certificate_chain": [ + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFQDCCBCigAwIBAgISBIAALPgr8wS6fLmUy7/XQ5d4MA0GCSqGSIb3DQEBCwUA\nMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\nEwJSMzAeFw0yMTExMjQwNDQyNDJaFw0yMjAyMjIwNDQyNDFaMB8xHTAbBgNVBAMT\nFHd3dy5zZWN1cmVjb2RlYm94LmlvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAq8cbDO3GAfjqqbPPCBdPost8NMRmEubv85gXecll7mZMH5qSfTPuB/ou\nFWL3tPMf1U8usWeoSUK/48yatzBGwmj1KKlkaW9MS2QkydztRp+kH8LvbzbQvGkn\nuOLWGHBALLT17o/3DYxuA5LnXdY+vLvJWygQoFr2N/XhnhUjcm6OaQEJpIykydfb\nBQGQSEuQIIw4egpgdHkYJjCOYAsXuSSggN8/FADTCec0RzVjfFTSoJ3hV9HLE9M8\nMCSXjuo0AJ/MbAxq91S8XmDcRjHCCd7Zw+NjHo8cxZCQ6NqGvn3xwx8ahmmbC+Cy\nDEcIyJJZK2Yv+qE4oS8QZfaX/RaHMwIDAQABo4ICYTCCAl0wDgYDVR0PAQH/BAQD\nAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA\nMB0GA1UdDgQWBBRjThWFVlqklALCFkKkpZeaOAJXlzAfBgNVHSMEGDAWgBQULrMX\nt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0\ndHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu\nY3Iub3JnLzAxBgNVHREEKjAoghBzZWN1cmVjb2RlYm94LmlvghR3d3cuc2VjdXJl\nY29kZWJveC5pbzBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAo\nMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisG\nAQQB1nkCBAIEgfUEgfIA8AB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw\n/m1HAAABfVB3t9gAAAQDAEcwRQIgbHJlvE5I/0ALsu917bfb+h24zU7ktWhAmah1\n4vrHlx8CIQDhvR54pgh45Y5qHSuPjS9YUhzvXShtT1mc3tMyAfEiSwB2AN+lXqto\ngk8fbK3uuF9OPlrqzaISpGpejjsSwCBEXCpzAAABfVB3uxMAAAQDAEcwRQIgZeHp\nbawSJPKvC17EYx/IgcCrSXCVqHFBuBUlH7rVGy0CIQDwV985dVXua4vNvv/cW7N+\ntikFedVGTYNcu7TZbRF+EzANBgkqhkiG9w0BAQsFAAOCAQEAhix/Azs1jsaXWI0W\n5innmbFCRvc9arGuKKRyeyljVadzmTaDLSR72CCX7SnXOp3A2ghTeuRAKTryeQbK\nAxML1sdJzKoh05osmJVlw6Lyu80NICqMOWNzaJyvMwKi1tP0FmAXXwsPvFLCU/TB\nY0XdGTZYVSTWHKt6O5Mez63EnMtAx+zMHouNjNBd11T40PpH6YWJg/tzaoVCABAk\nep1ujVuvLBwgztwBHmp+KTUX4O/VjQS5u/+nPZHYfVb+aqdeqcSgLL0cDx62xx/C\nItdbSpSCoKiHM4x5+yqrL1MBUswbhz0SOtAbrboj+x6Shiu4QJmtfs7kERYcfyy5\n/L5dpw==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "wFfmw+HnmK3qYoMe0lyRww2Xh6E=", + "fingerprint_sha256": "A12epuoC0CC34kGoFcWan/Y1T/sV6FE/JxbypS6ZkiM=", + "hpkp_pin": "tl87oc9yrrqJ46gC3uBMBqBed5wM/qzdbLjO+1XE4to=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Let's Encrypt", + "value": "Let's Encrypt" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=R3", + "value": "R3" + } + ], + "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" + }, + "not_valid_after": "2022-02-22T04:42:41", + "not_valid_before": "2021-11-24T04:42:42", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 21684932812432339646485683289655448296763540159596927263572843107755452821772205858541782411956564211973624337617207176622427042211013286642959366491304222944727866775172072982367814387353074518963001766468903543469337743825150329977113528125897698254486215006583088920422238693934709511770745506935307541283380282216423639407749721171137985135319637461835549367631299935702939510878201137001564437372006570938688782647412537759804896865989512853861860648627621268112490228810625334887949996480090147872368112925042345727211662765214683746309439757755278105132904504583883278031982199528718312111745903516814279083827 + }, + "serial_number": 392005520187502488709701634685005369415544, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" }, - "status": "COMPLETED" + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=www.securecodebox.io", + "value": "www.securecodebox.io" + } + ], + "rfc4514_string": "CN=www.securecodebox.io" + }, + "subject_alternative_name": { + "dns": ["securecodebox.io", "www.securecodebox.io"] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw\nWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\nRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP\nR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx\nsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm\nNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg\nZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG\n/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC\nAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB\nAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA\nFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw\nAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw\nOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB\ngt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W\nPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl\nikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz\nCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm\nlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4\navAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2\nyJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O\nyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids\nhCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+\nHlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv\nMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX\nnLRbwHOoq7hHwg==\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "oFM3W/6E6LdIeCx87hWCemr1pAU=", + "fingerprint_sha256": "Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=", + "hpkp_pin": "jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" + } + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "not_valid_after": "2025-09-15T16:00:00", + "not_valid_before": "2020-09-04T00:00:00", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 2048, + "rsa_e": 65537, + "rsa_n": 23607590023527405233483514815960094733025362836439268915823566209453533788829410729612693188664033965601284889382200672291623712219351579442466292134025779170871903029675641332227720513370499414392174777629378433333281492782006644003508406669842374574620445942041275265465205367002253387972103578862358103547035353751037986892891938939537013712276962031758303128178118156019997818459064793797705051611931042977322694991611263911077235433119719504206173897534215486225391156231168313218127765624386188467360149426877213161912342004781300247624712380387337803861727744706241919394251136381590874774264144198228326996757 + }, + "serial_number": 192961496339968674994309121183282847578, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Let's Encrypt", + "value": "Let's Encrypt" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=R3", + "value": "R3" + } + ], + "rfc4514_string": "CN=R3,O=Let's Encrypt,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + }, + { + "as_pem": "-----BEGIN CERTIFICATE-----\nMIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4\nWhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu\nZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY\nMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc\nh77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+\n0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U\nA5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW\nT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH\nB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC\nB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv\nKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn\nOlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn\njh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw\nqHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI\nrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV\nHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq\nhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL\nubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ\n3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK\nNFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5\nORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur\nTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC\njNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc\noyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq\n4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA\nmRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d\nemyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=\n-----END CERTIFICATE-----\n", + "fingerprint_sha1": "yr0qeaEHajHyHSU2NcsDnUMppeg=", + "fingerprint_sha256": "lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=", + "hpkp_pin": "C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M=", + "issuer": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" + } + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "not_valid_after": "2035-06-04T11:04:38", + "not_valid_before": "2015-06-04T11:04:38", + "public_key": { + "algorithm": "_RSAPublicKey", + "ec_curve_name": null, + "ec_x": null, + "ec_y": null, + "key_size": 4096, + "rsa_e": 65537, + "rsa_n": 709477870415445373015359016562426660610553770685944520893298396600226760899977879191004898543350831842119174188613678136510262472550532722234131754439181090009824131001234702144200501816519311599904090606194984753842587622398776018408050245574116028550608708896478977104703101364577377554823893350339376892984086676842821506637376561471221178677513035811884589888230947855482554780924844280661412982827405878164907670403886160896655313460186264922042760067692235383478494519985672059698752915965998412445946254227413232257276525240006651483130792248112417425846451951438781260632137645358927568158361961710185115502577127010922344394993078948994750404287047493247048147066090211292167313905862438457453781042040498702821432013765502024105065778257759178356925494156447570322373310256999609083201778278588599854706241788119448943034477370959349516873162063461521707809689839710972753590949570167489887658749686740890549110678989462474318310617765270337415238713770800711236563610171101328052424145478220993016515262478543813796899677215192789612682845145008993144513547444131126029557147570005369943143213525671105288817016183804256755470528641042403865830064493168693765438364296560479053823886598989258655438933191724193029337334607 + }, + "serial_number": 172886928669790476064670243504169061120, + "signature_algorithm_oid": { + "dotted_string": "1.2.840.113549.1.1.11", + "name": "sha256WithRSAEncryption" + }, + "signature_hash_algorithm": { + "digest_size": 32, + "name": "sha256" + }, + "subject": { + "attributes": [ + { + "oid": { + "dotted_string": "2.5.4.6", + "name": "countryName" + }, + "rfc4514_string": "C=US", + "value": "US" + }, + { + "oid": { + "dotted_string": "2.5.4.10", + "name": "organizationName" + }, + "rfc4514_string": "O=Internet Security Research Group", + "value": "Internet Security Research Group" + }, + { + "oid": { + "dotted_string": "2.5.4.3", + "name": "commonName" + }, + "rfc4514_string": "CN=ISRG Root X1", + "value": "ISRG Root X1" + } + ], + "rfc4514_string": "CN=ISRG Root X1,O=Internet Security Research Group,C=US" + }, + "subject_alternative_name": { + "dns": [] + } + } + ], + "verified_chain_has_legacy_symantec_anchor": false, + "verified_chain_has_sha1_signature": false + } + ], + "hostname_used_for_server_name_indication": "www.securecodebox.io" + }, + "status": "COMPLETED" + }, + "elliptic_curves": { + "error_reason": null, + "error_trace": null, + "result": { + "rejected_curves": [ + { + "name": "X448", + "openssl_nid": 1035 + }, + { + "name": "prime192v1", + "openssl_nid": 409 + }, + { + "name": "secp160k1", + "openssl_nid": 708 + }, + { + "name": "secp160r1", + "openssl_nid": 709 + }, + { + "name": "secp160r2", + "openssl_nid": 710 + }, + { + "name": "secp192k1", + "openssl_nid": 711 + }, + { + "name": "secp224k1", + "openssl_nid": 712 + }, + { + "name": "secp224r1", + "openssl_nid": 713 + }, + { + "name": "secp256k1", + "openssl_nid": 714 + }, + { + "name": "secp384r1", + "openssl_nid": 715 + }, + { + "name": "secp521r1", + "openssl_nid": 716 + }, + { + "name": "sect163k1", + "openssl_nid": 721 + }, + { + "name": "sect163r1", + "openssl_nid": 722 + }, + { + "name": "sect163r2", + "openssl_nid": 723 + }, + { + "name": "sect193r1", + "openssl_nid": 724 + }, + { + "name": "sect193r2", + "openssl_nid": 725 + }, + { + "name": "sect233k1", + "openssl_nid": 726 + }, + { + "name": "sect233r1", + "openssl_nid": 727 + }, + { + "name": "sect239k1", + "openssl_nid": 728 + }, + { + "name": "sect283k1", + "openssl_nid": 729 + }, + { + "name": "sect283r1", + "openssl_nid": 730 + }, + { + "name": "sect409k1", + "openssl_nid": 731 + }, + { + "name": "sect409r1", + "openssl_nid": 732 + }, + { + "name": "sect571k1", + "openssl_nid": 733 + }, + { + "name": "sect571r1", + "openssl_nid": 734 + } + ], + "supported_curves": [ + { + "name": "X25519", + "openssl_nid": 1034 + }, + { + "name": "prime256v1", + "openssl_nid": 415 + } + ], + "supports_ecdh_key_exchange": true + }, + "status": "COMPLETED" + }, + "heartbleed": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_heartbleed": false + }, + "status": "COMPLETED" + }, + "http_headers": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "openssl_ccs_injection": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_ccs_injection": false + }, + "status": "COMPLETED" + }, + "robot": { + "error_reason": null, + "error_trace": null, + "result": { + "robot_result": "NOT_VULNERABLE_NO_ORACLE" + }, + "status": "COMPLETED" + }, + "session_renegotiation": { + "error_reason": null, + "error_trace": null, + "result": { + "is_vulnerable_to_client_renegotiation_dos": false, + "supports_secure_renegotiation": true + }, + "status": "COMPLETED" + }, + "session_resumption": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "ssl_2_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_RC4_128_WITH_MD5", + "openssl_name": "RC4-MD5" }, - "tls_1_2_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "AES256-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "AES128-GCM-SHA256" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "AES128-SHA" - }, - "ephemeral_key": null - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "ECDHE-RSA-CHACHA20-POLY1305" - }, - "ephemeral_key": { - "curve_name": "X25519", - "generator": null, - "prime": null, - "public_bytes": "h8VuexahBu78ann8hCGlwiGQdI2TcHP6a51ypQWEBCM=", - "size": 253, - "type_name": "ECDH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDHE-RSA-AES256-GCM-SHA384" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BLspe3y+HbSvfTb3LESjU0w86X5kbp9rMnTG9AuITIBBbmEF2e/s+rnd/I0LglLnZJ01uVooaB8D0cYcS0B5UKw=", - "size": 256, - "type_name": "ECDH", - "x": "uyl7fL4dtK99NvcsRKNTTDzpfmRun2sydMb0C4hMgEE=", - "y": "bmEF2e/s+rnd/I0LglLnZJ01uVooaB8D0cYcS0B5UKw=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDHE-RSA-AES256-SHA384" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BGF9qG/DQcrc9OHGBVPD3lgzC15mmWrN5AUk7L+x4GPFT684Zl/wGst7tQIX5/mOBmBLwbl4aVpLIzSW1YU+18A=", - "size": 256, - "type_name": "ECDH", - "x": "YX2ob8NBytz04cYFU8PeWDMLXmaZas3kBSTsv7HgY8U=", - "y": "T684Zl/wGst7tQIX5/mOBmBLwbl4aVpLIzSW1YU+18A=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES256-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BE08C7xiyNZhOlpmRyoTWWkGzpN/FXBtkBHbFkLD00rD5ijJ2wiH4/SJdsTi6ntsZMHwMdmSXsnw4PlRbvqFii8=", - "size": 256, - "type_name": "ECDH", - "x": "TTwLvGLI1mE6WmZHKhNZaQbOk38VcG2QEdsWQsPTSsM=", - "y": "5ijJ2wiH4/SJdsTi6ntsZMHwMdmSXsnw4PlRbvqFii8=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDHE-RSA-AES128-GCM-SHA256" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BPQnevRwNXphTYd2CwJeeUnA7jjeOeV/cfwLCzhGtA3xRWFDNGIE0TbLwmQC11eBhjiJ1GV6aJh2Zm3Iak8uxx0=", - "size": 256, - "type_name": "ECDH", - "x": "9Cd69HA1emFNh3YLAl55ScDuON455X9x/AsLOEa0DfE=", - "y": "RWFDNGIE0TbLwmQC11eBhjiJ1GV6aJh2Zm3Iak8uxx0=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDHE-RSA-AES128-SHA256" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BLv/tReHKS5xtv5QmxRS2nvpte3cNsK6PoMOzpWSiVy9r3hNETz4FCe8FyQzfSwQLLCmetxFgYdFtWI6kAou+Xc=", - "size": 256, - "type_name": "ECDH", - "x": "u/+1F4cpLnG2/lCbFFLae+m17dw2wro+gw7OlZKJXL0=", - "y": "r3hNETz4FCe8FyQzfSwQLLCmetxFgYdFtWI6kAou+Xc=" - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-RSA-AES128-SHA" - }, - "ephemeral_key": { - "curve_name": "prime256v1", - "generator": null, - "prime": null, - "public_bytes": "BLMQ4XD+ZujfnKvIRSlQMPHLL2VwWm9psGyH3SZdC6aRkuaJVATP2vu3FIVeXaluzL/TOFCT7M4BicgEatmjT8s=", - "size": 256, - "type_name": "ECDH", - "x": "sxDhcP5m6N+cq8hFKVAw8csvZXBab2mwbIfdJl0LppE=", - "y": "kuaJVATP2vu3FIVeXaluzL/TOFCT7M4BicgEatmjT8s=" - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_SHA", - "openssl_name": "RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_RC4_128_MD5", - "openssl_name": "RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA256", - "openssl_name": "NULL-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_SHA", - "openssl_name": "NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_RSA_WITH_NULL_MD5", - "openssl_name": "NULL-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_IDEA_CBC_SHA", - "openssl_name": "IDEA-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_256_CCM_8", - "openssl_name": "AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CCM", - "openssl_name": "AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CCM_8", - "openssl_name": "AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CCM", - "openssl_name": "AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", - "openssl_name": "EXP-RC2-CBC-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", - "openssl_name": "AECDH-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 0, - "name": "TLS_ECDH_anon_WITH_NULL_SHA", - "openssl_name": "AECDH-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "AECDH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "AECDH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "AECDH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_RSA_WITH_NULL_SHA", - "openssl_name": "ECDH-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDH-RSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDH-RSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDH-RSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDH-RSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDH-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDH-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDH-ECDSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDH-ECDSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDH-ECDSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDH-ECDSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDH-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-RSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-RSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", - "openssl_name": "ECDHE-RSA-CAMELLIA256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "ECDHE-RSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ECDHE-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ECDHE-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "openssl_name": "ECDHE-ECDSA-RC4-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 0, - "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "openssl_name": "ECDHE-ECDSA-NULL-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "ECDHE-ECDSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", - "openssl_name": "ECDHE-ECDSA-CAMELLIA256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "ECDHE-ECDSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "ECDHE-ECDSA-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "ECDHE-ECDSA-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "ECDHE-ECDSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", - "openssl_name": "ECDHE-ECDSA-AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", - "openssl_name": "ECDHE-ECDSA-AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", - "openssl_name": "ECDHE-ECDSA-AES256-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "ECDHE-ECDSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", - "openssl_name": "ECDHE-ECDSA-AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", - "openssl_name": "ECDHE-ECDSA-AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "ECDHE-ECDSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", - "openssl_name": "ADH-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_RC4_128_MD5", - "openssl_name": "ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 56, - "name": "TLS_DH_anon_WITH_DES_CBC_SHA", - "openssl_name": "ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "ADH-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "ADH-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_GCM_SHA384", - "openssl_name": "ADH-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA256", - "openssl_name": "ADH-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 256, - "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", - "openssl_name": "ADH-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_GCM_SHA256", - "openssl_name": "ADH-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA256", - "openssl_name": "ADH-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 128, - "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", - "openssl_name": "ADH-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 168, - "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "ADH-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", - "openssl_name": "EXP-ADH-RC4-MD5" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": true, - "key_size": 40, - "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-ADH-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DH-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "DH-RSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "DH-RSA-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "DH-RSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "DH-RSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DH-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DH-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", - "openssl_name": "DH-DSS-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", - "openssl_name": "DH-DSS-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DH-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", - "openssl_name": "DH-DSS-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", - "openssl_name": "DH-DSS-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DH-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-RSA-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", - "openssl_name": "EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "openssl_name": "DHE-RSA-CHACHA20-POLY1305" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-RSA-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "DHE-RSA-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "DHE-RSA-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", - "openssl_name": "DHE-RSA-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CCM_8", - "openssl_name": "DHE-RSA-AES256-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CCM", - "openssl_name": "DHE-RSA-AES256-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", - "openssl_name": "DHE-RSA-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-RSA-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", - "openssl_name": "DHE-RSA-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CCM_8", - "openssl_name": "DHE-RSA-AES128-CCM8" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CCM", - "openssl_name": "DHE-RSA-AES128-CCM" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", - "openssl_name": "DHE-RSA-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-RSA-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "DHE-RSA-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", - "openssl_name": "DHE-DSS-SEED-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 56, - "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", - "openssl_name": "DHE-DSS-CAMELLIA128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", - "openssl_name": "DHE-DSS-ARIA256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", - "openssl_name": "DHE-DSS-ARIA128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", - "openssl_name": "DHE-DSS-AES256-GCM-SHA384" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", - "openssl_name": "DHE-DSS-AES256-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", - "openssl_name": "DHE-DSS-AES256-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", - "openssl_name": "DHE-DSS-AES128-GCM-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", - "openssl_name": "DHE-DSS-AES128-SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "openssl_name": "DHE-DSS-AES128-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 168, - "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", - "openssl_name": "EDH-DSS-DES-CBC3-SHA" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 40, - "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_2" - }, - "status": "COMPLETED" + "error_message": "Server interrupted the TLS handshake" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "SSL_CK_RC4_128_EXPORT40_WITH_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "Server interrupted the TLS handshake" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_RC2_128_CBC_WITH_MD5", + "openssl_name": "RC2-CBC-MD5" + }, + "error_message": "Server interrupted the TLS handshake" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "Server interrupted the TLS handshake" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "SSL_CK_IDEA_128_CBC_WITH_MD5", + "openssl_name": "IDEA-CBC-MD5" + }, + "error_message": "Server interrupted the TLS handshake" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "SSL_CK_DES_64_CBC_WITH_MD5", + "openssl_name": "DES-CBC-MD5" + }, + "error_message": "Server interrupted the TLS handshake" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "SSL_CK_DES_192_EDE3_CBC_WITH_MD5", + "openssl_name": "DES-CBC3-MD5" + }, + "error_message": "Server interrupted the TLS handshake" + } + ], + "tls_version_used": "SSL_2_0" + }, + "status": "COMPLETED" + }, + "ssl_3_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "SSL_3_0" + }, + "status": "COMPLETED" + }, + "tls_1_0_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + } + ], + "tls_version_used": "TLS_1_0" + }, + "status": "COMPLETED" + }, + "tls_1_1_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [], + "is_tls_version_supported": false, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" }, - "tls_1_3_cipher_suites": { - "error_reason": null, - "error_trace": null, - "result": { - "accepted_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_CHACHA20_POLY1305_SHA256", - "openssl_name": "TLS_CHACHA20_POLY1305_SHA256" - }, - "ephemeral_key": { - "curve_name": "X25519", - "generator": null, - "prime": null, - "public_bytes": "RvAIC+XwgKQ58oRGdsSH9H8Gp+IZ2VDGvEl+aHUZlhw=", - "size": 253, - "type_name": "ECDH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 256, - "name": "TLS_AES_256_GCM_SHA384", - "openssl_name": "TLS_AES_256_GCM_SHA384" - }, - "ephemeral_key": { - "curve_name": "X25519", - "generator": null, - "prime": null, - "public_bytes": "kgN9wmQK1bNLXBVimvUOVibB/zu4B9NBiC69iPxhNFI=", - "size": 253, - "type_name": "ECDH", - "x": null, - "y": null - } - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_GCM_SHA256", - "openssl_name": "TLS_AES_128_GCM_SHA256" - }, - "ephemeral_key": { - "curve_name": "X25519", - "generator": null, - "prime": null, - "public_bytes": "tcgk09F3j+/pIgAs0v7SjHGrCqit5LPW/GtltKyg7z4=", - "size": 253, - "type_name": "ECDH", - "x": null, - "y": null - } - } - ], - "is_tls_version_supported": true, - "rejected_cipher_suites": [ - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_CCM_SHA256", - "openssl_name": "TLS_AES_128_CCM_SHA256" - }, - "error_message": "TLS alert: handshake failure" - }, - { - "cipher_suite": { - "is_anonymous": false, - "key_size": 128, - "name": "TLS_AES_128_CCM_8_SHA256", - "openssl_name": "TLS_AES_128_CCM_8_SHA256" - }, - "error_message": "TLS alert: handshake failure" - } - ], - "tls_version_used": "TLS_1_3" - }, - "status": "COMPLETED" - }, - "tls_1_3_early_data": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" - }, - "tls_compression": { - "error_reason": null, - "error_trace": null, - "result": { - "supports_compression": false - }, - "status": "COMPLETED" + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: protocol version " + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: protocol version " + } + ], + "tls_version_used": "TLS_1_1" + }, + "status": "COMPLETED" + }, + "tls_1_2_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "AES256-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "AES128-GCM-SHA256" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "AES128-SHA" + }, + "ephemeral_key": null + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "ECDHE-RSA-CHACHA20-POLY1305" + }, + "ephemeral_key": { + "curve_name": "X25519", + "generator": null, + "prime": null, + "public_bytes": "h8VuexahBu78ann8hCGlwiGQdI2TcHP6a51ypQWEBCM=", + "size": 253, + "type_name": "ECDH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDHE-RSA-AES256-GCM-SHA384" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BLspe3y+HbSvfTb3LESjU0w86X5kbp9rMnTG9AuITIBBbmEF2e/s+rnd/I0LglLnZJ01uVooaB8D0cYcS0B5UKw=", + "size": 256, + "type_name": "ECDH", + "x": "uyl7fL4dtK99NvcsRKNTTDzpfmRun2sydMb0C4hMgEE=", + "y": "bmEF2e/s+rnd/I0LglLnZJ01uVooaB8D0cYcS0B5UKw=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDHE-RSA-AES256-SHA384" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BGF9qG/DQcrc9OHGBVPD3lgzC15mmWrN5AUk7L+x4GPFT684Zl/wGst7tQIX5/mOBmBLwbl4aVpLIzSW1YU+18A=", + "size": 256, + "type_name": "ECDH", + "x": "YX2ob8NBytz04cYFU8PeWDMLXmaZas3kBSTsv7HgY8U=", + "y": "T684Zl/wGst7tQIX5/mOBmBLwbl4aVpLIzSW1YU+18A=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES256-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BE08C7xiyNZhOlpmRyoTWWkGzpN/FXBtkBHbFkLD00rD5ijJ2wiH4/SJdsTi6ntsZMHwMdmSXsnw4PlRbvqFii8=", + "size": 256, + "type_name": "ECDH", + "x": "TTwLvGLI1mE6WmZHKhNZaQbOk38VcG2QEdsWQsPTSsM=", + "y": "5ijJ2wiH4/SJdsTi6ntsZMHwMdmSXsnw4PlRbvqFii8=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDHE-RSA-AES128-GCM-SHA256" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BPQnevRwNXphTYd2CwJeeUnA7jjeOeV/cfwLCzhGtA3xRWFDNGIE0TbLwmQC11eBhjiJ1GV6aJh2Zm3Iak8uxx0=", + "size": 256, + "type_name": "ECDH", + "x": "9Cd69HA1emFNh3YLAl55ScDuON455X9x/AsLOEa0DfE=", + "y": "RWFDNGIE0TbLwmQC11eBhjiJ1GV6aJh2Zm3Iak8uxx0=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDHE-RSA-AES128-SHA256" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BLv/tReHKS5xtv5QmxRS2nvpte3cNsK6PoMOzpWSiVy9r3hNETz4FCe8FyQzfSwQLLCmetxFgYdFtWI6kAou+Xc=", + "size": 256, + "type_name": "ECDH", + "x": "u/+1F4cpLnG2/lCbFFLae+m17dw2wro+gw7OlZKJXL0=", + "y": "r3hNETz4FCe8FyQzfSwQLLCmetxFgYdFtWI6kAou+Xc=" + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-RSA-AES128-SHA" + }, + "ephemeral_key": { + "curve_name": "prime256v1", + "generator": null, + "prime": null, + "public_bytes": "BLMQ4XD+ZujfnKvIRSlQMPHLL2VwWm9psGyH3SZdC6aRkuaJVATP2vu3FIVeXaluzL/TOFCT7M4BicgEatmjT8s=", + "size": 256, + "type_name": "ECDH", + "x": "sxDhcP5m6N+cq8hFKVAw8csvZXBab2mwbIfdJl0LppE=", + "y": "kuaJVATP2vu3FIVeXaluzL/TOFCT7M4BicgEatmjT8s=" + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_SHA", + "openssl_name": "RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_RC4_128_MD5", + "openssl_name": "RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA256", + "openssl_name": "NULL-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_SHA", + "openssl_name": "NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_RSA_WITH_NULL_MD5", + "openssl_name": "NULL-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_IDEA_CBC_SHA", + "openssl_name": "IDEA-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_256_CCM_8", + "openssl_name": "AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CCM", + "openssl_name": "AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CCM_8", + "openssl_name": "AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CCM", + "openssl_name": "AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + "openssl_name": "EXP-RC2-CBC-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-DES-CBC-SHA" }, - "tls_fallback_scsv": { - "error_reason": null, - "error_trace": null, - "result": null, - "status": "NOT_SCHEDULED" + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_RC4_128_SHA", + "openssl_name": "AECDH-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 0, + "name": "TLS_ECDH_anon_WITH_NULL_SHA", + "openssl_name": "AECDH-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "AECDH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "AECDH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "AECDH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_RSA_WITH_NULL_SHA", + "openssl_name": "ECDH-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDH-RSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDH-RSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDH-RSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDH-RSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDH-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDH-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDH-ECDSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDH-ECDSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDH-ECDSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDH-ECDSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDH-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDH-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-RSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_RSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-RSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", + "openssl_name": "ECDHE-RSA-CAMELLIA256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "ECDHE-RSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ECDHE-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ECDHE-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "openssl_name": "ECDHE-ECDSA-RC4-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 0, + "name": "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "openssl_name": "ECDHE-ECDSA-NULL-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "ECDHE-ECDSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", + "openssl_name": "ECDHE-ECDSA-CAMELLIA256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "ECDHE-ECDSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "ECDHE-ECDSA-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "ECDHE-ECDSA-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "ECDHE-ECDSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", + "openssl_name": "ECDHE-ECDSA-AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", + "openssl_name": "ECDHE-ECDSA-AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", + "openssl_name": "ECDHE-ECDSA-AES256-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "ECDHE-ECDSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", + "openssl_name": "ECDHE-ECDSA-AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", + "openssl_name": "ECDHE-ECDSA-AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "ECDHE-ECDSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ECDHE-ECDSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_SEED_CBC_SHA", + "openssl_name": "ADH-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_RC4_128_MD5", + "openssl_name": "ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 56, + "name": "TLS_DH_anon_WITH_DES_CBC_SHA", + "openssl_name": "ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "ADH-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "ADH-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_GCM_SHA384", + "openssl_name": "ADH-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA256", + "openssl_name": "ADH-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 256, + "name": "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "openssl_name": "ADH-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_GCM_SHA256", + "openssl_name": "ADH-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA256", + "openssl_name": "ADH-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 128, + "name": "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "openssl_name": "ADH-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 168, + "name": "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "ADH-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + "openssl_name": "EXP-ADH-RC4-MD5" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": true, + "key_size": 40, + "name": "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-ADH-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DH-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_RSA_WITH_DES_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "DH-RSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "DH-RSA-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "DH-RSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "DH-RSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DH-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DH_DSS_WITH_DES_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DH-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", + "openssl_name": "DH-DSS-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", + "openssl_name": "DH-DSS-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DH-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", + "openssl_name": "DH-DSS-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", + "openssl_name": "DH-DSS-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DH-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-RSA-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_RSA_WITH_DES_CBC_SHA", + "openssl_name": "EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + "openssl_name": "DHE-RSA-CHACHA20-POLY1305" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-RSA-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "DHE-RSA-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "DHE-RSA-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", + "openssl_name": "DHE-RSA-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CCM_8", + "openssl_name": "DHE-RSA-AES256-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CCM", + "openssl_name": "DHE-RSA-AES256-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", + "openssl_name": "DHE-RSA-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-RSA-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", + "openssl_name": "DHE-RSA-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CCM_8", + "openssl_name": "DHE-RSA-AES128-CCM8" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CCM", + "openssl_name": "DHE-RSA-AES128-CCM" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", + "openssl_name": "DHE-RSA-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-RSA-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "DHE-RSA-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-RSA-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + "openssl_name": "DHE-DSS-SEED-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 56, + "name": "TLS_DHE_DSS_WITH_DES_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + "openssl_name": "DHE-DSS-CAMELLIA128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", + "openssl_name": "DHE-DSS-ARIA256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", + "openssl_name": "DHE-DSS-ARIA128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", + "openssl_name": "DHE-DSS-AES256-GCM-SHA384" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", + "openssl_name": "DHE-DSS-AES256-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + "openssl_name": "DHE-DSS-AES256-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", + "openssl_name": "DHE-DSS-AES128-GCM-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", + "openssl_name": "DHE-DSS-AES128-SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "openssl_name": "DHE-DSS-AES128-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 168, + "name": "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + "openssl_name": "EDH-DSS-DES-CBC3-SHA" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 40, + "name": "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "openssl_name": "EXP-EDH-DSS-DES-CBC-SHA" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_2" + }, + "status": "COMPLETED" + }, + "tls_1_3_cipher_suites": { + "error_reason": null, + "error_trace": null, + "result": { + "accepted_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_CHACHA20_POLY1305_SHA256", + "openssl_name": "TLS_CHACHA20_POLY1305_SHA256" + }, + "ephemeral_key": { + "curve_name": "X25519", + "generator": null, + "prime": null, + "public_bytes": "RvAIC+XwgKQ58oRGdsSH9H8Gp+IZ2VDGvEl+aHUZlhw=", + "size": 253, + "type_name": "ECDH", + "x": null, + "y": null + } + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 256, + "name": "TLS_AES_256_GCM_SHA384", + "openssl_name": "TLS_AES_256_GCM_SHA384" + }, + "ephemeral_key": { + "curve_name": "X25519", + "generator": null, + "prime": null, + "public_bytes": "kgN9wmQK1bNLXBVimvUOVibB/zu4B9NBiC69iPxhNFI=", + "size": 253, + "type_name": "ECDH", + "x": null, + "y": null } - }, - "scan_status": "COMPLETED", - "server_location": { - "connection_type": "DIRECT", - "hostname": "www.securecodebox.io", - "http_proxy_settings": null, - "ip_address": "185.199.110.153", - "port": 443 - }, - "uuid": "9c35921e-71de-4371-9cd4-69fd1854b2b6" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_GCM_SHA256", + "openssl_name": "TLS_AES_128_GCM_SHA256" + }, + "ephemeral_key": { + "curve_name": "X25519", + "generator": null, + "prime": null, + "public_bytes": "tcgk09F3j+/pIgAs0v7SjHGrCqit5LPW/GtltKyg7z4=", + "size": 253, + "type_name": "ECDH", + "x": null, + "y": null + } + } + ], + "is_tls_version_supported": true, + "rejected_cipher_suites": [ + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_CCM_SHA256", + "openssl_name": "TLS_AES_128_CCM_SHA256" + }, + "error_message": "TLS alert: handshake failure" + }, + { + "cipher_suite": { + "is_anonymous": false, + "key_size": 128, + "name": "TLS_AES_128_CCM_8_SHA256", + "openssl_name": "TLS_AES_128_CCM_8_SHA256" + }, + "error_message": "TLS alert: handshake failure" + } + ], + "tls_version_used": "TLS_1_3" + }, + "status": "COMPLETED" + }, + "tls_1_3_early_data": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" + }, + "tls_compression": { + "error_reason": null, + "error_trace": null, + "result": { + "supports_compression": false + }, + "status": "COMPLETED" + }, + "tls_fallback_scsv": { + "error_reason": null, + "error_trace": null, + "result": null, + "status": "NOT_SCHEDULED" } - ], - "sslyze_url": "https://github.com/nabla-c0d3/sslyze", - "sslyze_version": "5.0.0" -} \ No newline at end of file + }, + "scan_status": "COMPLETED", + "server_location": { + "connection_type": "DIRECT", + "hostname": "www.securecodebox.io", + "http_proxy_settings": null, + "ip_address": "185.199.110.153", + "port": 443 + }, + "uuid": "9c35921e-71de-4371-9cd4-69fd1854b2b6" + } + ], + "sslyze_url": "https://github.com/nabla-c0d3/sslyze", + "sslyze_version": "5.0.0" +} diff --git a/scanners/trivy/examples/filesystem/scan.yaml b/scanners/trivy/examples/filesystem/scan.yaml index 6c41b52bd2..f89d85031a 100644 --- a/scanners/trivy/examples/filesystem/scan.yaml +++ b/scanners/trivy/examples/filesystem/scan.yaml @@ -19,7 +19,7 @@ spec: initContainers: - name: "git-clone" image: bitnami/git - # Specify that the "repo" volume should also be mounted on the + # Specify that the "repo" volume should also be mounted on the # initContainer volumeMounts: - name: repo diff --git a/scanners/trivy/examples/image-juice-shop/findings.yaml b/scanners/trivy/examples/image-juice-shop/findings.yaml index 301a2e4b8c..00123d9a28 100644 --- a/scanners/trivy/examples/image-juice-shop/findings.yaml +++ b/scanners/trivy/examples/image-juice-shop/findings.yaml @@ -5,204 +5,226 @@ [ { "Target": "bkimminich/juice-shop:v10.2.0 (alpine 3.11.5)", - "Vulnerabilities": [ - { - "VulnerabilityID": "CVE-2020-1967", - "PkgName": "openssl", - "InstalledVersion": "1.1.1d-r3", - "FixedVersion": "1.1.1g-r0", - "Layer": { - "DiffID": "sha256:beee9f30bc1f711043e78d4a2be0668955d4b761d587d6f60c2c8dc081efb203" + "Vulnerabilities": + [ + { + "VulnerabilityID": "CVE-2020-1967", + "PkgName": "openssl", + "InstalledVersion": "1.1.1d-r3", + "FixedVersion": "1.1.1g-r0", + "Layer": + { + "DiffID": "sha256:beee9f30bc1f711043e78d4a2be0668955d4b761d587d6f60c2c8dc081efb203", + }, + "Title": "openssl: Segmentation fault in SSL_check_chain causes denial of service", + "Description": 'Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).', + "Severity": "HIGH", + "References": + [ + "http://www.openwall.com/lists/oss-security/2020/04/22/2", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=eb563247aef3e83dda7679c43f9649270462e5b1", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44440", + "https://lists.apache.org/thread.html/r66ea9c436da150683432db5fbc8beb8ae01886c6459ac30c2cea7345@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/r94d6ac3f010a38fccf4f432b12180a13fa1cf303559bd805648c9064@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/r9a41e304992ce6aec6585a87842b4f2e692604f5c892c37e3b0587ee@%3Cdev.tomcat.apache.org%3E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/", + "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:11.openssl.asc", + "https://security.gentoo.org/glsa/202004-10", + "https://security.netapp.com/advisory/ntap-20200424-0003/", + "https://www.debian.org/security/2020/dsa-4661", + "https://www.openssl.org/news/secadv/20200421.txt", + "https://www.synology.com/security/advisory/Synology_SA_20_05_OpenSSL", + ], }, - "Title": "openssl: Segmentation fault in SSL_check_chain causes denial of service", - "Description": "Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the \"signature_algorithms_cert\" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).", - "Severity": "HIGH", - "References": [ - "http://www.openwall.com/lists/oss-security/2020/04/22/2", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=eb563247aef3e83dda7679c43f9649270462e5b1", - "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44440", - "https://lists.apache.org/thread.html/r66ea9c436da150683432db5fbc8beb8ae01886c6459ac30c2cea7345@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/r94d6ac3f010a38fccf4f432b12180a13fa1cf303559bd805648c9064@%3Cdev.tomcat.apache.org%3E", - "https://lists.apache.org/thread.html/r9a41e304992ce6aec6585a87842b4f2e692604f5c892c37e3b0587ee@%3Cdev.tomcat.apache.org%3E", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/", - "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:11.openssl.asc", - "https://security.gentoo.org/glsa/202004-10", - "https://security.netapp.com/advisory/ntap-20200424-0003/", - "https://www.debian.org/security/2020/dsa-4661", - "https://www.openssl.org/news/secadv/20200421.txt", - "https://www.synology.com/security/advisory/Synology_SA_20_05_OpenSSL" - ] - } - ] + ], }, { "Target": "juice-shop/frontend/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "juice-shop/package-lock.json", - "Vulnerabilities": [ - { - "VulnerabilityID": "NSWG-ECO-428", - "PkgName": "base64url", - "InstalledVersion": "0.0.6", - "FixedVersion": "\u003e=3.0.0", - "Layer": { - "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3" + "Vulnerabilities": + [ + { + "VulnerabilityID": "NSWG-ECO-428", + "PkgName": "base64url", + "InstalledVersion": "0.0.6", + "FixedVersion": "\u003e=3.0.0", + "Layer": + { + "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3", + }, + "Title": "Out-of-bounds Read", + "Description": "`base64url` allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below", + "Severity": "HIGH", + "References": + [ + "https://github.com/brianloveswords/base64url/pull/25", + "https://hackerone.com/reports/321687", + ], }, - "Title": "Out-of-bounds Read", - "Description": "`base64url` allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below", - "Severity": "HIGH", - "References": [ - "https://github.com/brianloveswords/base64url/pull/25", - "https://hackerone.com/reports/321687" - ] - }, - { - "VulnerabilityID": "NSWG-ECO-17", - "PkgName": "jsonwebtoken", - "InstalledVersion": "0.1.0", - "FixedVersion": "\u003e=4.2.2", - "Layer": { - "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3" + { + "VulnerabilityID": "NSWG-ECO-17", + "PkgName": "jsonwebtoken", + "InstalledVersion": "0.1.0", + "FixedVersion": "\u003e=4.2.2", + "Layer": + { + "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3", + }, + "Title": "Verification Bypass", + "Description": 'It is possible for an attacker to bypass verification when "a token digitally signed with an asymetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family)" [1]', + "Severity": "HIGH", + "References": + [ + "https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/", + "https://github.com/auth0/node-jsonwebtoken/commit/1bb584bc382295eeb7ee8c4452a673a77a68b687", + "https://www.timmclean.net/2015/02/25/jwt-alg-none.html", + ], }, - "Title": "Verification Bypass", - "Description": "It is possible for an attacker to bypass verification when \"a token digitally signed with an asymetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family)\" [1]", - "Severity": "HIGH", - "References": [ - "https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/", - "https://github.com/auth0/node-jsonwebtoken/commit/1bb584bc382295eeb7ee8c4452a673a77a68b687", - "https://www.timmclean.net/2015/02/25/jwt-alg-none.html" - ] - }, - { - "VulnerabilityID": "NSWG-ECO-17", - "PkgName": "jsonwebtoken", - "InstalledVersion": "0.4.0", - "FixedVersion": "\u003e=4.2.2", - "Layer": { - "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3" + { + "VulnerabilityID": "NSWG-ECO-17", + "PkgName": "jsonwebtoken", + "InstalledVersion": "0.4.0", + "FixedVersion": "\u003e=4.2.2", + "Layer": + { + "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3", + }, + "Title": "Verification Bypass", + "Description": 'It is possible for an attacker to bypass verification when "a token digitally signed with an asymetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family)" [1]', + "Severity": "HIGH", + "References": + [ + "https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/", + "https://github.com/auth0/node-jsonwebtoken/commit/1bb584bc382295eeb7ee8c4452a673a77a68b687", + "https://www.timmclean.net/2015/02/25/jwt-alg-none.html", + ], }, - "Title": "Verification Bypass", - "Description": "It is possible for an attacker to bypass verification when \"a token digitally signed with an asymetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family)\" [1]", - "Severity": "HIGH", - "References": [ - "https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/", - "https://github.com/auth0/node-jsonwebtoken/commit/1bb584bc382295eeb7ee8c4452a673a77a68b687", - "https://www.timmclean.net/2015/02/25/jwt-alg-none.html" - ] - }, - { - "VulnerabilityID": "CVE-2016-1000223", - "PkgName": "jws", - "InstalledVersion": "0.2.6", - "FixedVersion": "\u003e=3.0.0", - "Layer": { - "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3" + { + "VulnerabilityID": "CVE-2016-1000223", + "PkgName": "jws", + "InstalledVersion": "0.2.6", + "FixedVersion": "\u003e=3.0.0", + "Layer": + { + "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3", + }, + "Title": "Forgeable Public/Private Tokens", + "Description": "Since \"algorithm\" isn't enforced in `jws.verify()`, a malicious user could choose what algorithm is sent to the server. If the server is expecting RSA but is sent HMAC-SHA with RSA's public key, the server will think the public key is actually an HMAC private key. This could be used to forge any data an attacker wants.\n\nIn addition, there is the `none` algorithm to be concerned about. In versions prior to 3.0.0, verification of the token could be bypassed when the `alg` field is set to `none`.\n\n*Edit ( 7/29/16 ): A previous version of this advisory incorrectly stated that the vulnerability was patched in version 2.0.0 instead of 3.0.0. The advisory has been updated to reflect this new information. Thanks to Fabien Catteau for reporting the error.*", + "Severity": "HIGH", + "References": + [ + "https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/", + "https://github.com/brianloveswords/node-jws/commit/585d0e1e97b6747c10cf5b7689ccc5618a89b299#diff-4ac32a78649ca5bdd8e0ba38b7006a1e", + ], }, - "Title": "Forgeable Public/Private Tokens", - "Description": "Since \"algorithm\" isn't enforced in `jws.verify()`, a malicious user could choose what algorithm is sent to the server. If the server is expecting RSA but is sent HMAC-SHA with RSA's public key, the server will think the public key is actually an HMAC private key. This could be used to forge any data an attacker wants.\n\nIn addition, there is the `none` algorithm to be concerned about. In versions prior to 3.0.0, verification of the token could be bypassed when the `alg` field is set to `none`.\n\n*Edit ( 7/29/16 ): A previous version of this advisory incorrectly stated that the vulnerability was patched in version 2.0.0 instead of 3.0.0. The advisory has been updated to reflect this new information. Thanks to Fabien Catteau for reporting the error.*", - "Severity": "HIGH", - "References": [ - "https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/", - "https://github.com/brianloveswords/node-jws/commit/585d0e1e97b6747c10cf5b7689ccc5618a89b299#diff-4ac32a78649ca5bdd8e0ba38b7006a1e" - ] - }, - { - "VulnerabilityID": "CVE-2018-16487", - "PkgName": "lodash", - "InstalledVersion": "2.4.2", - "FixedVersion": "\u003e=4.17.11", - "Layer": { - "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3" + { + "VulnerabilityID": "CVE-2018-16487", + "PkgName": "lodash", + "InstalledVersion": "2.4.2", + "FixedVersion": "\u003e=4.17.11", + "Layer": + { + "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3", + }, + "Title": "lodash: Prototype pollution in utilities function", + "Description": "A prototype pollution vulnerability was found in lodash \u003c4.17.11 where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype.", + "Severity": "HIGH", + "References": + [ + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16487", + "https://hackerone.com/reports/380873", + "https://security.netapp.com/advisory/ntap-20190919-0004/", + "https://www.npmjs.com/advisories/782", + ], }, - "Title": "lodash: Prototype pollution in utilities function", - "Description": "A prototype pollution vulnerability was found in lodash \u003c4.17.11 where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype.", - "Severity": "HIGH", - "References": [ - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16487", - "https://hackerone.com/reports/380873", - "https://security.netapp.com/advisory/ntap-20190919-0004/", - "https://www.npmjs.com/advisories/782" - ] - }, - { - "VulnerabilityID": "CVE-2018-3721", - "PkgName": "lodash", - "InstalledVersion": "2.4.2", - "FixedVersion": "\u003e=4.17.5", - "Layer": { - "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3" + { + "VulnerabilityID": "CVE-2018-3721", + "PkgName": "lodash", + "InstalledVersion": "2.4.2", + "FixedVersion": "\u003e=4.17.5", + "Layer": + { + "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3", + }, + "Title": "lodash: Prototype pollution in utilities function", + "Description": 'lodash node module before 4.17.5 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via defaultsDeep, merge, and mergeWith functions, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects.', + "Severity": "MEDIUM", + "References": + [ + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3721", + "https://github.com/lodash/lodash/commit/d8e069cc3410082e44eb18fcf8e7f3d08ebe1d4a", + "https://hackerone.com/reports/310443", + "https://security.netapp.com/advisory/ntap-20190919-0004/", + ], }, - "Title": "lodash: Prototype pollution in utilities function", - "Description": "lodash node module before 4.17.5 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via defaultsDeep, merge, and mergeWith functions, which allows a malicious user to modify the prototype of \"Object\" via __proto__, causing the addition or modification of an existing property that will exist on all objects.", - "Severity": "MEDIUM", - "References": [ - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3721", - "https://github.com/lodash/lodash/commit/d8e069cc3410082e44eb18fcf8e7f3d08ebe1d4a", - "https://hackerone.com/reports/310443", - "https://security.netapp.com/advisory/ntap-20190919-0004/" - ] - }, - { - "VulnerabilityID": "CVE-2016-4055", - "PkgName": "moment", - "InstalledVersion": "2.0.0", - "FixedVersion": "\u003e=2.11.2", - "Layer": { - "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3" + { + "VulnerabilityID": "CVE-2016-4055", + "PkgName": "moment", + "InstalledVersion": "2.0.0", + "FixedVersion": "\u003e=2.11.2", + "Layer": + { + "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3", + }, + "Title": "moment.js: regular expression denial of service", + "Description": 'The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of Service (ReDoS)."', + "Severity": "HIGH", + "References": + [ + "http://www.openwall.com/lists/oss-security/2016/04/20/11", + "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", + "http://www.securityfocus.com/bid/95849", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4055", + "https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731@%3Cdev.flink.apache.org%3E", + "https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49@%3Cuser.flink.apache.org%3E", + "https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2@%3Cuser.flink.apache.org%3E", + "https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854@%3Cuser.flink.apache.org%3E", + "https://nodesecurity.io/advisories/55", + "https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS", + "https://www.tenable.com/security/tns-2019-02", + ], }, - "Title": "moment.js: regular expression denial of service", - "Description": "The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a \"regular expression Denial of Service (ReDoS).\"", - "Severity": "HIGH", - "References": [ - "http://www.openwall.com/lists/oss-security/2016/04/20/11", - "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", - "http://www.securityfocus.com/bid/95849", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4055", - "https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731@%3Cdev.flink.apache.org%3E", - "https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49@%3Cuser.flink.apache.org%3E", - "https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2@%3Cuser.flink.apache.org%3E", - "https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854@%3Cuser.flink.apache.org%3E", - "https://nodesecurity.io/advisories/55", - "https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS", - "https://www.tenable.com/security/tns-2019-02" - ] - }, - { - "VulnerabilityID": "CVE-2016-1000237", - "PkgName": "sanitize-html", - "InstalledVersion": "1.4.2", - "FixedVersion": "\u003e=1.4.3", - "Layer": { - "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3" + { + "VulnerabilityID": "CVE-2016-1000237", + "PkgName": "sanitize-html", + "InstalledVersion": "1.4.2", + "FixedVersion": "\u003e=1.4.3", + "Layer": + { + "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3", + }, + "Title": "XSS - Sanitization not applied recursively", + "Description": "sanitize-html before 1.4.3 has XSS.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/punkave/sanitize-html/issues/29", + "https://nodesecurity.io/advisories/135", + "https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000237.json", + ], }, - "Title": "XSS - Sanitization not applied recursively", - "Description": "sanitize-html before 1.4.3 has XSS.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/punkave/sanitize-html/issues/29", - "https://nodesecurity.io/advisories/135", - "https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000237.json" - ] - }, - { - "VulnerabilityID": "NSWG-ECO-154", - "PkgName": "sanitize-html", - "InstalledVersion": "1.4.2", - "FixedVersion": "\u003e=1.11.4", - "Layer": { - "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3" + { + "VulnerabilityID": "NSWG-ECO-154", + "PkgName": "sanitize-html", + "InstalledVersion": "1.4.2", + "FixedVersion": "\u003e=1.11.4", + "Layer": + { + "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3", + }, + "Title": "Cross Site Scripting", + "Description": "Sanitize-html is a library for scrubbing html input of malicious values.\n\nVersions 1.11.1 and below are vulnerable to cross site scripting (XSS) in certain scenarios:\n\nIf allowed at least one nonTextTags, the result is a potential XSS vulnerability.\nPoC:\n\n```\nvar sanitizeHtml = require('sanitize-html');\n\nvar dirty = '!\u003ctextarea\u003e\u0026lt;/textarea\u0026gt;\u003csvg/onload=prompt`xs`\u0026gt;\u003c/textarea\u003e!';\nvar clean = sanitizeHtml(dirty, {\n allowedTags: [ 'textarea' ]\n});\n\nconsole.log(clean);\n\n// !\u003ctextarea\u003e\u003c/textarea\u003e\u003csvg/onload=prompt`xs`\u003e\u003c/textarea\u003e!\n```", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/punkave/sanitize-html/commit/5d205a1005ba0df80e21d8c64a15bb3accdb2403", + "https://github.com/punkave/sanitize-html/issues/100", + ], }, - "Title": "Cross Site Scripting", - "Description": "Sanitize-html is a library for scrubbing html input of malicious values.\n\nVersions 1.11.1 and below are vulnerable to cross site scripting (XSS) in certain scenarios:\n\nIf allowed at least one nonTextTags, the result is a potential XSS vulnerability.\nPoC:\n\n```\nvar sanitizeHtml = require('sanitize-html');\n\nvar dirty = '!\u003ctextarea\u003e\u0026lt;/textarea\u0026gt;\u003csvg/onload=prompt`xs`\u0026gt;\u003c/textarea\u003e!';\nvar clean = sanitizeHtml(dirty, {\n allowedTags: [ 'textarea' ]\n});\n\nconsole.log(clean);\n\n// !\u003ctextarea\u003e\u003c/textarea\u003e\u003csvg/onload=prompt`xs`\u003e\u003c/textarea\u003e!\n```", - "Severity": "MEDIUM", - "References": [ - "https://github.com/punkave/sanitize-html/commit/5d205a1005ba0df80e21d8c64a15bb3accdb2403", - "https://github.com/punkave/sanitize-html/issues/100" - ] - } - ] - } + ], + }, ] diff --git a/scanners/trivy/examples/image-mediawiki/findings.yaml b/scanners/trivy/examples/image-mediawiki/findings.yaml index 3a500bfce3..4662e1ad9d 100644 --- a/scanners/trivy/examples/image-mediawiki/findings.yaml +++ b/scanners/trivy/examples/image-mediawiki/findings.yaml @@ -5,16083 +5,17666 @@ [ { "Target": "mediawiki:stable (debian 10.3)", - "Vulnerabilities": [ - { - "VulnerabilityID": "CVE-2007-0086", - "PkgName": "apache2", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "** DISPUTED ** The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal.", - "Severity": "HIGH", - "References": [ - "http://osvdb.org/33456", - "http://www.securityfocus.com/archive/1/455833/100/0/threaded", - "http://www.securityfocus.com/archive/1/455879/100/0/threaded", - "http://www.securityfocus.com/archive/1/455882/100/0/threaded", - "http://www.securityfocus.com/archive/1/455920/100/0/threaded" - ] - }, - { - "VulnerabilityID": "CVE-2003-1307", - "PkgName": "apache2", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying \"The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP.\"", - "Severity": "MEDIUM", - "References": [ - "http://bugs.php.net/38915", - "http://hackerdom.ru/~dimmo/phpexpl.c", - "http://www.securityfocus.com/archive/1/348368", - "http://www.securityfocus.com/archive/1/449234/100/0/threaded", - "http://www.securityfocus.com/archive/1/449298/100/0/threaded", - "http://www.securityfocus.com/bid/9302" - ] - }, - { - "VulnerabilityID": "CVE-2003-1580", - "PkgName": "apache2", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an \"Inverse Lookup Log Corruption (ILLC)\" issue.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/archive/1/313867" - ] - }, - { - "VulnerabilityID": "CVE-2007-1743", - "PkgName": "apache2", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because \"the attacks described rely on an insecure server configuration\" in which the user \"has write access to the document root.\" In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.", - "Severity": "MEDIUM", - "References": [ - "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511", - "http://marc.info/?l=apache-httpd-dev\u0026m=117511568709063\u0026w=2", - "http://marc.info/?l=apache-httpd-dev\u0026m=117511834512138\u0026w=2", - "http://www.securitytracker.com/id?1017904" - ] - }, - { - "VulnerabilityID": "CVE-2007-3303", - "PkgName": "apache2", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.", - "Severity": "MEDIUM", - "References": [ - "http://osvdb.org/37050", - "http://security.psnc.pl/files/apache_report.pdf", - "http://securityreason.com/securityalert/2814", - "http://www.securityfocus.com/archive/1/469899/100/0/threaded", - "http://www.securityfocus.com/archive/1/471832/100/0/threaded", - "http://www.securityfocus.com/bid/24215" - ] - }, - { - "VulnerabilityID": "CVE-2008-0455", - "PkgName": "apache2", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "CVE-2012-2687 CVE-2008-0455 httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled", - "Description": "Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) \"406 Not Acceptable\" or (2) \"300 Multiple Choices\" HTTP response when the extension is omitted in a request for the file.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2008-0455.html", - "http://linux.oracle.com/errata/ELSA-2013-0512.html", - "http://rhn.redhat.com/errata/RHSA-2012-1591.html", - "http://rhn.redhat.com/errata/RHSA-2012-1592.html", - "http://rhn.redhat.com/errata/RHSA-2012-1594.html", - "http://rhn.redhat.com/errata/RHSA-2013-0130.html", - "http://secunia.com/advisories/29348", - "http://secunia.com/advisories/51607", - "http://security.gentoo.org/glsa/glsa-200803-19.xml", - "http://securityreason.com/securityalert/3575", - "http://securitytracker.com/id?1019256", - "http://www.mindedsecurity.com/MSA01150108.html", - "http://www.securityfocus.com/archive/1/486847/100/0/threaded", - "http://www.securityfocus.com/bid/27409", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/39867" - ] - }, - { - "VulnerabilityID": "CVE-2020-1927", - "PkgName": "apache2", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "httpd: mod_rewrite configurations vulnerable to open redirect", - "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.", - "Severity": "MEDIUM", - "References": [ - "http://www.openwall.com/lists/oss-security/2020/04/03/1", - "http://www.openwall.com/lists/oss-security/2020/04/04/1", - "https://httpd.apache.org/security/vulnerabilities_24.html", - "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", - "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E" - ] - }, - { - "VulnerabilityID": "CVE-2020-1934", - "PkgName": "apache2", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "httpd: mod_proxy_ftp use of uninitialized value", - "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.", - "Severity": "MEDIUM", - "References": [ - "https://httpd.apache.org/security/vulnerabilities_24.html", - "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", - "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E", - "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210@%3Ccvs.httpd.apache.org%3E", - "https://security.netapp.com/advisory/ntap-20200413-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2001-1534", - "PkgName": "apache2", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.", - "Severity": "LOW", - "References": [ - "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html", - "http://www.iss.net/security_center/static/7494.php", - "http://www.securityfocus.com/bid/3521" - ] - }, - { - "VulnerabilityID": "CVE-2003-1581", - "PkgName": "apache2", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "httpd: Injection of arbitrary text into log files when DNS resolution is enabled", - "Description": "The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an \"Inverse Lookup Log Corruption (ILLC)\" issue.", - "Severity": "LOW", - "References": [ - "http://www.securityfocus.com/archive/1/313867" - ] - }, - { - "VulnerabilityID": "CVE-2008-0456", - "PkgName": "apache2", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enabled", - "Description": "CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) \"406 Not Acceptable\" or (2) \"300 Multiple Choices\" HTTP response when the extension is omitted in a request for the file.", - "Severity": "LOW", - "References": [ - "http://linux.oracle.com/cve/CVE-2008-0456.html", - "http://linux.oracle.com/errata/ELSA-2013-0130.html", - "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", - "http://rhn.redhat.com/errata/RHSA-2013-0130.html", - "http://secunia.com/advisories/29348", - "http://secunia.com/advisories/35074", - "http://security.gentoo.org/glsa/glsa-200803-19.xml", - "http://securityreason.com/securityalert/3575", - "http://securitytracker.com/id?1019256", - "http://support.apple.com/kb/HT3549", - "http://www.mindedsecurity.com/MSA01150108.html", - "http://www.securityfocus.com/archive/1/486847/100/0/threaded", - "http://www.securityfocus.com/bid/27409", - "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", - "http://www.vupen.com/english/advisories/2009/1297", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/39893", - "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E", - "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E" - ] - }, - { - "VulnerabilityID": "CVE-2007-0086", - "PkgName": "apache2-bin", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "** DISPUTED ** The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal.", - "Severity": "HIGH", - "References": [ - "http://osvdb.org/33456", - "http://www.securityfocus.com/archive/1/455833/100/0/threaded", - "http://www.securityfocus.com/archive/1/455879/100/0/threaded", - "http://www.securityfocus.com/archive/1/455882/100/0/threaded", - "http://www.securityfocus.com/archive/1/455920/100/0/threaded" - ] - }, - { - "VulnerabilityID": "CVE-2003-1307", - "PkgName": "apache2-bin", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying \"The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP.\"", - "Severity": "MEDIUM", - "References": [ - "http://bugs.php.net/38915", - "http://hackerdom.ru/~dimmo/phpexpl.c", - "http://www.securityfocus.com/archive/1/348368", - "http://www.securityfocus.com/archive/1/449234/100/0/threaded", - "http://www.securityfocus.com/archive/1/449298/100/0/threaded", - "http://www.securityfocus.com/bid/9302" - ] - }, - { - "VulnerabilityID": "CVE-2003-1580", - "PkgName": "apache2-bin", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an \"Inverse Lookup Log Corruption (ILLC)\" issue.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/archive/1/313867" - ] - }, - { - "VulnerabilityID": "CVE-2007-1743", - "PkgName": "apache2-bin", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because \"the attacks described rely on an insecure server configuration\" in which the user \"has write access to the document root.\" In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.", - "Severity": "MEDIUM", - "References": [ - "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511", - "http://marc.info/?l=apache-httpd-dev\u0026m=117511568709063\u0026w=2", - "http://marc.info/?l=apache-httpd-dev\u0026m=117511834512138\u0026w=2", - "http://www.securitytracker.com/id?1017904" - ] - }, - { - "VulnerabilityID": "CVE-2007-3303", - "PkgName": "apache2-bin", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.", - "Severity": "MEDIUM", - "References": [ - "http://osvdb.org/37050", - "http://security.psnc.pl/files/apache_report.pdf", - "http://securityreason.com/securityalert/2814", - "http://www.securityfocus.com/archive/1/469899/100/0/threaded", - "http://www.securityfocus.com/archive/1/471832/100/0/threaded", - "http://www.securityfocus.com/bid/24215" - ] - }, - { - "VulnerabilityID": "CVE-2008-0455", - "PkgName": "apache2-bin", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "CVE-2012-2687 CVE-2008-0455 httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled", - "Description": "Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) \"406 Not Acceptable\" or (2) \"300 Multiple Choices\" HTTP response when the extension is omitted in a request for the file.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2008-0455.html", - "http://linux.oracle.com/errata/ELSA-2013-0512.html", - "http://rhn.redhat.com/errata/RHSA-2012-1591.html", - "http://rhn.redhat.com/errata/RHSA-2012-1592.html", - "http://rhn.redhat.com/errata/RHSA-2012-1594.html", - "http://rhn.redhat.com/errata/RHSA-2013-0130.html", - "http://secunia.com/advisories/29348", - "http://secunia.com/advisories/51607", - "http://security.gentoo.org/glsa/glsa-200803-19.xml", - "http://securityreason.com/securityalert/3575", - "http://securitytracker.com/id?1019256", - "http://www.mindedsecurity.com/MSA01150108.html", - "http://www.securityfocus.com/archive/1/486847/100/0/threaded", - "http://www.securityfocus.com/bid/27409", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/39867" - ] - }, - { - "VulnerabilityID": "CVE-2020-1927", - "PkgName": "apache2-bin", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "httpd: mod_rewrite configurations vulnerable to open redirect", - "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.", - "Severity": "MEDIUM", - "References": [ - "http://www.openwall.com/lists/oss-security/2020/04/03/1", - "http://www.openwall.com/lists/oss-security/2020/04/04/1", - "https://httpd.apache.org/security/vulnerabilities_24.html", - "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", - "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E" - ] - }, - { - "VulnerabilityID": "CVE-2020-1934", - "PkgName": "apache2-bin", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "httpd: mod_proxy_ftp use of uninitialized value", - "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.", - "Severity": "MEDIUM", - "References": [ - "https://httpd.apache.org/security/vulnerabilities_24.html", - "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", - "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E", - "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210@%3Ccvs.httpd.apache.org%3E", - "https://security.netapp.com/advisory/ntap-20200413-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2001-1534", - "PkgName": "apache2-bin", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.", - "Severity": "LOW", - "References": [ - "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html", - "http://www.iss.net/security_center/static/7494.php", - "http://www.securityfocus.com/bid/3521" - ] - }, - { - "VulnerabilityID": "CVE-2003-1581", - "PkgName": "apache2-bin", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "httpd: Injection of arbitrary text into log files when DNS resolution is enabled", - "Description": "The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an \"Inverse Lookup Log Corruption (ILLC)\" issue.", - "Severity": "LOW", - "References": [ - "http://www.securityfocus.com/archive/1/313867" - ] - }, - { - "VulnerabilityID": "CVE-2008-0456", - "PkgName": "apache2-bin", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enabled", - "Description": "CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) \"406 Not Acceptable\" or (2) \"300 Multiple Choices\" HTTP response when the extension is omitted in a request for the file.", - "Severity": "LOW", - "References": [ - "http://linux.oracle.com/cve/CVE-2008-0456.html", - "http://linux.oracle.com/errata/ELSA-2013-0130.html", - "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", - "http://rhn.redhat.com/errata/RHSA-2013-0130.html", - "http://secunia.com/advisories/29348", - "http://secunia.com/advisories/35074", - "http://security.gentoo.org/glsa/glsa-200803-19.xml", - "http://securityreason.com/securityalert/3575", - "http://securitytracker.com/id?1019256", - "http://support.apple.com/kb/HT3549", - "http://www.mindedsecurity.com/MSA01150108.html", - "http://www.securityfocus.com/archive/1/486847/100/0/threaded", - "http://www.securityfocus.com/bid/27409", - "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", - "http://www.vupen.com/english/advisories/2009/1297", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/39893", - "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E", - "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E" - ] - }, - { - "VulnerabilityID": "CVE-2007-0086", - "PkgName": "apache2-data", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "** DISPUTED ** The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal.", - "Severity": "HIGH", - "References": [ - "http://osvdb.org/33456", - "http://www.securityfocus.com/archive/1/455833/100/0/threaded", - "http://www.securityfocus.com/archive/1/455879/100/0/threaded", - "http://www.securityfocus.com/archive/1/455882/100/0/threaded", - "http://www.securityfocus.com/archive/1/455920/100/0/threaded" - ] - }, - { - "VulnerabilityID": "CVE-2003-1307", - "PkgName": "apache2-data", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying \"The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP.\"", - "Severity": "MEDIUM", - "References": [ - "http://bugs.php.net/38915", - "http://hackerdom.ru/~dimmo/phpexpl.c", - "http://www.securityfocus.com/archive/1/348368", - "http://www.securityfocus.com/archive/1/449234/100/0/threaded", - "http://www.securityfocus.com/archive/1/449298/100/0/threaded", - "http://www.securityfocus.com/bid/9302" - ] - }, - { - "VulnerabilityID": "CVE-2003-1580", - "PkgName": "apache2-data", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an \"Inverse Lookup Log Corruption (ILLC)\" issue.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/archive/1/313867" - ] - }, - { - "VulnerabilityID": "CVE-2007-1743", - "PkgName": "apache2-data", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because \"the attacks described rely on an insecure server configuration\" in which the user \"has write access to the document root.\" In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.", - "Severity": "MEDIUM", - "References": [ - "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511", - "http://marc.info/?l=apache-httpd-dev\u0026m=117511568709063\u0026w=2", - "http://marc.info/?l=apache-httpd-dev\u0026m=117511834512138\u0026w=2", - "http://www.securitytracker.com/id?1017904" - ] - }, - { - "VulnerabilityID": "CVE-2007-3303", - "PkgName": "apache2-data", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.", - "Severity": "MEDIUM", - "References": [ - "http://osvdb.org/37050", - "http://security.psnc.pl/files/apache_report.pdf", - "http://securityreason.com/securityalert/2814", - "http://www.securityfocus.com/archive/1/469899/100/0/threaded", - "http://www.securityfocus.com/archive/1/471832/100/0/threaded", - "http://www.securityfocus.com/bid/24215" - ] - }, - { - "VulnerabilityID": "CVE-2008-0455", - "PkgName": "apache2-data", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "CVE-2012-2687 CVE-2008-0455 httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled", - "Description": "Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) \"406 Not Acceptable\" or (2) \"300 Multiple Choices\" HTTP response when the extension is omitted in a request for the file.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2008-0455.html", - "http://linux.oracle.com/errata/ELSA-2013-0512.html", - "http://rhn.redhat.com/errata/RHSA-2012-1591.html", - "http://rhn.redhat.com/errata/RHSA-2012-1592.html", - "http://rhn.redhat.com/errata/RHSA-2012-1594.html", - "http://rhn.redhat.com/errata/RHSA-2013-0130.html", - "http://secunia.com/advisories/29348", - "http://secunia.com/advisories/51607", - "http://security.gentoo.org/glsa/glsa-200803-19.xml", - "http://securityreason.com/securityalert/3575", - "http://securitytracker.com/id?1019256", - "http://www.mindedsecurity.com/MSA01150108.html", - "http://www.securityfocus.com/archive/1/486847/100/0/threaded", - "http://www.securityfocus.com/bid/27409", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/39867" - ] - }, - { - "VulnerabilityID": "CVE-2020-1927", - "PkgName": "apache2-data", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "httpd: mod_rewrite configurations vulnerable to open redirect", - "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.", - "Severity": "MEDIUM", - "References": [ - "http://www.openwall.com/lists/oss-security/2020/04/03/1", - "http://www.openwall.com/lists/oss-security/2020/04/04/1", - "https://httpd.apache.org/security/vulnerabilities_24.html", - "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", - "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E" - ] - }, - { - "VulnerabilityID": "CVE-2020-1934", - "PkgName": "apache2-data", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "httpd: mod_proxy_ftp use of uninitialized value", - "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.", - "Severity": "MEDIUM", - "References": [ - "https://httpd.apache.org/security/vulnerabilities_24.html", - "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", - "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E", - "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210@%3Ccvs.httpd.apache.org%3E", - "https://security.netapp.com/advisory/ntap-20200413-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2001-1534", - "PkgName": "apache2-data", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.", - "Severity": "LOW", - "References": [ - "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html", - "http://www.iss.net/security_center/static/7494.php", - "http://www.securityfocus.com/bid/3521" - ] - }, - { - "VulnerabilityID": "CVE-2003-1581", - "PkgName": "apache2-data", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "httpd: Injection of arbitrary text into log files when DNS resolution is enabled", - "Description": "The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an \"Inverse Lookup Log Corruption (ILLC)\" issue.", - "Severity": "LOW", - "References": [ - "http://www.securityfocus.com/archive/1/313867" - ] - }, - { - "VulnerabilityID": "CVE-2008-0456", - "PkgName": "apache2-data", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enabled", - "Description": "CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) \"406 Not Acceptable\" or (2) \"300 Multiple Choices\" HTTP response when the extension is omitted in a request for the file.", - "Severity": "LOW", - "References": [ - "http://linux.oracle.com/cve/CVE-2008-0456.html", - "http://linux.oracle.com/errata/ELSA-2013-0130.html", - "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", - "http://rhn.redhat.com/errata/RHSA-2013-0130.html", - "http://secunia.com/advisories/29348", - "http://secunia.com/advisories/35074", - "http://security.gentoo.org/glsa/glsa-200803-19.xml", - "http://securityreason.com/securityalert/3575", - "http://securitytracker.com/id?1019256", - "http://support.apple.com/kb/HT3549", - "http://www.mindedsecurity.com/MSA01150108.html", - "http://www.securityfocus.com/archive/1/486847/100/0/threaded", - "http://www.securityfocus.com/bid/27409", - "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", - "http://www.vupen.com/english/advisories/2009/1297", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/39893", - "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E", - "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E" - ] - }, - { - "VulnerabilityID": "CVE-2007-0086", - "PkgName": "apache2-utils", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "** DISPUTED ** The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal.", - "Severity": "HIGH", - "References": [ - "http://osvdb.org/33456", - "http://www.securityfocus.com/archive/1/455833/100/0/threaded", - "http://www.securityfocus.com/archive/1/455879/100/0/threaded", - "http://www.securityfocus.com/archive/1/455882/100/0/threaded", - "http://www.securityfocus.com/archive/1/455920/100/0/threaded" - ] - }, - { - "VulnerabilityID": "CVE-2003-1307", - "PkgName": "apache2-utils", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying \"The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP.\"", - "Severity": "MEDIUM", - "References": [ - "http://bugs.php.net/38915", - "http://hackerdom.ru/~dimmo/phpexpl.c", - "http://www.securityfocus.com/archive/1/348368", - "http://www.securityfocus.com/archive/1/449234/100/0/threaded", - "http://www.securityfocus.com/archive/1/449298/100/0/threaded", - "http://www.securityfocus.com/bid/9302" - ] - }, - { - "VulnerabilityID": "CVE-2003-1580", - "PkgName": "apache2-utils", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an \"Inverse Lookup Log Corruption (ILLC)\" issue.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/archive/1/313867" - ] - }, - { - "VulnerabilityID": "CVE-2007-1743", - "PkgName": "apache2-utils", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because \"the attacks described rely on an insecure server configuration\" in which the user \"has write access to the document root.\" In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.", - "Severity": "MEDIUM", - "References": [ - "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511", - "http://marc.info/?l=apache-httpd-dev\u0026m=117511568709063\u0026w=2", - "http://marc.info/?l=apache-httpd-dev\u0026m=117511834512138\u0026w=2", - "http://www.securitytracker.com/id?1017904" - ] - }, - { - "VulnerabilityID": "CVE-2007-3303", - "PkgName": "apache2-utils", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.", - "Severity": "MEDIUM", - "References": [ - "http://osvdb.org/37050", - "http://security.psnc.pl/files/apache_report.pdf", - "http://securityreason.com/securityalert/2814", - "http://www.securityfocus.com/archive/1/469899/100/0/threaded", - "http://www.securityfocus.com/archive/1/471832/100/0/threaded", - "http://www.securityfocus.com/bid/24215" - ] - }, - { - "VulnerabilityID": "CVE-2008-0455", - "PkgName": "apache2-utils", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "CVE-2012-2687 CVE-2008-0455 httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled", - "Description": "Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) \"406 Not Acceptable\" or (2) \"300 Multiple Choices\" HTTP response when the extension is omitted in a request for the file.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2008-0455.html", - "http://linux.oracle.com/errata/ELSA-2013-0512.html", - "http://rhn.redhat.com/errata/RHSA-2012-1591.html", - "http://rhn.redhat.com/errata/RHSA-2012-1592.html", - "http://rhn.redhat.com/errata/RHSA-2012-1594.html", - "http://rhn.redhat.com/errata/RHSA-2013-0130.html", - "http://secunia.com/advisories/29348", - "http://secunia.com/advisories/51607", - "http://security.gentoo.org/glsa/glsa-200803-19.xml", - "http://securityreason.com/securityalert/3575", - "http://securitytracker.com/id?1019256", - "http://www.mindedsecurity.com/MSA01150108.html", - "http://www.securityfocus.com/archive/1/486847/100/0/threaded", - "http://www.securityfocus.com/bid/27409", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/39867" - ] - }, - { - "VulnerabilityID": "CVE-2020-1927", - "PkgName": "apache2-utils", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "httpd: mod_rewrite configurations vulnerable to open redirect", - "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.", - "Severity": "MEDIUM", - "References": [ - "http://www.openwall.com/lists/oss-security/2020/04/03/1", - "http://www.openwall.com/lists/oss-security/2020/04/04/1", - "https://httpd.apache.org/security/vulnerabilities_24.html", - "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", - "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E" - ] - }, - { - "VulnerabilityID": "CVE-2020-1934", - "PkgName": "apache2-utils", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "httpd: mod_proxy_ftp use of uninitialized value", - "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.", - "Severity": "MEDIUM", - "References": [ - "https://httpd.apache.org/security/vulnerabilities_24.html", - "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", - "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E", - "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210@%3Ccvs.httpd.apache.org%3E", - "https://security.netapp.com/advisory/ntap-20200413-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2001-1534", - "PkgName": "apache2-utils", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Description": "mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.", - "Severity": "LOW", - "References": [ - "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html", - "http://www.iss.net/security_center/static/7494.php", - "http://www.securityfocus.com/bid/3521" - ] - }, - { - "VulnerabilityID": "CVE-2003-1581", - "PkgName": "apache2-utils", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "httpd: Injection of arbitrary text into log files when DNS resolution is enabled", - "Description": "The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an \"Inverse Lookup Log Corruption (ILLC)\" issue.", - "Severity": "LOW", - "References": [ - "http://www.securityfocus.com/archive/1/313867" - ] - }, - { - "VulnerabilityID": "CVE-2008-0456", - "PkgName": "apache2-utils", - "InstalledVersion": "2.4.38-3+deb10u3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enabled", - "Description": "CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) \"406 Not Acceptable\" or (2) \"300 Multiple Choices\" HTTP response when the extension is omitted in a request for the file.", - "Severity": "LOW", - "References": [ - "http://linux.oracle.com/cve/CVE-2008-0456.html", - "http://linux.oracle.com/errata/ELSA-2013-0130.html", - "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", - "http://rhn.redhat.com/errata/RHSA-2013-0130.html", - "http://secunia.com/advisories/29348", - "http://secunia.com/advisories/35074", - "http://security.gentoo.org/glsa/glsa-200803-19.xml", - "http://securityreason.com/securityalert/3575", - "http://securitytracker.com/id?1019256", - "http://support.apple.com/kb/HT3549", - "http://www.mindedsecurity.com/MSA01150108.html", - "http://www.securityfocus.com/archive/1/486847/100/0/threaded", - "http://www.securityfocus.com/bid/27409", - "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", - "http://www.vupen.com/english/advisories/2009/1297", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/39893", - "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E", - "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E" - ] - }, - { - "VulnerabilityID": "CVE-2011-3374", - "PkgName": "apt", - "InstalledVersion": "1.8.2", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "Severity": "MEDIUM", - "References": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518" - ] - }, - { - "VulnerabilityID": "CVE-2019-18276", - "PkgName": "bash", - "InstalledVersion": "5.0-4", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "bash: when effective UID is not equal to its real UID the saved UID is not dropped", - "Description": "An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support \"saved UID\" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use \"enable -f\" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.", - "Severity": "HIGH", - "References": [ - "http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html", - "https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff", - "https://www.youtube.com/watch?v=-wGtxJ8opa8" - ] - }, - { - "VulnerabilityID": "TEMP-0841856-B18BAF", - "PkgName": "bash", - "InstalledVersion": "5.0-4", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Severity": "LOW" - }, - { - "VulnerabilityID": "CVE-2017-13716", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Memory leak with the C++ symbol demangler routine in libiberty", - "Description": "The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).", - "Severity": "HIGH", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=22009" - ] - }, - { - "VulnerabilityID": "CVE-2018-12699", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer overflow in finish_stab in stabs.c", - "Description": "finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.", - "Severity": "HIGH", - "References": [ - "http://www.securityfocus.com/bid/104540", - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" - ] - }, - { - "VulnerabilityID": "CVE-2018-1000876", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: integer overflow leads to heap-based buffer overflow in objdump", - "Description": "binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2018-1000876.html", - "http://linux.oracle.com/errata/ELSA-2019-2075.html", - "http://www.securityfocus.com/bid/106304", - "https://access.redhat.com/errata/RHSA-2019:2075", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23994", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f" - ] - }, - { - "VulnerabilityID": "CVE-2018-12697", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c.", - "Description": "A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2018-12697.html", - "http://linux.oracle.com/errata/ELSA-2019-2075.html", - "http://www.securityfocus.com/bid/104538", - "https://access.redhat.com/errata/RHSA-2019:2075", - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" - ] - }, - { - "VulnerabilityID": "CVE-2018-12698", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: excessive memory consumption in demangle_template in cplus-dem.c", - "Description": "demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the \"Create an array for saving the template argument values\" XNEWVEC call. This can occur during execution of objdump.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/104539", - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" - ] - }, - { - "VulnerabilityID": "CVE-2018-12700", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack Exhaustion in debug_write_type in debug.c", - "Description": "A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/104541", - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" - ] - }, - { - "VulnerabilityID": "CVE-2018-12934", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c", - "Description": "remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.", - "Severity": "MEDIUM", - "References": [ - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23059", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-17358", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23686" - ] - }, - { - "VulnerabilityID": "CVE-2018-17359", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: invalid memory access in bfd_zalloc in opncls.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23686" - ] - }, - { - "VulnerabilityID": "CVE-2018-17360", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23685" - ] - }, - { - "VulnerabilityID": "CVE-2018-17794", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted input", - "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-17985", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack consumption problem caused by the cplus_demangle_type", - "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87335" - ] - }, - { - "VulnerabilityID": "CVE-2018-18309", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: invalid memory address dereference in read_reloc in reloc.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105692", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23770", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0930cb3021b8078b34cf216e79eb8608d017864f" - ] - }, - { - "VulnerabilityID": "CVE-2018-18483", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service", - "Description": "The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105689", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87602", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23767" - ] - }, - { - "VulnerabilityID": "CVE-2018-18484", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack exhaustion in cp-demangle.c allows for denial of service", - "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105693", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87636" - ] - }, - { - "VulnerabilityID": "CVE-2018-18605", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c", - "Description": "A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105754", - "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18605", - "https://security.netapp.com/advisory/ntap-20190307-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23804", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ab419ddbb2cdd17ca83618990f2cacf904ce1d61" - ] - }, - { - "VulnerabilityID": "CVE-2018-18606", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c", - "Description": "An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105754", - "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18606", - "https://security.netapp.com/advisory/ntap-20190307-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23806", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=45a0eaf77022963d639d6d19871dbab7b79703fc" - ] - }, - { - "VulnerabilityID": "CVE-2018-18607", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c", - "Description": "An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105754", - "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18607", - "https://security.netapp.com/advisory/ntap-20190307-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23805", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=102def4da826b3d9e169741421e5e67e8731909a" - ] - }, - { - "VulnerabilityID": "CVE-2018-18700", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demangle.c", - "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-18701", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c", - "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-19931", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of service", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106144", - "https://security.gentoo.org/glsa/201908-01", - "https://security.netapp.com/advisory/ntap-20190221-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23942", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5f60af5d24d181371d67534fa273dd221df20c07" - ] - }, - { - "VulnerabilityID": "CVE-2018-19932", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106144", - "https://security.gentoo.org/glsa/201908-01", - "https://security.netapp.com/advisory/ntap-20190221-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23932", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=beab453223769279cc1cef68a1622ab8978641f7" - ] - }, - { - "VulnerabilityID": "CVE-2018-20002", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c", - "Description": "The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106142", - "https://security.gentoo.org/glsa/201908-01", - "https://security.netapp.com/advisory/ntap-20190221-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23952", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c2f5dc30afa34696f2da0081c4ac50b958ecb0e9", - "https://support.f5.com/csp/article/K62602089" - ] - }, - { - "VulnerabilityID": "CVE-2018-20623", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Use-after-free in the error function", - "Description": "In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/106370", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24049", - "https://support.f5.com/csp/article/K38336243" - ] - }, - { - "VulnerabilityID": "CVE-2018-20651", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of service", - "Description": "A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106440", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24041", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=54025d5812ff100f5f0654eb7e1ffd50f2e37f5f", - "https://support.f5.com/csp/article/K38336243" - ] - }, - { - "VulnerabilityID": "CVE-2018-20671", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Integer overflow in load_specific_debug_section function", - "Description": "load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/106457", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24005", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11fa9f134fd658075c6f74499c780df045d9e9ca" - ] - }, - { - "VulnerabilityID": "CVE-2018-20673", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "libiberty: Integer overflow in demangle_template() function", - "Description": "The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for \"Create an array for saving the template argument values\") that can trigger a heap-based buffer overflow, as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106454", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24039" - ] - }, - { - "VulnerabilityID": "CVE-2018-20712", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "libiberty: heap-based buffer over-read in d_expression_1", - "Description": "A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106563", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24043", - "https://support.f5.com/csp/article/K38336243" - ] - }, - { - "VulnerabilityID": "CVE-2018-9138", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty", - "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type.", - "Severity": "MEDIUM", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=23008", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-9996", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack-overflow in libiberty/cplus-dem.c causes crash", - "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/103733", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010180", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution", - "Description": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/109367", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23657" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010204", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service", - "Description": "GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190822-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23765" - ] - }, - { - "VulnerabilityID": "CVE-2019-12972", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\\0' character.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108903", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24689", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=890f750a3b053532a4b839a2dd6243076de12031" - ] - }, - { - "VulnerabilityID": "CVE-2019-14250", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow", - "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/109354", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924", - "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html", - "https://security.netapp.com/advisory/ntap-20190822-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2019-14444", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: integer overflow in function apply_relocation in readelf.c", - "Description": "apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190822-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24829" - ] - }, - { - "VulnerabilityID": "CVE-2019-17450", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: denial of service via crafted ELF file", - "Description": "find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20191024-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25078" - ] - }, - { - "VulnerabilityID": "CVE-2019-17451", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20191024-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25070", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=336bfbeb1848f4b9558456fdcf283ee8a32d7fd1" - ] - }, - { - "VulnerabilityID": "CVE-2019-9070", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c", - "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107147", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89395", - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24229", - "https://support.f5.com/csp/article/K13534168" - ] - }, - { - "VulnerabilityID": "CVE-2019-9071", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c", - "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107147", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394", - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24227", - "https://support.f5.com/csp/article/K02884135" - ] - }, - { - "VulnerabilityID": "CVE-2019-9073", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24233", - "https://support.f5.com/csp/article/K37121474" - ] - }, - { - "VulnerabilityID": "CVE-2019-9074", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: out-of-bound read in function bfd_getl32 in libbfd.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24235", - "https://support.f5.com/csp/article/K09092524" - ] - }, - { - "VulnerabilityID": "CVE-2019-9075", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24236", - "https://support.f5.com/csp/article/K42059040" - ] - }, - { - "VulnerabilityID": "CVE-2019-9077", - "PkgName": "binutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer overflow in function process_mips_specific in readelf.c", - "Description": "An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107139", - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24243", - "https://support.f5.com/csp/article/K00056379" - ] - }, - { - "VulnerabilityID": "CVE-2017-13716", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Memory leak with the C++ symbol demangler routine in libiberty", - "Description": "The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).", - "Severity": "HIGH", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=22009" - ] - }, - { - "VulnerabilityID": "CVE-2018-12699", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer overflow in finish_stab in stabs.c", - "Description": "finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.", - "Severity": "HIGH", - "References": [ - "http://www.securityfocus.com/bid/104540", - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" - ] - }, - { - "VulnerabilityID": "CVE-2018-1000876", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: integer overflow leads to heap-based buffer overflow in objdump", - "Description": "binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2018-1000876.html", - "http://linux.oracle.com/errata/ELSA-2019-2075.html", - "http://www.securityfocus.com/bid/106304", - "https://access.redhat.com/errata/RHSA-2019:2075", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23994", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f" - ] - }, - { - "VulnerabilityID": "CVE-2018-12697", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c.", - "Description": "A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2018-12697.html", - "http://linux.oracle.com/errata/ELSA-2019-2075.html", - "http://www.securityfocus.com/bid/104538", - "https://access.redhat.com/errata/RHSA-2019:2075", - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" - ] - }, - { - "VulnerabilityID": "CVE-2018-12698", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: excessive memory consumption in demangle_template in cplus-dem.c", - "Description": "demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the \"Create an array for saving the template argument values\" XNEWVEC call. This can occur during execution of objdump.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/104539", - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" - ] - }, - { - "VulnerabilityID": "CVE-2018-12700", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack Exhaustion in debug_write_type in debug.c", - "Description": "A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/104541", - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" - ] - }, - { - "VulnerabilityID": "CVE-2018-12934", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c", - "Description": "remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.", - "Severity": "MEDIUM", - "References": [ - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23059", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-17358", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23686" - ] - }, - { - "VulnerabilityID": "CVE-2018-17359", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: invalid memory access in bfd_zalloc in opncls.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23686" - ] - }, - { - "VulnerabilityID": "CVE-2018-17360", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23685" - ] - }, - { - "VulnerabilityID": "CVE-2018-17794", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted input", - "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-17985", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack consumption problem caused by the cplus_demangle_type", - "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87335" - ] - }, - { - "VulnerabilityID": "CVE-2018-18309", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: invalid memory address dereference in read_reloc in reloc.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105692", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23770", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0930cb3021b8078b34cf216e79eb8608d017864f" - ] - }, - { - "VulnerabilityID": "CVE-2018-18483", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service", - "Description": "The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105689", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87602", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23767" - ] - }, - { - "VulnerabilityID": "CVE-2018-18484", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack exhaustion in cp-demangle.c allows for denial of service", - "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105693", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87636" - ] - }, - { - "VulnerabilityID": "CVE-2018-18605", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c", - "Description": "A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105754", - "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18605", - "https://security.netapp.com/advisory/ntap-20190307-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23804", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ab419ddbb2cdd17ca83618990f2cacf904ce1d61" - ] - }, - { - "VulnerabilityID": "CVE-2018-18606", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c", - "Description": "An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105754", - "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18606", - "https://security.netapp.com/advisory/ntap-20190307-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23806", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=45a0eaf77022963d639d6d19871dbab7b79703fc" - ] - }, - { - "VulnerabilityID": "CVE-2018-18607", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c", - "Description": "An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105754", - "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18607", - "https://security.netapp.com/advisory/ntap-20190307-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23805", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=102def4da826b3d9e169741421e5e67e8731909a" - ] - }, - { - "VulnerabilityID": "CVE-2018-18700", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demangle.c", - "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-18701", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c", - "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-19931", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of service", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106144", - "https://security.gentoo.org/glsa/201908-01", - "https://security.netapp.com/advisory/ntap-20190221-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23942", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5f60af5d24d181371d67534fa273dd221df20c07" - ] - }, - { - "VulnerabilityID": "CVE-2018-19932", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106144", - "https://security.gentoo.org/glsa/201908-01", - "https://security.netapp.com/advisory/ntap-20190221-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23932", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=beab453223769279cc1cef68a1622ab8978641f7" - ] - }, - { - "VulnerabilityID": "CVE-2018-20002", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c", - "Description": "The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106142", - "https://security.gentoo.org/glsa/201908-01", - "https://security.netapp.com/advisory/ntap-20190221-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23952", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c2f5dc30afa34696f2da0081c4ac50b958ecb0e9", - "https://support.f5.com/csp/article/K62602089" - ] - }, - { - "VulnerabilityID": "CVE-2018-20623", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Use-after-free in the error function", - "Description": "In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/106370", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24049", - "https://support.f5.com/csp/article/K38336243" - ] - }, - { - "VulnerabilityID": "CVE-2018-20651", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of service", - "Description": "A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106440", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24041", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=54025d5812ff100f5f0654eb7e1ffd50f2e37f5f", - "https://support.f5.com/csp/article/K38336243" - ] - }, - { - "VulnerabilityID": "CVE-2018-20671", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Integer overflow in load_specific_debug_section function", - "Description": "load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/106457", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24005", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11fa9f134fd658075c6f74499c780df045d9e9ca" - ] - }, - { - "VulnerabilityID": "CVE-2018-20673", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "libiberty: Integer overflow in demangle_template() function", - "Description": "The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for \"Create an array for saving the template argument values\") that can trigger a heap-based buffer overflow, as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106454", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24039" - ] - }, - { - "VulnerabilityID": "CVE-2018-20712", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "libiberty: heap-based buffer over-read in d_expression_1", - "Description": "A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106563", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24043", - "https://support.f5.com/csp/article/K38336243" - ] - }, - { - "VulnerabilityID": "CVE-2018-9138", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty", - "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type.", - "Severity": "MEDIUM", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=23008", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-9996", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack-overflow in libiberty/cplus-dem.c causes crash", - "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/103733", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010180", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution", - "Description": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/109367", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23657" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010204", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service", - "Description": "GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190822-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23765" - ] - }, - { - "VulnerabilityID": "CVE-2019-12972", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\\0' character.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108903", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24689", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=890f750a3b053532a4b839a2dd6243076de12031" - ] - }, - { - "VulnerabilityID": "CVE-2019-14250", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow", - "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/109354", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924", - "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html", - "https://security.netapp.com/advisory/ntap-20190822-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2019-14444", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: integer overflow in function apply_relocation in readelf.c", - "Description": "apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190822-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24829" - ] - }, - { - "VulnerabilityID": "CVE-2019-17450", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: denial of service via crafted ELF file", - "Description": "find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20191024-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25078" - ] - }, - { - "VulnerabilityID": "CVE-2019-17451", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20191024-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25070", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=336bfbeb1848f4b9558456fdcf283ee8a32d7fd1" - ] - }, - { - "VulnerabilityID": "CVE-2019-9070", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c", - "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107147", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89395", - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24229", - "https://support.f5.com/csp/article/K13534168" - ] - }, - { - "VulnerabilityID": "CVE-2019-9071", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c", - "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107147", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394", - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24227", - "https://support.f5.com/csp/article/K02884135" - ] - }, - { - "VulnerabilityID": "CVE-2019-9073", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24233", - "https://support.f5.com/csp/article/K37121474" - ] - }, - { - "VulnerabilityID": "CVE-2019-9074", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: out-of-bound read in function bfd_getl32 in libbfd.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24235", - "https://support.f5.com/csp/article/K09092524" - ] - }, - { - "VulnerabilityID": "CVE-2019-9075", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24236", - "https://support.f5.com/csp/article/K42059040" - ] - }, - { - "VulnerabilityID": "CVE-2019-9077", - "PkgName": "binutils-common", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer overflow in function process_mips_specific in readelf.c", - "Description": "An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107139", - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24243", - "https://support.f5.com/csp/article/K00056379" - ] - }, - { - "VulnerabilityID": "CVE-2017-13716", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Memory leak with the C++ symbol demangler routine in libiberty", - "Description": "The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).", - "Severity": "HIGH", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=22009" - ] - }, - { - "VulnerabilityID": "CVE-2018-12699", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer overflow in finish_stab in stabs.c", - "Description": "finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.", - "Severity": "HIGH", - "References": [ - "http://www.securityfocus.com/bid/104540", - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" - ] - }, - { - "VulnerabilityID": "CVE-2018-1000876", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: integer overflow leads to heap-based buffer overflow in objdump", - "Description": "binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2018-1000876.html", - "http://linux.oracle.com/errata/ELSA-2019-2075.html", - "http://www.securityfocus.com/bid/106304", - "https://access.redhat.com/errata/RHSA-2019:2075", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23994", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f" - ] - }, - { - "VulnerabilityID": "CVE-2018-12697", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c.", - "Description": "A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2018-12697.html", - "http://linux.oracle.com/errata/ELSA-2019-2075.html", - "http://www.securityfocus.com/bid/104538", - "https://access.redhat.com/errata/RHSA-2019:2075", - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" - ] - }, - { - "VulnerabilityID": "CVE-2018-12698", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: excessive memory consumption in demangle_template in cplus-dem.c", - "Description": "demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the \"Create an array for saving the template argument values\" XNEWVEC call. This can occur during execution of objdump.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/104539", - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" - ] - }, - { - "VulnerabilityID": "CVE-2018-12700", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack Exhaustion in debug_write_type in debug.c", - "Description": "A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/104541", - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" - ] - }, - { - "VulnerabilityID": "CVE-2018-12934", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c", - "Description": "remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.", - "Severity": "MEDIUM", - "References": [ - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23059", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-17358", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23686" - ] - }, - { - "VulnerabilityID": "CVE-2018-17359", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: invalid memory access in bfd_zalloc in opncls.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23686" - ] - }, - { - "VulnerabilityID": "CVE-2018-17360", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23685" - ] - }, - { - "VulnerabilityID": "CVE-2018-17794", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted input", - "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-17985", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack consumption problem caused by the cplus_demangle_type", - "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87335" - ] - }, - { - "VulnerabilityID": "CVE-2018-18309", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: invalid memory address dereference in read_reloc in reloc.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105692", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23770", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0930cb3021b8078b34cf216e79eb8608d017864f" - ] - }, - { - "VulnerabilityID": "CVE-2018-18483", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service", - "Description": "The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105689", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87602", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23767" - ] - }, - { - "VulnerabilityID": "CVE-2018-18484", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack exhaustion in cp-demangle.c allows for denial of service", - "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105693", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87636" - ] - }, - { - "VulnerabilityID": "CVE-2018-18605", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c", - "Description": "A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105754", - "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18605", - "https://security.netapp.com/advisory/ntap-20190307-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23804", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ab419ddbb2cdd17ca83618990f2cacf904ce1d61" - ] - }, - { - "VulnerabilityID": "CVE-2018-18606", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c", - "Description": "An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105754", - "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18606", - "https://security.netapp.com/advisory/ntap-20190307-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23806", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=45a0eaf77022963d639d6d19871dbab7b79703fc" - ] - }, - { - "VulnerabilityID": "CVE-2018-18607", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c", - "Description": "An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105754", - "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18607", - "https://security.netapp.com/advisory/ntap-20190307-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23805", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=102def4da826b3d9e169741421e5e67e8731909a" - ] - }, - { - "VulnerabilityID": "CVE-2018-18700", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demangle.c", - "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-18701", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c", - "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-19931", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of service", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106144", - "https://security.gentoo.org/glsa/201908-01", - "https://security.netapp.com/advisory/ntap-20190221-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23942", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5f60af5d24d181371d67534fa273dd221df20c07" - ] - }, - { - "VulnerabilityID": "CVE-2018-19932", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106144", - "https://security.gentoo.org/glsa/201908-01", - "https://security.netapp.com/advisory/ntap-20190221-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23932", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=beab453223769279cc1cef68a1622ab8978641f7" - ] - }, - { - "VulnerabilityID": "CVE-2018-20002", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c", - "Description": "The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106142", - "https://security.gentoo.org/glsa/201908-01", - "https://security.netapp.com/advisory/ntap-20190221-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23952", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c2f5dc30afa34696f2da0081c4ac50b958ecb0e9", - "https://support.f5.com/csp/article/K62602089" - ] - }, - { - "VulnerabilityID": "CVE-2018-20623", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Use-after-free in the error function", - "Description": "In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/106370", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24049", - "https://support.f5.com/csp/article/K38336243" - ] - }, - { - "VulnerabilityID": "CVE-2018-20651", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of service", - "Description": "A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106440", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24041", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=54025d5812ff100f5f0654eb7e1ffd50f2e37f5f", - "https://support.f5.com/csp/article/K38336243" - ] - }, - { - "VulnerabilityID": "CVE-2018-20671", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Integer overflow in load_specific_debug_section function", - "Description": "load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/106457", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24005", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11fa9f134fd658075c6f74499c780df045d9e9ca" - ] - }, - { - "VulnerabilityID": "CVE-2018-20673", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "libiberty: Integer overflow in demangle_template() function", - "Description": "The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for \"Create an array for saving the template argument values\") that can trigger a heap-based buffer overflow, as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106454", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24039" - ] - }, - { - "VulnerabilityID": "CVE-2018-20712", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "libiberty: heap-based buffer over-read in d_expression_1", - "Description": "A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106563", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24043", - "https://support.f5.com/csp/article/K38336243" - ] - }, - { - "VulnerabilityID": "CVE-2018-9138", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty", - "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type.", - "Severity": "MEDIUM", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=23008", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-9996", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack-overflow in libiberty/cplus-dem.c causes crash", - "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/103733", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010180", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution", - "Description": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/109367", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23657" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010204", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service", - "Description": "GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190822-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23765" - ] - }, - { - "VulnerabilityID": "CVE-2019-12972", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\\0' character.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108903", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24689", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=890f750a3b053532a4b839a2dd6243076de12031" - ] - }, - { - "VulnerabilityID": "CVE-2019-14250", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow", - "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/109354", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924", - "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html", - "https://security.netapp.com/advisory/ntap-20190822-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2019-14444", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: integer overflow in function apply_relocation in readelf.c", - "Description": "apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190822-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24829" - ] - }, - { - "VulnerabilityID": "CVE-2019-17450", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: denial of service via crafted ELF file", - "Description": "find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20191024-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25078" - ] - }, - { - "VulnerabilityID": "CVE-2019-17451", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20191024-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25070", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=336bfbeb1848f4b9558456fdcf283ee8a32d7fd1" - ] - }, - { - "VulnerabilityID": "CVE-2019-9070", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c", - "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107147", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89395", - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24229", - "https://support.f5.com/csp/article/K13534168" - ] - }, - { - "VulnerabilityID": "CVE-2019-9071", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c", - "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107147", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394", - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24227", - "https://support.f5.com/csp/article/K02884135" - ] - }, - { - "VulnerabilityID": "CVE-2019-9073", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24233", - "https://support.f5.com/csp/article/K37121474" - ] - }, - { - "VulnerabilityID": "CVE-2019-9074", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: out-of-bound read in function bfd_getl32 in libbfd.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24235", - "https://support.f5.com/csp/article/K09092524" - ] - }, - { - "VulnerabilityID": "CVE-2019-9075", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24236", - "https://support.f5.com/csp/article/K42059040" - ] - }, - { - "VulnerabilityID": "CVE-2019-9077", - "PkgName": "binutils-x86-64-linux-gnu", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer overflow in function process_mips_specific in readelf.c", - "Description": "An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107139", - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24243", - "https://support.f5.com/csp/article/K00056379" - ] - }, - { - "VulnerabilityID": "CVE-2016-2781", - "PkgName": "coreutils", - "InstalledVersion": "8.30-3", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "coreutils: Non-privileged session can escape to the parent session in chroot", - "Description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", - "Severity": "LOW", - "References": [ - "http://www.openwall.com/lists/oss-security/2016/02/28/2", - "http://www.openwall.com/lists/oss-security/2016/02/28/3" - ] - }, - { - "VulnerabilityID": "CVE-2017-18018", - "PkgName": "coreutils", - "InstalledVersion": "8.30-3", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "coreutils: race condition vulnerability in chown and chgrp", - "Description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX \"-R -L\" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", - "Severity": "LOW", - "References": [ - "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html" - ] - }, - { - "VulnerabilityID": "CVE-2018-12886", - "PkgName": "cpp-8", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", - "https://www.gnu.org/software/gcc/gcc-8/changes.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15847", - "PkgName": "cpp-8", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", - "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" - ] - }, - { - "VulnerabilityID": "CVE-2018-12886", - "PkgName": "g++-8", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", - "https://www.gnu.org/software/gcc/gcc-8/changes.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15847", - "PkgName": "g++-8", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", - "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" - ] - }, - { - "VulnerabilityID": "CVE-2018-12886", - "PkgName": "gcc-8", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", - "https://www.gnu.org/software/gcc/gcc-8/changes.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15847", - "PkgName": "gcc-8", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", - "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" - ] - }, - { - "VulnerabilityID": "CVE-2018-12886", - "PkgName": "gcc-8-base", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", - "https://www.gnu.org/software/gcc/gcc-8/changes.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15847", - "PkgName": "gcc-8-base", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", - "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" - ] - }, - { - "VulnerabilityID": "CVE-2018-1000021", - "PkgName": "git", - "InstalledVersion": "1:2.20.1-2+deb10u3", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands", - "Description": "GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).", - "Severity": "MEDIUM", - "References": [ - "http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html" - ] - }, - { - "VulnerabilityID": "CVE-2018-1000021", - "PkgName": "git-man", - "InstalledVersion": "1:2.20.1-2+deb10u3", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands", - "Description": "GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).", - "Severity": "MEDIUM", - "References": [ - "http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-14855", - "PkgName": "gpgv", - "InstalledVersion": "2.2.12-1+deb10u1", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "gnupg2: OpenPGP Key Certification Forgeries with SHA-1", - "Description": "A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.", - "Severity": "MEDIUM", - "References": [ - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855", - "https://dev.gnupg.org/T4755", - "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html", - "https://rwc.iacr.org/2020/slides/Leurent.pdf" - ] - }, - { - "VulnerabilityID": "CVE-2018-15607", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: CPU Exhaustion via crafted input file", - "Description": "In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.", - "Severity": "HIGH", - "References": [ - "http://linux.oracle.com/cve/CVE-2018-15607.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/105137", - "https://github.com/ImageMagick/ImageMagick/issues/1255", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-11470", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: denial of service in cineon parsing component", - "Description": "The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.", - "Severity": "HIGH", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11470.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", - "https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957", - "https://github.com/ImageMagick/ImageMagick/issues/1472", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19948", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c", - "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.", - "Severity": "HIGH", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-19948.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", - "https://github.com/ImageMagick/ImageMagick/issues/1562", - "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" - ] - }, - { - "VulnerabilityID": "CVE-2008-3134", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "GraphicsMagick/ImageMagick: multiple crash or DoS issues", - "Description": "Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html", - "http://secunia.com/advisories/30879", - "http://secunia.com/advisories/32151", - "http://sourceforge.net/forum/forum.php?forum_id=841176", - "http://sourceforge.net/project/shownotes.php?release_id=610253", - "http://www.securityfocus.com/bid/30055", - "http://www.securitytracker.com/id?1020413", - "http://www.vupen.com/english/advisories/2008/1984/references", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3134", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/43511", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/43513" - ] - }, - { - "VulnerabilityID": "CVE-2016-8678", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Heap-buffer overflow in IsPixelMonochrome", - "Description": "The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says \"This is a Q64 issue and we do not support Q64.\"", - "Severity": "MEDIUM", - "References": [ - "http://www.openwall.com/lists/oss-security/2016/10/16/2", - "http://www.openwall.com/lists/oss-security/2016/12/08/18", - "http://www.securityfocus.com/bid/93599", - "https://bugzilla.redhat.com/show_bug.cgi?id=1385694", - "https://github.com/ImageMagick/ImageMagick/issues/272" - ] - }, - { - "VulnerabilityID": "CVE-2017-11754", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in WritePICONImage function", - "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/ImageMagick/ImageMagick/issues/633" - ] - }, - { - "VulnerabilityID": "CVE-2017-11755", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call", - "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/ImageMagick/ImageMagick/issues/634" - ] - }, - { - "VulnerabilityID": "CVE-2017-7275", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866)", - "Description": "The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/97166", - "https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/", - "https://github.com/ImageMagick/ImageMagick/issues/271" - ] - }, - { - "VulnerabilityID": "CVE-2019-10649", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in SVGKeyValuePairs of coders/svg.c that leads to denial of service via crafted image file", - "Description": "In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107645", - "https://github.com/ImageMagick/ImageMagick/issues/1533", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-11472", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component", - "Description": "ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11472.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", - "https://github.com/ImageMagick/ImageMagick/issues/1546", - "https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-11597", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure", - "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11597.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108102", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", - "https://github.com/ImageMagick/ImageMagick/issues/1555", - "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-11598", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure", - "Description": "In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11598.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108102", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", - "https://github.com/ImageMagick/ImageMagick/issues/1540", - "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-12974", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service", - "Description": "A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12974.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", - "https://github.com/ImageMagick/ImageMagick/issues/1515" - ] - }, - { - "VulnerabilityID": "CVE-2019-12975", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c", - "Description": "ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12975.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1517" - ] - }, - { - "VulnerabilityID": "CVE-2019-12976", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c", - "Description": "ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12976.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1520" - ] - }, - { - "VulnerabilityID": "CVE-2019-12977", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: use of uninitialised value in function WriteJP2Image in coders/jp2.c", - "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the WriteJP2Image function in coders/jp2.c.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1518" - ] - }, - { - "VulnerabilityID": "CVE-2019-12978", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c", - "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the ReadPANGOImage function in coders/pango.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12978.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1519" - ] - }, - { - "VulnerabilityID": "CVE-2019-12979", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c", - "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12979.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1522" - ] - }, - { - "VulnerabilityID": "CVE-2019-13135", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: a \"use of uninitialized value\" vulnerability in the function ReadCUTImage leading to a crash and DoS", - "Description": "ImageMagick before 7.0.8-50 has a \"use of uninitialized value\" vulnerability in the function ReadCUTImage in coders/cut.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13135.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", - "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d", - "https://github.com/ImageMagick/ImageMagick/issues/1599", - "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13137", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: a memory leak vulnerability in the function ReadPSImage in coders/ps.c", - "Description": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34", - "https://github.com/ImageMagick/ImageMagick/issues/1601", - "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b" - ] - }, - { - "VulnerabilityID": "CVE-2019-13295", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13295.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", - "https://github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc", - "https://github.com/ImageMagick/ImageMagick/issues/1608", - "https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13297", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13297.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", - "https://github.com/ImageMagick/ImageMagick/commit/604588fc35c7585abb7a9e71f69bb82e4389fefc", - "https://github.com/ImageMagick/ImageMagick/issues/1609", - "https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13300", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13300.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a", - "https://github.com/ImageMagick/ImageMagick/issues/1586", - "https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450" - ] - }, - { - "VulnerabilityID": "CVE-2019-13301", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks in AcquireMagickMemory", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13301.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025", - "https://github.com/ImageMagick/ImageMagick/issues/1585", - "https://github.com/ImageMagick/ImageMagick/issues/1589" - ] - }, - { - "VulnerabilityID": "CVE-2019-13304", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment", - "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13304.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", - "https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e", - "https://github.com/ImageMagick/ImageMagick/issues/1614", - "https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13305", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error", - "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13305.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", - "https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888", - "https://github.com/ImageMagick/ImageMagick/issues/1613", - "https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13306", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors", - "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13306.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", - "https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd", - "https://github.com/ImageMagick/ImageMagick/issues/1612", - "https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13307", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13307.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48", - "https://github.com/ImageMagick/ImageMagick/issues/1615", - "https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe" - ] - }, - { - "VulnerabilityID": "CVE-2019-13308", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow in MagickCore/fourier.c in ComplexImage", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/61135001a625364e29bdce83832f043eebde7b5a", - "https://github.com/ImageMagick/ImageMagick/issues/1595", - "https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01" - ] - }, - { - "VulnerabilityID": "CVE-2019-13309", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13309.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", - "https://github.com/ImageMagick/ImageMagick/issues/1616", - "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" - ] - }, - { - "VulnerabilityID": "CVE-2019-13310", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13310.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", - "https://github.com/ImageMagick/ImageMagick/issues/1616", - "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" - ] - }, - { - "VulnerabilityID": "CVE-2019-13311", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13311.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/4a334bbf5584de37c6f5a47c380a531c8c4b140a", - "https://github.com/ImageMagick/ImageMagick/issues/1623", - "https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91" - ] - }, - { - "VulnerabilityID": "CVE-2019-13391", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in MagickCore/fourier.c", - "Description": "In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7", - "https://github.com/ImageMagick/ImageMagick/issues/1588", - "https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984" - ] - }, - { - "VulnerabilityID": "CVE-2019-13454", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c", - "Description": "ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13454.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "http://www.securityfocus.com/bid/109099", - "https://github.com/ImageMagick/ImageMagick/commit/1ddcf2e4f28029a888cadef2e757509ef5047ad8", - "https://github.com/ImageMagick/ImageMagick/issues/1629", - "https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4" - ] - }, - { - "VulnerabilityID": "CVE-2019-14981", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c", - "Description": "In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-14981.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", - "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc", - "https://github.com/ImageMagick/ImageMagick/issues/1552", - "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256", - "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15139", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c", - "Description": "The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-15139.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", - "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7", - "https://github.com/ImageMagick/ImageMagick/issues/1553", - "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15140", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Use after free in ReadMATImage in coders/mat.c", - "Description": "coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-15140.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", - "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0", - "https://github.com/ImageMagick/ImageMagick/issues/1554", - "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-16708", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in magick/xwindow.c", - "Description": "ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16708.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1531", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16709", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in coders/dps.c", - "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16709.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", - "https://github.com/ImageMagick/ImageMagick/issues/1531" - ] - }, - { - "VulnerabilityID": "CVE-2019-16710", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in coders/dot.c", - "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16710.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1528", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16711", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c", - "Description": "ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16711.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1542", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16712", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c", - "Description": "ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16712.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1557" - ] - }, - { - "VulnerabilityID": "CVE-2019-16713", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in coders/dot.c", - "Description": "ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16713.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1558", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19949", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c", - "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-19949.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", - "https://github.com/ImageMagick/ImageMagick/issues/1561", - "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-7175", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: memory leak in function DecodeImage in coders/pcd.c", - "Description": "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-7175.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", - "https://github.com/ImageMagick/ImageMagick/issues/1450" - ] - }, - { - "VulnerabilityID": "CVE-2019-7395", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the WritePSDChannel function in coders/psd.c", - "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "http://www.securityfocus.com/bid/106850", - "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06", - "https://github.com/ImageMagick/ImageMagick/issues/1451" - ] - }, - { - "VulnerabilityID": "CVE-2019-7396", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the ReadSIXELImage function in coders/sixel.c", - "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://www.securityfocus.com/bid/106849", - "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce", - "https://github.com/ImageMagick/ImageMagick/issues/1452", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-7397", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c", - "Description": "In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.", - "Severity": "MEDIUM", - "References": [ - "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1", - "http://linux.oracle.com/cve/CVE-2019-7397.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "http://www.securityfocus.com/bid/106847", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", - "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82", - "https://github.com/ImageMagick/ImageMagick/issues/1454" - ] - }, - { - "VulnerabilityID": "CVE-2019-7398", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c", - "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-7398.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "http://www.securityfocus.com/bid/106848", - "https://github.com/ImageMagick/ImageMagick/issues/1453" - ] - }, - { - "VulnerabilityID": "CVE-2020-10251", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: out-of-bounds read in ReadHEICImageByID function in coders/heic.c", - "Description": "In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/ImageMagick/ImageMagick/issues/1859" - ] - }, - { - "VulnerabilityID": "CVE-2005-0406", - "PkgName": "imagemagick", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Description": "A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.", - "Severity": "LOW", - "References": [ - "http://seclists.org/lists/fulldisclosure/2005/Feb/0343.html", - "http://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt" - ] - }, - { - "VulnerabilityID": "CVE-2018-15607", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: CPU Exhaustion via crafted input file", - "Description": "In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.", - "Severity": "HIGH", - "References": [ - "http://linux.oracle.com/cve/CVE-2018-15607.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/105137", - "https://github.com/ImageMagick/ImageMagick/issues/1255", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-11470", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: denial of service in cineon parsing component", - "Description": "The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.", - "Severity": "HIGH", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11470.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", - "https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957", - "https://github.com/ImageMagick/ImageMagick/issues/1472", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19948", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c", - "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.", - "Severity": "HIGH", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-19948.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", - "https://github.com/ImageMagick/ImageMagick/issues/1562", - "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" - ] - }, - { - "VulnerabilityID": "CVE-2008-3134", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "GraphicsMagick/ImageMagick: multiple crash or DoS issues", - "Description": "Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html", - "http://secunia.com/advisories/30879", - "http://secunia.com/advisories/32151", - "http://sourceforge.net/forum/forum.php?forum_id=841176", - "http://sourceforge.net/project/shownotes.php?release_id=610253", - "http://www.securityfocus.com/bid/30055", - "http://www.securitytracker.com/id?1020413", - "http://www.vupen.com/english/advisories/2008/1984/references", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3134", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/43511", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/43513" - ] - }, - { - "VulnerabilityID": "CVE-2016-8678", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Heap-buffer overflow in IsPixelMonochrome", - "Description": "The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says \"This is a Q64 issue and we do not support Q64.\"", - "Severity": "MEDIUM", - "References": [ - "http://www.openwall.com/lists/oss-security/2016/10/16/2", - "http://www.openwall.com/lists/oss-security/2016/12/08/18", - "http://www.securityfocus.com/bid/93599", - "https://bugzilla.redhat.com/show_bug.cgi?id=1385694", - "https://github.com/ImageMagick/ImageMagick/issues/272" - ] - }, - { - "VulnerabilityID": "CVE-2017-11754", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in WritePICONImage function", - "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/ImageMagick/ImageMagick/issues/633" - ] - }, - { - "VulnerabilityID": "CVE-2017-11755", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call", - "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/ImageMagick/ImageMagick/issues/634" - ] - }, - { - "VulnerabilityID": "CVE-2017-7275", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866)", - "Description": "The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/97166", - "https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/", - "https://github.com/ImageMagick/ImageMagick/issues/271" - ] - }, - { - "VulnerabilityID": "CVE-2019-10649", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in SVGKeyValuePairs of coders/svg.c that leads to denial of service via crafted image file", - "Description": "In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107645", - "https://github.com/ImageMagick/ImageMagick/issues/1533", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-11472", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component", - "Description": "ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11472.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", - "https://github.com/ImageMagick/ImageMagick/issues/1546", - "https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-11597", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure", - "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11597.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108102", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", - "https://github.com/ImageMagick/ImageMagick/issues/1555", - "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-11598", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure", - "Description": "In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11598.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108102", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", - "https://github.com/ImageMagick/ImageMagick/issues/1540", - "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-12974", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service", - "Description": "A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12974.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", - "https://github.com/ImageMagick/ImageMagick/issues/1515" - ] - }, - { - "VulnerabilityID": "CVE-2019-12975", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c", - "Description": "ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12975.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1517" - ] - }, - { - "VulnerabilityID": "CVE-2019-12976", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c", - "Description": "ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12976.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1520" - ] - }, - { - "VulnerabilityID": "CVE-2019-12977", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: use of uninitialised value in function WriteJP2Image in coders/jp2.c", - "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the WriteJP2Image function in coders/jp2.c.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1518" - ] - }, - { - "VulnerabilityID": "CVE-2019-12978", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c", - "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the ReadPANGOImage function in coders/pango.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12978.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1519" - ] - }, - { - "VulnerabilityID": "CVE-2019-12979", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c", - "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12979.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1522" - ] - }, - { - "VulnerabilityID": "CVE-2019-13135", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: a \"use of uninitialized value\" vulnerability in the function ReadCUTImage leading to a crash and DoS", - "Description": "ImageMagick before 7.0.8-50 has a \"use of uninitialized value\" vulnerability in the function ReadCUTImage in coders/cut.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13135.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", - "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d", - "https://github.com/ImageMagick/ImageMagick/issues/1599", - "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13137", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: a memory leak vulnerability in the function ReadPSImage in coders/ps.c", - "Description": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34", - "https://github.com/ImageMagick/ImageMagick/issues/1601", - "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b" - ] - }, - { - "VulnerabilityID": "CVE-2019-13295", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13295.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", - "https://github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc", - "https://github.com/ImageMagick/ImageMagick/issues/1608", - "https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13297", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13297.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", - "https://github.com/ImageMagick/ImageMagick/commit/604588fc35c7585abb7a9e71f69bb82e4389fefc", - "https://github.com/ImageMagick/ImageMagick/issues/1609", - "https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13300", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13300.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a", - "https://github.com/ImageMagick/ImageMagick/issues/1586", - "https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450" - ] - }, - { - "VulnerabilityID": "CVE-2019-13301", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks in AcquireMagickMemory", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13301.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025", - "https://github.com/ImageMagick/ImageMagick/issues/1585", - "https://github.com/ImageMagick/ImageMagick/issues/1589" - ] - }, - { - "VulnerabilityID": "CVE-2019-13304", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment", - "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13304.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", - "https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e", - "https://github.com/ImageMagick/ImageMagick/issues/1614", - "https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13305", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error", - "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13305.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", - "https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888", - "https://github.com/ImageMagick/ImageMagick/issues/1613", - "https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13306", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors", - "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13306.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", - "https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd", - "https://github.com/ImageMagick/ImageMagick/issues/1612", - "https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13307", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13307.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48", - "https://github.com/ImageMagick/ImageMagick/issues/1615", - "https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe" - ] - }, - { - "VulnerabilityID": "CVE-2019-13308", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow in MagickCore/fourier.c in ComplexImage", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/61135001a625364e29bdce83832f043eebde7b5a", - "https://github.com/ImageMagick/ImageMagick/issues/1595", - "https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01" - ] - }, - { - "VulnerabilityID": "CVE-2019-13309", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13309.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", - "https://github.com/ImageMagick/ImageMagick/issues/1616", - "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" - ] - }, - { - "VulnerabilityID": "CVE-2019-13310", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13310.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", - "https://github.com/ImageMagick/ImageMagick/issues/1616", - "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" - ] - }, - { - "VulnerabilityID": "CVE-2019-13311", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13311.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/4a334bbf5584de37c6f5a47c380a531c8c4b140a", - "https://github.com/ImageMagick/ImageMagick/issues/1623", - "https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91" - ] - }, - { - "VulnerabilityID": "CVE-2019-13391", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in MagickCore/fourier.c", - "Description": "In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7", - "https://github.com/ImageMagick/ImageMagick/issues/1588", - "https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984" - ] - }, - { - "VulnerabilityID": "CVE-2019-13454", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c", - "Description": "ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13454.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "http://www.securityfocus.com/bid/109099", - "https://github.com/ImageMagick/ImageMagick/commit/1ddcf2e4f28029a888cadef2e757509ef5047ad8", - "https://github.com/ImageMagick/ImageMagick/issues/1629", - "https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4" - ] - }, - { - "VulnerabilityID": "CVE-2019-14981", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c", - "Description": "In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-14981.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", - "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc", - "https://github.com/ImageMagick/ImageMagick/issues/1552", - "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256", - "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15139", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c", - "Description": "The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-15139.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", - "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7", - "https://github.com/ImageMagick/ImageMagick/issues/1553", - "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15140", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Use after free in ReadMATImage in coders/mat.c", - "Description": "coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-15140.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", - "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0", - "https://github.com/ImageMagick/ImageMagick/issues/1554", - "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-16708", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in magick/xwindow.c", - "Description": "ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16708.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1531", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16709", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in coders/dps.c", - "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16709.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", - "https://github.com/ImageMagick/ImageMagick/issues/1531" - ] - }, - { - "VulnerabilityID": "CVE-2019-16710", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in coders/dot.c", - "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16710.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1528", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16711", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c", - "Description": "ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16711.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1542", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16712", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c", - "Description": "ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16712.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1557" - ] - }, - { - "VulnerabilityID": "CVE-2019-16713", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in coders/dot.c", - "Description": "ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16713.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1558", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19949", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c", - "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-19949.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", - "https://github.com/ImageMagick/ImageMagick/issues/1561", - "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-7175", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: memory leak in function DecodeImage in coders/pcd.c", - "Description": "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-7175.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", - "https://github.com/ImageMagick/ImageMagick/issues/1450" - ] - }, - { - "VulnerabilityID": "CVE-2019-7395", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the WritePSDChannel function in coders/psd.c", - "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "http://www.securityfocus.com/bid/106850", - "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06", - "https://github.com/ImageMagick/ImageMagick/issues/1451" - ] - }, - { - "VulnerabilityID": "CVE-2019-7396", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the ReadSIXELImage function in coders/sixel.c", - "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://www.securityfocus.com/bid/106849", - "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce", - "https://github.com/ImageMagick/ImageMagick/issues/1452", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-7397", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c", - "Description": "In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.", - "Severity": "MEDIUM", - "References": [ - "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1", - "http://linux.oracle.com/cve/CVE-2019-7397.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "http://www.securityfocus.com/bid/106847", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", - "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82", - "https://github.com/ImageMagick/ImageMagick/issues/1454" - ] - }, - { - "VulnerabilityID": "CVE-2019-7398", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c", - "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-7398.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "http://www.securityfocus.com/bid/106848", - "https://github.com/ImageMagick/ImageMagick/issues/1453" - ] - }, - { - "VulnerabilityID": "CVE-2020-10251", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: out-of-bounds read in ReadHEICImageByID function in coders/heic.c", - "Description": "In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/ImageMagick/ImageMagick/issues/1859" - ] - }, - { - "VulnerabilityID": "CVE-2005-0406", - "PkgName": "imagemagick-6-common", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Description": "A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.", - "Severity": "LOW", - "References": [ - "http://seclists.org/lists/fulldisclosure/2005/Feb/0343.html", - "http://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt" - ] - }, - { - "VulnerabilityID": "CVE-2018-15607", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: CPU Exhaustion via crafted input file", - "Description": "In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.", - "Severity": "HIGH", - "References": [ - "http://linux.oracle.com/cve/CVE-2018-15607.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/105137", - "https://github.com/ImageMagick/ImageMagick/issues/1255", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-11470", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: denial of service in cineon parsing component", - "Description": "The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.", - "Severity": "HIGH", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11470.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", - "https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957", - "https://github.com/ImageMagick/ImageMagick/issues/1472", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19948", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c", - "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.", - "Severity": "HIGH", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-19948.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", - "https://github.com/ImageMagick/ImageMagick/issues/1562", - "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" - ] - }, - { - "VulnerabilityID": "CVE-2008-3134", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "GraphicsMagick/ImageMagick: multiple crash or DoS issues", - "Description": "Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html", - "http://secunia.com/advisories/30879", - "http://secunia.com/advisories/32151", - "http://sourceforge.net/forum/forum.php?forum_id=841176", - "http://sourceforge.net/project/shownotes.php?release_id=610253", - "http://www.securityfocus.com/bid/30055", - "http://www.securitytracker.com/id?1020413", - "http://www.vupen.com/english/advisories/2008/1984/references", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3134", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/43511", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/43513" - ] - }, - { - "VulnerabilityID": "CVE-2016-8678", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Heap-buffer overflow in IsPixelMonochrome", - "Description": "The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says \"This is a Q64 issue and we do not support Q64.\"", - "Severity": "MEDIUM", - "References": [ - "http://www.openwall.com/lists/oss-security/2016/10/16/2", - "http://www.openwall.com/lists/oss-security/2016/12/08/18", - "http://www.securityfocus.com/bid/93599", - "https://bugzilla.redhat.com/show_bug.cgi?id=1385694", - "https://github.com/ImageMagick/ImageMagick/issues/272" - ] - }, - { - "VulnerabilityID": "CVE-2017-11754", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in WritePICONImage function", - "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/ImageMagick/ImageMagick/issues/633" - ] - }, - { - "VulnerabilityID": "CVE-2017-11755", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call", - "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/ImageMagick/ImageMagick/issues/634" - ] - }, - { - "VulnerabilityID": "CVE-2017-7275", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866)", - "Description": "The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/97166", - "https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/", - "https://github.com/ImageMagick/ImageMagick/issues/271" - ] - }, - { - "VulnerabilityID": "CVE-2019-10649", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in SVGKeyValuePairs of coders/svg.c that leads to denial of service via crafted image file", - "Description": "In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107645", - "https://github.com/ImageMagick/ImageMagick/issues/1533", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-11472", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component", - "Description": "ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11472.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", - "https://github.com/ImageMagick/ImageMagick/issues/1546", - "https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-11597", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure", - "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11597.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108102", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", - "https://github.com/ImageMagick/ImageMagick/issues/1555", - "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-11598", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure", - "Description": "In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11598.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108102", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", - "https://github.com/ImageMagick/ImageMagick/issues/1540", - "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-12974", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service", - "Description": "A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12974.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", - "https://github.com/ImageMagick/ImageMagick/issues/1515" - ] - }, - { - "VulnerabilityID": "CVE-2019-12975", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c", - "Description": "ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12975.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1517" - ] - }, - { - "VulnerabilityID": "CVE-2019-12976", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c", - "Description": "ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12976.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1520" - ] - }, - { - "VulnerabilityID": "CVE-2019-12977", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: use of uninitialised value in function WriteJP2Image in coders/jp2.c", - "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the WriteJP2Image function in coders/jp2.c.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1518" - ] - }, - { - "VulnerabilityID": "CVE-2019-12978", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c", - "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the ReadPANGOImage function in coders/pango.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12978.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1519" - ] - }, - { - "VulnerabilityID": "CVE-2019-12979", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c", - "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12979.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1522" - ] - }, - { - "VulnerabilityID": "CVE-2019-13135", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: a \"use of uninitialized value\" vulnerability in the function ReadCUTImage leading to a crash and DoS", - "Description": "ImageMagick before 7.0.8-50 has a \"use of uninitialized value\" vulnerability in the function ReadCUTImage in coders/cut.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13135.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", - "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d", - "https://github.com/ImageMagick/ImageMagick/issues/1599", - "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13137", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: a memory leak vulnerability in the function ReadPSImage in coders/ps.c", - "Description": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34", - "https://github.com/ImageMagick/ImageMagick/issues/1601", - "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b" - ] - }, - { - "VulnerabilityID": "CVE-2019-13295", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13295.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", - "https://github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc", - "https://github.com/ImageMagick/ImageMagick/issues/1608", - "https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13297", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13297.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", - "https://github.com/ImageMagick/ImageMagick/commit/604588fc35c7585abb7a9e71f69bb82e4389fefc", - "https://github.com/ImageMagick/ImageMagick/issues/1609", - "https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13300", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13300.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a", - "https://github.com/ImageMagick/ImageMagick/issues/1586", - "https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450" - ] - }, - { - "VulnerabilityID": "CVE-2019-13301", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks in AcquireMagickMemory", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13301.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025", - "https://github.com/ImageMagick/ImageMagick/issues/1585", - "https://github.com/ImageMagick/ImageMagick/issues/1589" - ] - }, - { - "VulnerabilityID": "CVE-2019-13304", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment", - "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13304.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", - "https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e", - "https://github.com/ImageMagick/ImageMagick/issues/1614", - "https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13305", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error", - "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13305.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", - "https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888", - "https://github.com/ImageMagick/ImageMagick/issues/1613", - "https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13306", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors", - "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13306.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", - "https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd", - "https://github.com/ImageMagick/ImageMagick/issues/1612", - "https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13307", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13307.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48", - "https://github.com/ImageMagick/ImageMagick/issues/1615", - "https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe" - ] - }, - { - "VulnerabilityID": "CVE-2019-13308", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow in MagickCore/fourier.c in ComplexImage", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/61135001a625364e29bdce83832f043eebde7b5a", - "https://github.com/ImageMagick/ImageMagick/issues/1595", - "https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01" - ] - }, - { - "VulnerabilityID": "CVE-2019-13309", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13309.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", - "https://github.com/ImageMagick/ImageMagick/issues/1616", - "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" - ] - }, - { - "VulnerabilityID": "CVE-2019-13310", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13310.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", - "https://github.com/ImageMagick/ImageMagick/issues/1616", - "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" - ] - }, - { - "VulnerabilityID": "CVE-2019-13311", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13311.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/4a334bbf5584de37c6f5a47c380a531c8c4b140a", - "https://github.com/ImageMagick/ImageMagick/issues/1623", - "https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91" - ] - }, - { - "VulnerabilityID": "CVE-2019-13391", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in MagickCore/fourier.c", - "Description": "In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7", - "https://github.com/ImageMagick/ImageMagick/issues/1588", - "https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984" - ] - }, - { - "VulnerabilityID": "CVE-2019-13454", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c", - "Description": "ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13454.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "http://www.securityfocus.com/bid/109099", - "https://github.com/ImageMagick/ImageMagick/commit/1ddcf2e4f28029a888cadef2e757509ef5047ad8", - "https://github.com/ImageMagick/ImageMagick/issues/1629", - "https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4" - ] - }, - { - "VulnerabilityID": "CVE-2019-14981", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c", - "Description": "In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-14981.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", - "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc", - "https://github.com/ImageMagick/ImageMagick/issues/1552", - "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256", - "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15139", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c", - "Description": "The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-15139.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", - "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7", - "https://github.com/ImageMagick/ImageMagick/issues/1553", - "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15140", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Use after free in ReadMATImage in coders/mat.c", - "Description": "coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-15140.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", - "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0", - "https://github.com/ImageMagick/ImageMagick/issues/1554", - "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-16708", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in magick/xwindow.c", - "Description": "ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16708.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1531", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16709", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in coders/dps.c", - "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16709.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", - "https://github.com/ImageMagick/ImageMagick/issues/1531" - ] - }, - { - "VulnerabilityID": "CVE-2019-16710", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in coders/dot.c", - "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16710.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1528", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16711", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c", - "Description": "ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16711.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1542", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16712", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c", - "Description": "ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16712.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1557" - ] - }, - { - "VulnerabilityID": "CVE-2019-16713", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in coders/dot.c", - "Description": "ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16713.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1558", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19949", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c", - "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-19949.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", - "https://github.com/ImageMagick/ImageMagick/issues/1561", - "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-7175", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: memory leak in function DecodeImage in coders/pcd.c", - "Description": "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-7175.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", - "https://github.com/ImageMagick/ImageMagick/issues/1450" - ] - }, - { - "VulnerabilityID": "CVE-2019-7395", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the WritePSDChannel function in coders/psd.c", - "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "http://www.securityfocus.com/bid/106850", - "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06", - "https://github.com/ImageMagick/ImageMagick/issues/1451" - ] - }, - { - "VulnerabilityID": "CVE-2019-7396", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the ReadSIXELImage function in coders/sixel.c", - "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://www.securityfocus.com/bid/106849", - "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce", - "https://github.com/ImageMagick/ImageMagick/issues/1452", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-7397", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c", - "Description": "In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.", - "Severity": "MEDIUM", - "References": [ - "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1", - "http://linux.oracle.com/cve/CVE-2019-7397.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "http://www.securityfocus.com/bid/106847", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", - "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82", - "https://github.com/ImageMagick/ImageMagick/issues/1454" - ] - }, - { - "VulnerabilityID": "CVE-2019-7398", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c", - "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-7398.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "http://www.securityfocus.com/bid/106848", - "https://github.com/ImageMagick/ImageMagick/issues/1453" - ] - }, - { - "VulnerabilityID": "CVE-2020-10251", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: out-of-bounds read in ReadHEICImageByID function in coders/heic.c", - "Description": "In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/ImageMagick/ImageMagick/issues/1859" - ] - }, - { - "VulnerabilityID": "CVE-2005-0406", - "PkgName": "imagemagick-6.q16", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Description": "A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.", - "Severity": "LOW", - "References": [ - "http://seclists.org/lists/fulldisclosure/2005/Feb/0343.html", - "http://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt" - ] - }, - { - "VulnerabilityID": "CVE-2016-1585", - "PkgName": "libapparmor1", - "InstalledVersion": "2.13.2-10", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Description": "In all versions of AppArmor mount rules are accidentally widened when compiled.", - "Severity": "HIGH", - "References": [ - "https://bugs.launchpad.net/apparmor/+bug/1597017" - ] - }, - { - "VulnerabilityID": "CVE-2011-3374", - "PkgName": "libapt-pkg5.0", - "InstalledVersion": "1.8.2", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", - "Severity": "MEDIUM", - "References": [ - "https://access.redhat.com/security/cve/cve-2011-3374", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", - "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", - "https://security-tracker.debian.org/tracker/CVE-2011-3374", - "https://snyk.io/vuln/SNYK-LINUX-APT-116518" - ] - }, - { - "VulnerabilityID": "CVE-2018-12886", - "PkgName": "libasan5", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", - "https://www.gnu.org/software/gcc/gcc-8/changes.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15847", - "PkgName": "libasan5", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", - "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" - ] - }, - { - "VulnerabilityID": "CVE-2018-12886", - "PkgName": "libatomic1", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", - "https://www.gnu.org/software/gcc/gcc-8/changes.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15847", - "PkgName": "libatomic1", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", - "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" - ] - }, - { - "VulnerabilityID": "CVE-2017-6519", - "PkgName": "libavahi-client3", - "InstalledVersion": "0.7-4", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "avahi: Multicast DNS responds to unicast queries outside of local network", - "Description": "avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2017-6519.html", - "http://linux.oracle.com/errata/ELSA-2020-1176.html", - "https://bugzilla.redhat.com/show_bug.cgi?id=1426712", - "https://github.com/lathiat/avahi/issues/203", - "https://github.com/lathiat/avahi/issues/203#issuecomment-449536790", - "https://usn.ubuntu.com/3876-1/", - "https://usn.ubuntu.com/3876-2/", - "https://www.kb.cert.org/vuls/id/550620", - "https://www.secfu.net/advisories" - ] - }, - { - "VulnerabilityID": "CVE-2017-6519", - "PkgName": "libavahi-common-data", - "InstalledVersion": "0.7-4", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "avahi: Multicast DNS responds to unicast queries outside of local network", - "Description": "avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2017-6519.html", - "http://linux.oracle.com/errata/ELSA-2020-1176.html", - "https://bugzilla.redhat.com/show_bug.cgi?id=1426712", - "https://github.com/lathiat/avahi/issues/203", - "https://github.com/lathiat/avahi/issues/203#issuecomment-449536790", - "https://usn.ubuntu.com/3876-1/", - "https://usn.ubuntu.com/3876-2/", - "https://www.kb.cert.org/vuls/id/550620", - "https://www.secfu.net/advisories" - ] - }, - { - "VulnerabilityID": "CVE-2017-6519", - "PkgName": "libavahi-common3", - "InstalledVersion": "0.7-4", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "avahi: Multicast DNS responds to unicast queries outside of local network", - "Description": "avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2017-6519.html", - "http://linux.oracle.com/errata/ELSA-2020-1176.html", - "https://bugzilla.redhat.com/show_bug.cgi?id=1426712", - "https://github.com/lathiat/avahi/issues/203", - "https://github.com/lathiat/avahi/issues/203#issuecomment-449536790", - "https://usn.ubuntu.com/3876-1/", - "https://usn.ubuntu.com/3876-2/", - "https://www.kb.cert.org/vuls/id/550620", - "https://www.secfu.net/advisories" - ] - }, - { - "VulnerabilityID": "CVE-2017-13716", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Memory leak with the C++ symbol demangler routine in libiberty", - "Description": "The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).", - "Severity": "HIGH", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=22009" - ] - }, - { - "VulnerabilityID": "CVE-2018-12699", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer overflow in finish_stab in stabs.c", - "Description": "finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.", - "Severity": "HIGH", - "References": [ - "http://www.securityfocus.com/bid/104540", - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" - ] - }, - { - "VulnerabilityID": "CVE-2018-1000876", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: integer overflow leads to heap-based buffer overflow in objdump", - "Description": "binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2018-1000876.html", - "http://linux.oracle.com/errata/ELSA-2019-2075.html", - "http://www.securityfocus.com/bid/106304", - "https://access.redhat.com/errata/RHSA-2019:2075", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23994", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f" - ] - }, - { - "VulnerabilityID": "CVE-2018-12697", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c.", - "Description": "A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2018-12697.html", - "http://linux.oracle.com/errata/ELSA-2019-2075.html", - "http://www.securityfocus.com/bid/104538", - "https://access.redhat.com/errata/RHSA-2019:2075", - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" - ] - }, - { - "VulnerabilityID": "CVE-2018-12698", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: excessive memory consumption in demangle_template in cplus-dem.c", - "Description": "demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the \"Create an array for saving the template argument values\" XNEWVEC call. This can occur during execution of objdump.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/104539", - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" - ] - }, - { - "VulnerabilityID": "CVE-2018-12700", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack Exhaustion in debug_write_type in debug.c", - "Description": "A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/104541", - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" - ] - }, - { - "VulnerabilityID": "CVE-2018-12934", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c", - "Description": "remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.", - "Severity": "MEDIUM", - "References": [ - "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23059", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-17358", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23686" - ] - }, - { - "VulnerabilityID": "CVE-2018-17359", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: invalid memory access in bfd_zalloc in opncls.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23686" - ] - }, - { - "VulnerabilityID": "CVE-2018-17360", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23685" - ] - }, - { - "VulnerabilityID": "CVE-2018-17794", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted input", - "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-17985", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack consumption problem caused by the cplus_demangle_type", - "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87335" - ] - }, - { - "VulnerabilityID": "CVE-2018-18309", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: invalid memory address dereference in read_reloc in reloc.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105692", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23770", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0930cb3021b8078b34cf216e79eb8608d017864f" - ] - }, - { - "VulnerabilityID": "CVE-2018-18483", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service", - "Description": "The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105689", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87602", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23767" - ] - }, - { - "VulnerabilityID": "CVE-2018-18484", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack exhaustion in cp-demangle.c allows for denial of service", - "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105693", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87636" - ] - }, - { - "VulnerabilityID": "CVE-2018-18605", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c", - "Description": "A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105754", - "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18605", - "https://security.netapp.com/advisory/ntap-20190307-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23804", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ab419ddbb2cdd17ca83618990f2cacf904ce1d61" - ] - }, - { - "VulnerabilityID": "CVE-2018-18606", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c", - "Description": "An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105754", - "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18606", - "https://security.netapp.com/advisory/ntap-20190307-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23806", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=45a0eaf77022963d639d6d19871dbab7b79703fc" - ] - }, - { - "VulnerabilityID": "CVE-2018-18607", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c", - "Description": "An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/105754", - "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18607", - "https://security.netapp.com/advisory/ntap-20190307-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23805", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=102def4da826b3d9e169741421e5e67e8731909a" - ] - }, - { - "VulnerabilityID": "CVE-2018-18700", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demangle.c", - "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-18701", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c", - "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-19931", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of service", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106144", - "https://security.gentoo.org/glsa/201908-01", - "https://security.netapp.com/advisory/ntap-20190221-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23942", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5f60af5d24d181371d67534fa273dd221df20c07" - ] - }, - { - "VulnerabilityID": "CVE-2018-19932", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106144", - "https://security.gentoo.org/glsa/201908-01", - "https://security.netapp.com/advisory/ntap-20190221-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23932", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=beab453223769279cc1cef68a1622ab8978641f7" - ] - }, - { - "VulnerabilityID": "CVE-2018-20002", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c", - "Description": "The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106142", - "https://security.gentoo.org/glsa/201908-01", - "https://security.netapp.com/advisory/ntap-20190221-0004/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23952", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c2f5dc30afa34696f2da0081c4ac50b958ecb0e9", - "https://support.f5.com/csp/article/K62602089" - ] - }, - { - "VulnerabilityID": "CVE-2018-20623", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Use-after-free in the error function", - "Description": "In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/106370", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24049", - "https://support.f5.com/csp/article/K38336243" - ] - }, - { - "VulnerabilityID": "CVE-2018-20651", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of service", - "Description": "A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106440", - "https://security.gentoo.org/glsa/201908-01", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24041", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=54025d5812ff100f5f0654eb7e1ffd50f2e37f5f", - "https://support.f5.com/csp/article/K38336243" - ] - }, - { - "VulnerabilityID": "CVE-2018-20671", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Integer overflow in load_specific_debug_section function", - "Description": "load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/106457", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24005", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11fa9f134fd658075c6f74499c780df045d9e9ca" - ] - }, - { - "VulnerabilityID": "CVE-2018-20673", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "libiberty: Integer overflow in demangle_template() function", - "Description": "The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for \"Create an array for saving the template argument values\") that can trigger a heap-based buffer overflow, as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106454", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24039" - ] - }, - { - "VulnerabilityID": "CVE-2018-20712", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "libiberty: heap-based buffer over-read in d_expression_1", - "Description": "A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106563", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24043", - "https://support.f5.com/csp/article/K38336243" - ] - }, - { - "VulnerabilityID": "CVE-2018-9138", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty", - "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type.", - "Severity": "MEDIUM", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=23008", - "https://usn.ubuntu.com/4326-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-9996", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Stack-overflow in libiberty/cplus-dem.c causes crash", - "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/103733", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010180", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution", - "Description": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", - "http://www.securityfocus.com/bid/109367", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23657" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010204", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service", - "Description": "GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190822-0001/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=23765" - ] - }, - { - "VulnerabilityID": "CVE-2019-12972", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\\0' character.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108903", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24689", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=890f750a3b053532a4b839a2dd6243076de12031" - ] - }, - { - "VulnerabilityID": "CVE-2019-14250", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow", - "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/109354", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924", - "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html", - "https://security.netapp.com/advisory/ntap-20190822-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2019-14444", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: integer overflow in function apply_relocation in readelf.c", - "Description": "apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190822-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24829" - ] - }, - { - "VulnerabilityID": "CVE-2019-17450", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: denial of service via crafted ELF file", - "Description": "find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20191024-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25078" - ] - }, - { - "VulnerabilityID": "CVE-2019-17451", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20191024-0002/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25070", - "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=336bfbeb1848f4b9558456fdcf283ee8a32d7fd1" - ] - }, - { - "VulnerabilityID": "CVE-2019-9070", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c", - "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107147", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89395", - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24229", - "https://support.f5.com/csp/article/K13534168" - ] - }, - { - "VulnerabilityID": "CVE-2019-9071", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c", - "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107147", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394", - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24227", - "https://support.f5.com/csp/article/K02884135" - ] - }, - { - "VulnerabilityID": "CVE-2019-9073", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24233", - "https://support.f5.com/csp/article/K37121474" - ] - }, - { - "VulnerabilityID": "CVE-2019-9074", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: out-of-bound read in function bfd_getl32 in libbfd.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24235", - "https://support.f5.com/csp/article/K09092524" - ] - }, - { - "VulnerabilityID": "CVE-2019-9075", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c", - "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24236", - "https://support.f5.com/csp/article/K42059040" - ] - }, - { - "VulnerabilityID": "CVE-2019-9077", - "PkgName": "libbinutils", - "InstalledVersion": "2.31.1-16", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "binutils: heap-based buffer overflow in function process_mips_specific in readelf.c", - "Description": "An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107139", - "https://security.netapp.com/advisory/ntap-20190314-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=24243", - "https://support.f5.com/csp/article/K00056379" - ] - }, - { - "VulnerabilityID": "CVE-2019-20367", - "PkgName": "libbsd0", - "InstalledVersion": "0.9.1-2", - "Layer": { - "Digest": "sha256:dcf4d822b25e881858974ef05d5237438ea75e79629228030993e01d8685cf3a", - "DiffID": "sha256:aabbe8e7814eee19746f5888f3909b5bf6961801bede1448d41519cd1344b78a" - }, - "Description": "nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab).", - "Severity": "MEDIUM", - "References": [ - "https://gitlab.freedesktop.org/libbsd/libbsd/commit/9d917aad37778a9f4a96ba358415f077f3f36f3b", - "https://lists.freedesktop.org/archives/libbsd/2019-August/000229.html", - "https://usn.ubuntu.com/4243-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010022", - "PkgName": "libc-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: stack guard protection bypass", - "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard.", - "Severity": "HIGH", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850" - ] - }, - { - "VulnerabilityID": "CVE-2020-1752", - "PkgName": "libc-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: use-after-free in glob() function when expanding ~user", - "Description": "A use-after-free vulnerability was found in glibc in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution.", - "Severity": "HIGH" - }, - { - "VulnerabilityID": "CVE-2010-4051", - "PkgName": "libc-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "CVE-2010-4052 glibc: De-recursivise regular expression engine", - "Description": "The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a \"RE_DUP_MAX overflow.\"", - "Severity": "MEDIUM", - "References": [ - "http://cxib.net/stuff/proftpd.gnu.c", - "http://seclists.org/fulldisclosure/2011/Jan/78", - "http://secunia.com/advisories/42547", - "http://securityreason.com/achievement_securityalert/93", - "http://securityreason.com/securityalert/8003", - "http://securitytracker.com/id?1024832", - "http://www.exploit-db.com/exploits/15935", - "http://www.kb.cert.org/vuls/id/912279", - "http://www.securityfocus.com/archive/1/515589/100/0/threaded", - "http://www.securityfocus.com/bid/45233", - "https://bugzilla.redhat.com/show_bug.cgi?id=645859" - ] - }, - { - "VulnerabilityID": "CVE-2010-4052", - "PkgName": "libc-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "CVE-2010-4051 CVE-2010-4052 glibc: De-recursivise regular expression engine", - "Description": "Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.", - "Severity": "MEDIUM", - "References": [ - "http://cxib.net/stuff/proftpd.gnu.c", - "http://seclists.org/fulldisclosure/2011/Jan/78", - "http://secunia.com/advisories/42547", - "http://securityreason.com/achievement_securityalert/93", - "http://securityreason.com/securityalert/8003", - "http://securitytracker.com/id?1024832", - "http://www.exploit-db.com/exploits/15935", - "http://www.kb.cert.org/vuls/id/912279", - "http://www.securityfocus.com/archive/1/515589/100/0/threaded", - "http://www.securityfocus.com/bid/45233", - "https://bugzilla.redhat.com/show_bug.cgi?id=645859" - ] - }, - { - "VulnerabilityID": "CVE-2010-4756", - "PkgName": "libc-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", - "Description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "Severity": "MEDIUM", - "References": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223" - ] - }, - { - "VulnerabilityID": "CVE-2016-10228", - "PkgName": "libc-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: iconv program can hang when invoked with the -c option", - "Description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and earlier, when invoked with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", - "Severity": "MEDIUM", - "References": [ - "http://openwall.com/lists/oss-security/2017/03/01/10", - "http://www.securityfocus.com/bid/96525", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519" - ] - }, - { - "VulnerabilityID": "CVE-2018-20796", - "PkgName": "libc-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "Description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107160", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010023", - "PkgName": "libc-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", - "Description": "GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/109167", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support\u0026amp;utm_medium=RSS" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010024", - "PkgName": "libc-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: ASLR bypass using cache of thread stack and heap", - "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/109162", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010025", - "PkgName": "libc-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: information disclosure of heap addresses of pthread_created thread", - "Description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is \"ASLR bypass itself is not a vulnerability.\"", - "Severity": "MEDIUM", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853" - ] - }, - { - "VulnerabilityID": "CVE-2019-9192", - "PkgName": "libc-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "Description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "Severity": "MEDIUM", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS" - ] - }, - { - "VulnerabilityID": "CVE-2020-1751", - "PkgName": "libc-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: array overflow in backtrace functions for powerpc", - "Description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", - "Severity": "MEDIUM", - "References": [ - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25423" - ] - }, - { - "VulnerabilityID": "CVE-2020-6096", - "PkgName": "libc-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", - "Description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", - "Severity": "MEDIUM", - "References": [ - "https://sourceware.org/bugzilla/attachment.cgi?id=12334", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25620" - ] - }, - { - "VulnerabilityID": "CVE-2019-19126", - "PkgName": "libc-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", - "Description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", - "Severity": "LOW", - "References": [ - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25204" - ] - }, - { - "VulnerabilityID": "CVE-2020-10029", - "PkgName": "libc-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", - "Description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", - "Severity": "LOW", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", - "https://security.netapp.com/advisory/ntap-20200327-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010022", - "PkgName": "libc-dev-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: stack guard protection bypass", - "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard.", - "Severity": "HIGH", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850" - ] - }, - { - "VulnerabilityID": "CVE-2020-1752", - "PkgName": "libc-dev-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: use-after-free in glob() function when expanding ~user", - "Description": "A use-after-free vulnerability was found in glibc in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution.", - "Severity": "HIGH" - }, - { - "VulnerabilityID": "CVE-2010-4051", - "PkgName": "libc-dev-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "CVE-2010-4052 glibc: De-recursivise regular expression engine", - "Description": "The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a \"RE_DUP_MAX overflow.\"", - "Severity": "MEDIUM", - "References": [ - "http://cxib.net/stuff/proftpd.gnu.c", - "http://seclists.org/fulldisclosure/2011/Jan/78", - "http://secunia.com/advisories/42547", - "http://securityreason.com/achievement_securityalert/93", - "http://securityreason.com/securityalert/8003", - "http://securitytracker.com/id?1024832", - "http://www.exploit-db.com/exploits/15935", - "http://www.kb.cert.org/vuls/id/912279", - "http://www.securityfocus.com/archive/1/515589/100/0/threaded", - "http://www.securityfocus.com/bid/45233", - "https://bugzilla.redhat.com/show_bug.cgi?id=645859" - ] - }, - { - "VulnerabilityID": "CVE-2010-4052", - "PkgName": "libc-dev-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "CVE-2010-4051 CVE-2010-4052 glibc: De-recursivise regular expression engine", - "Description": "Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.", - "Severity": "MEDIUM", - "References": [ - "http://cxib.net/stuff/proftpd.gnu.c", - "http://seclists.org/fulldisclosure/2011/Jan/78", - "http://secunia.com/advisories/42547", - "http://securityreason.com/achievement_securityalert/93", - "http://securityreason.com/securityalert/8003", - "http://securitytracker.com/id?1024832", - "http://www.exploit-db.com/exploits/15935", - "http://www.kb.cert.org/vuls/id/912279", - "http://www.securityfocus.com/archive/1/515589/100/0/threaded", - "http://www.securityfocus.com/bid/45233", - "https://bugzilla.redhat.com/show_bug.cgi?id=645859" - ] - }, - { - "VulnerabilityID": "CVE-2010-4756", - "PkgName": "libc-dev-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", - "Description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "Severity": "MEDIUM", - "References": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223" - ] - }, - { - "VulnerabilityID": "CVE-2016-10228", - "PkgName": "libc-dev-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: iconv program can hang when invoked with the -c option", - "Description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and earlier, when invoked with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", - "Severity": "MEDIUM", - "References": [ - "http://openwall.com/lists/oss-security/2017/03/01/10", - "http://www.securityfocus.com/bid/96525", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519" - ] - }, - { - "VulnerabilityID": "CVE-2018-20796", - "PkgName": "libc-dev-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "Description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107160", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010023", - "PkgName": "libc-dev-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", - "Description": "GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/109167", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support\u0026amp;utm_medium=RSS" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010024", - "PkgName": "libc-dev-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: ASLR bypass using cache of thread stack and heap", - "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/109162", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010025", - "PkgName": "libc-dev-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: information disclosure of heap addresses of pthread_created thread", - "Description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is \"ASLR bypass itself is not a vulnerability.\"", - "Severity": "MEDIUM", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853" - ] - }, - { - "VulnerabilityID": "CVE-2019-9192", - "PkgName": "libc-dev-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "Description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "Severity": "MEDIUM", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS" - ] - }, - { - "VulnerabilityID": "CVE-2020-1751", - "PkgName": "libc-dev-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: array overflow in backtrace functions for powerpc", - "Description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", - "Severity": "MEDIUM", - "References": [ - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25423" - ] - }, - { - "VulnerabilityID": "CVE-2020-6096", - "PkgName": "libc-dev-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", - "Description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", - "Severity": "MEDIUM", - "References": [ - "https://sourceware.org/bugzilla/attachment.cgi?id=12334", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25620" - ] - }, - { - "VulnerabilityID": "CVE-2019-19126", - "PkgName": "libc-dev-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", - "Description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", - "Severity": "LOW", - "References": [ - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25204" - ] - }, - { - "VulnerabilityID": "CVE-2020-10029", - "PkgName": "libc-dev-bin", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", - "Description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", - "Severity": "LOW", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", - "https://security.netapp.com/advisory/ntap-20200327-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010022", - "PkgName": "libc6", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: stack guard protection bypass", - "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard.", - "Severity": "HIGH", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850" - ] - }, - { - "VulnerabilityID": "CVE-2020-1752", - "PkgName": "libc6", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: use-after-free in glob() function when expanding ~user", - "Description": "A use-after-free vulnerability was found in glibc in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution.", - "Severity": "HIGH" - }, - { - "VulnerabilityID": "CVE-2010-4051", - "PkgName": "libc6", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "CVE-2010-4052 glibc: De-recursivise regular expression engine", - "Description": "The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a \"RE_DUP_MAX overflow.\"", - "Severity": "MEDIUM", - "References": [ - "http://cxib.net/stuff/proftpd.gnu.c", - "http://seclists.org/fulldisclosure/2011/Jan/78", - "http://secunia.com/advisories/42547", - "http://securityreason.com/achievement_securityalert/93", - "http://securityreason.com/securityalert/8003", - "http://securitytracker.com/id?1024832", - "http://www.exploit-db.com/exploits/15935", - "http://www.kb.cert.org/vuls/id/912279", - "http://www.securityfocus.com/archive/1/515589/100/0/threaded", - "http://www.securityfocus.com/bid/45233", - "https://bugzilla.redhat.com/show_bug.cgi?id=645859" - ] - }, - { - "VulnerabilityID": "CVE-2010-4052", - "PkgName": "libc6", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "CVE-2010-4051 CVE-2010-4052 glibc: De-recursivise regular expression engine", - "Description": "Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.", - "Severity": "MEDIUM", - "References": [ - "http://cxib.net/stuff/proftpd.gnu.c", - "http://seclists.org/fulldisclosure/2011/Jan/78", - "http://secunia.com/advisories/42547", - "http://securityreason.com/achievement_securityalert/93", - "http://securityreason.com/securityalert/8003", - "http://securitytracker.com/id?1024832", - "http://www.exploit-db.com/exploits/15935", - "http://www.kb.cert.org/vuls/id/912279", - "http://www.securityfocus.com/archive/1/515589/100/0/threaded", - "http://www.securityfocus.com/bid/45233", - "https://bugzilla.redhat.com/show_bug.cgi?id=645859" - ] - }, - { - "VulnerabilityID": "CVE-2010-4756", - "PkgName": "libc6", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", - "Description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "Severity": "MEDIUM", - "References": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223" - ] - }, - { - "VulnerabilityID": "CVE-2016-10228", - "PkgName": "libc6", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: iconv program can hang when invoked with the -c option", - "Description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and earlier, when invoked with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", - "Severity": "MEDIUM", - "References": [ - "http://openwall.com/lists/oss-security/2017/03/01/10", - "http://www.securityfocus.com/bid/96525", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519" - ] - }, - { - "VulnerabilityID": "CVE-2018-20796", - "PkgName": "libc6", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "Description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107160", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010023", - "PkgName": "libc6", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", - "Description": "GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/109167", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support\u0026amp;utm_medium=RSS" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010024", - "PkgName": "libc6", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: ASLR bypass using cache of thread stack and heap", - "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/109162", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010025", - "PkgName": "libc6", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: information disclosure of heap addresses of pthread_created thread", - "Description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is \"ASLR bypass itself is not a vulnerability.\"", - "Severity": "MEDIUM", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853" - ] - }, - { - "VulnerabilityID": "CVE-2019-9192", - "PkgName": "libc6", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "Description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "Severity": "MEDIUM", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS" - ] - }, - { - "VulnerabilityID": "CVE-2020-1751", - "PkgName": "libc6", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: array overflow in backtrace functions for powerpc", - "Description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", - "Severity": "MEDIUM", - "References": [ - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25423" - ] - }, - { - "VulnerabilityID": "CVE-2020-6096", - "PkgName": "libc6", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", - "Description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", - "Severity": "MEDIUM", - "References": [ - "https://sourceware.org/bugzilla/attachment.cgi?id=12334", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25620" - ] - }, - { - "VulnerabilityID": "CVE-2019-19126", - "PkgName": "libc6", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", - "Description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", - "Severity": "LOW", - "References": [ - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25204" - ] - }, - { - "VulnerabilityID": "CVE-2020-10029", - "PkgName": "libc6", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", - "Description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", - "Severity": "LOW", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", - "https://security.netapp.com/advisory/ntap-20200327-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010022", - "PkgName": "libc6-dev", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: stack guard protection bypass", - "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard.", - "Severity": "HIGH", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=22850" - ] - }, - { - "VulnerabilityID": "CVE-2020-1752", - "PkgName": "libc6-dev", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: use-after-free in glob() function when expanding ~user", - "Description": "A use-after-free vulnerability was found in glibc in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution.", - "Severity": "HIGH" - }, - { - "VulnerabilityID": "CVE-2010-4051", - "PkgName": "libc6-dev", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "CVE-2010-4052 glibc: De-recursivise regular expression engine", - "Description": "The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a \"RE_DUP_MAX overflow.\"", - "Severity": "MEDIUM", - "References": [ - "http://cxib.net/stuff/proftpd.gnu.c", - "http://seclists.org/fulldisclosure/2011/Jan/78", - "http://secunia.com/advisories/42547", - "http://securityreason.com/achievement_securityalert/93", - "http://securityreason.com/securityalert/8003", - "http://securitytracker.com/id?1024832", - "http://www.exploit-db.com/exploits/15935", - "http://www.kb.cert.org/vuls/id/912279", - "http://www.securityfocus.com/archive/1/515589/100/0/threaded", - "http://www.securityfocus.com/bid/45233", - "https://bugzilla.redhat.com/show_bug.cgi?id=645859" - ] - }, - { - "VulnerabilityID": "CVE-2010-4052", - "PkgName": "libc6-dev", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "CVE-2010-4051 CVE-2010-4052 glibc: De-recursivise regular expression engine", - "Description": "Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.", - "Severity": "MEDIUM", - "References": [ - "http://cxib.net/stuff/proftpd.gnu.c", - "http://seclists.org/fulldisclosure/2011/Jan/78", - "http://secunia.com/advisories/42547", - "http://securityreason.com/achievement_securityalert/93", - "http://securityreason.com/securityalert/8003", - "http://securitytracker.com/id?1024832", - "http://www.exploit-db.com/exploits/15935", - "http://www.kb.cert.org/vuls/id/912279", - "http://www.securityfocus.com/archive/1/515589/100/0/threaded", - "http://www.securityfocus.com/bid/45233", - "https://bugzilla.redhat.com/show_bug.cgi?id=645859" - ] - }, - { - "VulnerabilityID": "CVE-2010-4756", - "PkgName": "libc6-dev", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", - "Description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", - "Severity": "MEDIUM", - "References": [ - "http://cxib.net/stuff/glob-0day.c", - "http://securityreason.com/achievement_securityalert/89", - "http://securityreason.com/exploitalert/9223" - ] - }, - { - "VulnerabilityID": "CVE-2016-10228", - "PkgName": "libc6-dev", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: iconv program can hang when invoked with the -c option", - "Description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and earlier, when invoked with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", - "Severity": "MEDIUM", - "References": [ - "http://openwall.com/lists/oss-security/2017/03/01/10", - "http://www.securityfocus.com/bid/96525", - "https://sourceware.org/bugzilla/show_bug.cgi?id=19519" - ] - }, - { - "VulnerabilityID": "CVE-2018-20796", - "PkgName": "libc6-dev", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "Description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107160", - "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", - "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", - "https://security.netapp.com/advisory/ntap-20190315-0002/", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010023", - "PkgName": "libc6-dev", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", - "Description": "GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/109167", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", - "https://support.f5.com/csp/article/K11932200?utm_source=f5support\u0026amp;utm_medium=RSS" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010024", - "PkgName": "libc6-dev", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: ASLR bypass using cache of thread stack and heap", - "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/109162", - "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", - "https://support.f5.com/csp/article/K06046097" - ] - }, - { - "VulnerabilityID": "CVE-2019-1010025", - "PkgName": "libc6-dev", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: information disclosure of heap addresses of pthread_created thread", - "Description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is \"ASLR bypass itself is not a vulnerability.\"", - "Severity": "MEDIUM", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=22853" - ] - }, - { - "VulnerabilityID": "CVE-2019-9192", - "PkgName": "libc6-dev", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", - "Description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", - "Severity": "MEDIUM", - "References": [ - "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS" - ] - }, - { - "VulnerabilityID": "CVE-2020-1751", - "PkgName": "libc6-dev", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: array overflow in backtrace functions for powerpc", - "Description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", - "Severity": "MEDIUM", - "References": [ - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25423" - ] - }, - { - "VulnerabilityID": "CVE-2020-6096", - "PkgName": "libc6-dev", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", - "Description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", - "Severity": "MEDIUM", - "References": [ - "https://sourceware.org/bugzilla/attachment.cgi?id=12334", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25620" - ] - }, - { - "VulnerabilityID": "CVE-2019-19126", - "PkgName": "libc6-dev", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", - "Description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", - "Severity": "LOW", - "References": [ - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25204" - ] - }, - { - "VulnerabilityID": "CVE-2020-10029", - "PkgName": "libc6-dev", - "InstalledVersion": "2.28-10", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", - "Description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", - "Severity": "LOW", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", - "https://security.netapp.com/advisory/ntap-20200327-0003/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", - "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f" - ] - }, - { - "VulnerabilityID": "CVE-2017-7475", - "PkgName": "libcairo-gobject2", - "InstalledVersion": "1.16.0-4", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "cairo: NULL pointer dereference with a crafted font file", - "Description": "Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.", - "Severity": "MEDIUM", - "References": [ - "http://seclists.org/oss-sec/2017/q2/151", - "https://bugs.freedesktop.org/show_bug.cgi?id=100763", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475" - ] - }, - { - "VulnerabilityID": "CVE-2017-9814", - "PkgName": "libcairo-gobject2", - "InstalledVersion": "1.16.0-4", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "cairo: Out-of-bounds read due to mishandling of unexpected malloc(0) call", - "Description": "cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call.", - "Severity": "MEDIUM", - "References": [ - "https://bugs.freedesktop.org/show_bug.cgi?id=101547", - "https://security.gentoo.org/glsa/201904-01" - ] - }, - { - "VulnerabilityID": "CVE-2018-18064", - "PkgName": "libcairo-gobject2", - "InstalledVersion": "1.16.0-4", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document", - "Description": "cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).", - "Severity": "MEDIUM", - "References": [ - "https://gitlab.freedesktop.org/cairo/cairo/issues/341" - ] - }, - { - "VulnerabilityID": "CVE-2019-6461", - "PkgName": "libcairo-gobject2", - "InstalledVersion": "1.16.0-4", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "cairo: assertion problem in _cairo_arc_in_direction in cairo-arc.c", - "Description": "An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/TeamSeri0us/pocs/tree/master/gerbv", - "https://gitlab.freedesktop.org/cairo/cairo/issues/352" - ] - }, - { - "VulnerabilityID": "CVE-2019-6462", - "PkgName": "libcairo-gobject2", - "InstalledVersion": "1.16.0-4", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "cairo: infinite loop in the function _arc_error_normalized in the file cairo-arc.c", - "Description": "An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max_angle_for_tolerance_normalized.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/TeamSeri0us/pocs/tree/master/gerbv", - "https://gitlab.freedesktop.org/cairo/cairo/issues/353" - ] - }, - { - "VulnerabilityID": "CVE-2017-7475", - "PkgName": "libcairo2", - "InstalledVersion": "1.16.0-4", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "cairo: NULL pointer dereference with a crafted font file", - "Description": "Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.", - "Severity": "MEDIUM", - "References": [ - "http://seclists.org/oss-sec/2017/q2/151", - "https://bugs.freedesktop.org/show_bug.cgi?id=100763", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475" - ] - }, - { - "VulnerabilityID": "CVE-2017-9814", - "PkgName": "libcairo2", - "InstalledVersion": "1.16.0-4", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "cairo: Out-of-bounds read due to mishandling of unexpected malloc(0) call", - "Description": "cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call.", - "Severity": "MEDIUM", - "References": [ - "https://bugs.freedesktop.org/show_bug.cgi?id=101547", - "https://security.gentoo.org/glsa/201904-01" - ] - }, - { - "VulnerabilityID": "CVE-2018-18064", - "PkgName": "libcairo2", - "InstalledVersion": "1.16.0-4", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document", - "Description": "cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).", - "Severity": "MEDIUM", - "References": [ - "https://gitlab.freedesktop.org/cairo/cairo/issues/341" - ] - }, - { - "VulnerabilityID": "CVE-2019-6461", - "PkgName": "libcairo2", - "InstalledVersion": "1.16.0-4", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "cairo: assertion problem in _cairo_arc_in_direction in cairo-arc.c", - "Description": "An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/TeamSeri0us/pocs/tree/master/gerbv", - "https://gitlab.freedesktop.org/cairo/cairo/issues/352" - ] - }, - { - "VulnerabilityID": "CVE-2019-6462", - "PkgName": "libcairo2", - "InstalledVersion": "1.16.0-4", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "cairo: infinite loop in the function _arc_error_normalized in the file cairo-arc.c", - "Description": "An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max_angle_for_tolerance_normalized.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/TeamSeri0us/pocs/tree/master/gerbv", - "https://gitlab.freedesktop.org/cairo/cairo/issues/353" - ] - }, - { - "VulnerabilityID": "CVE-2018-12886", - "PkgName": "libcc1-0", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", - "https://www.gnu.org/software/gcc/gcc-8/changes.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15847", - "PkgName": "libcc1-0", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", - "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" - ] - }, - { - "VulnerabilityID": "CVE-2017-8871", - "PkgName": "libcroco3", - "InstalledVersion": "0.6.12-3", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "libcroco: Infinite loop in the cr_parser_parse_selector_core function", - "Description": "The cr_parser_parse_selector_core function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted CSS file.", - "Severity": "HIGH", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00043.html", - "https://bugzilla.gnome.org/show_bug.cgi?id=782649", - "https://www.exploit-db.com/exploits/42147/" - ] - }, - { - "VulnerabilityID": "CVE-2017-8834", - "PkgName": "libcroco3", - "InstalledVersion": "0.6.12-3", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "libcroco: Memory allocation failure in the cr_tknzr_parse_comment function", - "Description": "The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (memory allocation error) via a crafted CSS file.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00043.html", - "https://bugzilla.gnome.org/show_bug.cgi?id=782647", - "https://www.exploit-db.com/exploits/42147/" - ] - }, - { - "VulnerabilityID": "CVE-2014-8166", - "PkgName": "libcups2", - "InstalledVersion": "2.2.10-6+deb10u2", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "cups: code execution via unescape ANSI escape sequences", - "Description": "The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name.", - "Severity": "MEDIUM", - "References": [ - "http://www.openwall.com/lists/oss-security/2015/03/24/15", - "http://www.openwall.com/lists/oss-security/2015/03/24/2", - "http://www.securityfocus.com/bid/73300", - "https://bugzilla.redhat.com/show_bug.cgi?id=1084577" - ] - }, - { - "VulnerabilityID": "CVE-2020-3898", - "PkgName": "libcups2", - "InstalledVersion": "2.2.10-6+deb10u2", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "cups: heap based buffer overflow in libcups's ppdFindOption() in ppd-mark.c", - "Description": "No description is available for this CVE.", - "Severity": "MEDIUM" - }, - { - "VulnerabilityID": "CVE-2019-8842", - "PkgName": "libcups2", - "InstalledVersion": "2.2.10-6+deb10u2", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Severity": "UNKNOWN" - }, - { - "VulnerabilityID": "CVE-2013-0340", - "PkgName": "libexpat1", - "InstalledVersion": "2.2.6-2+deb10u1", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "expat: internal entity expansion", - "Description": "expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.", - "Severity": "MEDIUM", - "References": [ - "http://openwall.com/lists/oss-security/2013/02/22/3", - "http://securitytracker.com/id?1028213", - "http://www.openwall.com/lists/oss-security/2013/04/12/6", - "http://www.osvdb.org/90634", - "http://www.securityfocus.com/bid/58233", - "https://security.gentoo.org/glsa/201701-21" - ] - }, - { - "VulnerabilityID": "CVE-2018-12886", - "PkgName": "libgcc-8-dev", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", - "https://www.gnu.org/software/gcc/gcc-8/changes.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15847", - "PkgName": "libgcc-8-dev", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", - "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" - ] - }, - { - "VulnerabilityID": "CVE-2018-12886", - "PkgName": "libgcc1", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", - "https://www.gnu.org/software/gcc/gcc-8/changes.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15847", - "PkgName": "libgcc1", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", - "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" - ] - }, - { - "VulnerabilityID": "CVE-2018-6829", - "PkgName": "libgcrypt20", - "InstalledVersion": "1.8.4-5", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information", - "Description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", - "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", - "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", - "https://www.oracle.com/security-alerts/cpujan2020.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-12904", - "PkgName": "libgcrypt20", - "InstalledVersion": "1.8.4-5", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "Libgcrypt: physical addresses being available to other processes leads to a flush-and-reload side-channel attack", - "Description": "In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.)", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00049.html", - "https://dev.gnupg.org/T4541", - "https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020", - "https://github.com/gpg/libgcrypt/commit/daedbbb5541cd8ecda1459d3b843ea4d92788762", - "https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-12904.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13627", - "PkgName": "libgcrypt20", - "InstalledVersion": "1.8.4-5", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "libgcrypt: ECDSA timing attack in the libgcrypt20 cryptographic library", - "Description": "It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.", - "Severity": "LOW", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html", - "http://www.openwall.com/lists/oss-security/2019/10/02/2", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627", - "https://dev.gnupg.org/T4683", - "https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5", - "https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html", - "https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html", - "https://minerva.crocs.fi.muni.cz/", - "https://security-tracker.debian.org/tracker/CVE-2019-13627", - "https://security.gentoo.org/glsa/202003-32", - "https://usn.ubuntu.com/4236-1/", - "https://usn.ubuntu.com/4236-2/", - "https://usn.ubuntu.com/4236-3/" - ] - }, - { - "VulnerabilityID": "CVE-2012-0039", - "PkgName": "libglib2.0-0", - "InstalledVersion": "2.58.3-2+deb10u2", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "glib2: hash table collisions CPU usage DoS", - "Description": "** DISPUTED ** GLib 2.31.8 and earlier, when the g_str_hash function is used, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. NOTE: this issue may be disputed by the vendor; the existence of the g_str_hash function is not a vulnerability in the library, because callers of g_hash_table_new and g_hash_table_new_full can specify an arbitrary hash function that is appropriate for the application.", - "Severity": "MEDIUM", - "References": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655044", - "http://mail.gnome.org/archives/gtk-devel-list/2003-May/msg00111.html", - "http://openwall.com/lists/oss-security/2012/01/10/12", - "https://bugzilla.redhat.com/show_bug.cgi?id=772720" - ] - }, - { - "VulnerabilityID": "CVE-2011-3389", - "PkgName": "libgnutls30", - "InstalledVersion": "3.6.7-4+deb10u3", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)", - "Description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a \"BEAST\" attack.", - "Severity": "MEDIUM", - "References": [ - "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", - "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", - "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", - "http://curl.haxx.se/docs/adv_20120124B.html", - "http://downloads.asterisk.org/pub/security/AST-2016-001.html", - "http://ekoparty.org/2011/juliano-rizzo.php", - "http://eprint.iacr.org/2004/111", - "http://eprint.iacr.org/2006/136", - "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", - "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", - "http://linux.oracle.com/cve/CVE-2011-3389.html", - "http://linux.oracle.com/errata/ELSA-2011-1380.html", - "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", - "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", - "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", - "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", - "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", - "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", - "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", - "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", - "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2", - "http://marc.info/?l=bugtraq\u0026m=132872385320240\u0026w=2", - "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2", - "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2", - "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2", - "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2", - "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", - "http://osvdb.org/74829", - "http://rhn.redhat.com/errata/RHSA-2012-0508.html", - "http://rhn.redhat.com/errata/RHSA-2013-1455.html", - "http://secunia.com/advisories/45791", - "http://secunia.com/advisories/47998", - "http://secunia.com/advisories/48256", - "http://secunia.com/advisories/48692", - "http://secunia.com/advisories/48915", - "http://secunia.com/advisories/48948", - "http://secunia.com/advisories/49198", - "http://secunia.com/advisories/55322", - "http://secunia.com/advisories/55350", - "http://secunia.com/advisories/55351", - "http://security.gentoo.org/glsa/glsa-201203-02.xml", - "http://security.gentoo.org/glsa/glsa-201406-32.xml", - "http://support.apple.com/kb/HT4999", - "http://support.apple.com/kb/HT5001", - "http://support.apple.com/kb/HT5130", - "http://support.apple.com/kb/HT5281", - "http://support.apple.com/kb/HT5501", - "http://support.apple.com/kb/HT6150", - "http://technet.microsoft.com/security/advisory/2588513", - "http://vnhacker.blogspot.com/2011/09/beast.html", - "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", - "http://www.debian.org/security/2012/dsa-2398", - "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", - "http://www.ibm.com/developerworks/java/jdk/alerts/", - "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", - "http://www.insecure.cl/Beast-SSL.rar", - "http://www.kb.cert.org/vuls/id/864643", - "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", - "http://www.opera.com/docs/changelogs/mac/1151/", - "http://www.opera.com/docs/changelogs/mac/1160/", - "http://www.opera.com/docs/changelogs/unix/1151/", - "http://www.opera.com/docs/changelogs/unix/1160/", - "http://www.opera.com/docs/changelogs/windows/1151/", - "http://www.opera.com/docs/changelogs/windows/1160/", - "http://www.opera.com/support/kb/view/1004/", - "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", - "http://www.redhat.com/support/errata/RHSA-2011-1384.html", - "http://www.redhat.com/support/errata/RHSA-2012-0006.html", - "http://www.securityfocus.com/bid/49388", - "http://www.securityfocus.com/bid/49778", - "http://www.securitytracker.com/id/1029190", - "http://www.securitytracker.com/id?1025997", - "http://www.securitytracker.com/id?1026103", - "http://www.securitytracker.com/id?1026704", - "http://www.ubuntu.com/usn/USN-1263-1", - "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", - "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", - "https://bugzilla.novell.com/show_bug.cgi?id=719047", - "https://bugzilla.redhat.com/show_bug.cgi?id=737506", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", - "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", - "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", - "https://hermes.opensuse.org/messages/13154861", - "https://hermes.opensuse.org/messages/13155432", - "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", - "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752" - ] - }, - { - "VulnerabilityID": "CVE-2018-12886", - "PkgName": "libgomp1", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", - "https://www.gnu.org/software/gcc/gcc-8/changes.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15847", - "PkgName": "libgomp1", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", - "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" - ] - }, - { - "VulnerabilityID": "CVE-2018-5709", - "PkgName": "libgssapi-krb5-2", - "InstalledVersion": "1.17-3", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "krb5: integer overflow in dbentry-\u003en_key_data in kadmin/dbutil/dump.c", - "Description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable \"dbentry-\u003en_key_data\" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a \"u4\" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow" - ] - }, - { - "VulnerabilityID": "CVE-2004-0971", - "PkgName": "libgssapi-krb5-2", - "InstalledVersion": "1.17-3", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "security flaw", - "Description": "The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.", - "Severity": "LOW", - "References": [ - "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304", - "http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml", - "http://www.redhat.com/support/errata/RHSA-2005-012.html", - "http://www.securityfocus.com/bid/11289", - "http://www.trustix.org/errata/2004/0050", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583", - "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497" - ] - }, - { - "VulnerabilityID": "CVE-2019-12290", - "PkgName": "libidn2-0", - "InstalledVersion": "2.0.5-1+deb10u1", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Description": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.", - "Severity": "MEDIUM", - "References": [ - "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5", - "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de", - "https://gitlab.com/libidn/libidn2/merge_requests/71", - "https://usn.ubuntu.com/4168-1/" - ] - }, - { - "VulnerabilityID": "CVE-2012-2663", - "PkgName": "libip4tc0", - "InstalledVersion": "1.8.2-4", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "iptables: --syn flag bypass", - "Description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", - "Severity": "HIGH", - "References": [ - "http://www.spinics.net/lists/netfilter-devel/msg21248.html", - "https://bugzilla.redhat.com/show_bug.cgi?id=826702" - ] - }, - { - "VulnerabilityID": "CVE-2019-11360", - "PkgName": "libip4tc0", - "InstalledVersion": "1.8.2-4", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", - "Severity": "MEDIUM", - "References": [ - "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", - "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e" - ] - }, - { - "VulnerabilityID": "CVE-2018-12886", - "PkgName": "libitm1", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", - "https://www.gnu.org/software/gcc/gcc-8/changes.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15847", - "PkgName": "libitm1", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", - "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" - ] - }, - { - "VulnerabilityID": "CVE-2017-9937", - "PkgName": "libjbig0", - "InstalledVersion": "2.1-3.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "libtiff: memory malloc failure in tif_jbig.c could cause DOS.", - "Description": "In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack.", - "Severity": "MEDIUM", - "References": [ - "http://bugzilla.maptools.org/show_bug.cgi?id=2707", - "http://www.securityfocus.com/bid/99304" - ] - }, - { - "VulnerabilityID": "CVE-2019-2201", - "PkgName": "libjpeg62-turbo", - "InstalledVersion": "1:1.5.2-2", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "libjpeg-turbo: several integer overflows and subsequent segfaults when attempting to compress/decompress gigapixel images", - "Description": "In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-120551338", - "Severity": "CRITICAL", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00047.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00048.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y4QPASQPZO644STRFTLOD35RIRGWWRNI/", - "https://source.android.com/security/bulletin/2019-11-01", - "https://usn.ubuntu.com/4190-1/" - ] - }, - { - "VulnerabilityID": "CVE-2017-15232", - "PkgName": "libjpeg62-turbo", - "InstalledVersion": "1:1.5.2-2", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "libjpeg-turbo: NULL pointer dereference in jdpostct.c and jquant1.c", - "Description": "libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182", - "https://github.com/mozilla/mozjpeg/issues/268", - "https://usn.ubuntu.com/3706-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-1152", - "PkgName": "libjpeg62-turbo", - "InstalledVersion": "1:1.5.2-2", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "libjpeg-turbo: Divide by zero allows for denial of service via crafted BMP image", - "Description": "libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html", - "http://www.securityfocus.com/bid/104543", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1152", - "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6", - "https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html", - "https://usn.ubuntu.com/3706-1/", - "https://usn.ubuntu.com/3706-2/", - "https://www.tenable.com/security/research/tra-2018-17" - ] - }, - { - "VulnerabilityID": "CVE-2018-14498", - "PkgName": "libjpeg62-turbo", - "InstalledVersion": "1:1.5.2-2", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "libjpeg-turbo: heap-based buffer over-read via crafted 8-bit BMP in get_8bit_row in rdbmp.c leads to denial of service", - "Description": "get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2018-14498.html", - "http://linux.oracle.com/errata/ELSA-2019-3705.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14498", - "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9c78a04df4e44ef6487eee99c4258397f4fdca55", - "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/258", - "https://github.com/mozilla/mozjpeg/issues/299", - "https://lists.debian.org/debian-lts-announce/2019/03/msg00021.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7YP4QUEYGHI4Q7GIAVFVKWQ7DJMBYLU/" - ] - }, - { - "VulnerabilityID": "TEMP-0772585-D41D8C", - "PkgName": "libjson-glib-1.0-0", - "InstalledVersion": "1.4.4-2", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Severity": "LOW" - }, - { - "VulnerabilityID": "TEMP-0772585-D41D8C", - "PkgName": "libjson-glib-1.0-common", - "InstalledVersion": "1.4.4-2", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Severity": "LOW" - }, - { - "VulnerabilityID": "CVE-2018-5709", - "PkgName": "libk5crypto3", - "InstalledVersion": "1.17-3", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "krb5: integer overflow in dbentry-\u003en_key_data in kadmin/dbutil/dump.c", - "Description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable \"dbentry-\u003en_key_data\" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a \"u4\" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow" - ] - }, - { - "VulnerabilityID": "CVE-2004-0971", - "PkgName": "libk5crypto3", - "InstalledVersion": "1.17-3", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "security flaw", - "Description": "The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.", - "Severity": "LOW", - "References": [ - "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304", - "http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml", - "http://www.redhat.com/support/errata/RHSA-2005-012.html", - "http://www.securityfocus.com/bid/11289", - "http://www.trustix.org/errata/2004/0050", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583", - "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497" - ] - }, - { - "VulnerabilityID": "CVE-2018-5709", - "PkgName": "libkrb5-3", - "InstalledVersion": "1.17-3", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "krb5: integer overflow in dbentry-\u003en_key_data in kadmin/dbutil/dump.c", - "Description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable \"dbentry-\u003en_key_data\" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a \"u4\" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow" - ] - }, - { - "VulnerabilityID": "CVE-2004-0971", - "PkgName": "libkrb5-3", - "InstalledVersion": "1.17-3", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "security flaw", - "Description": "The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.", - "Severity": "LOW", - "References": [ - "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304", - "http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml", - "http://www.redhat.com/support/errata/RHSA-2005-012.html", - "http://www.securityfocus.com/bid/11289", - "http://www.trustix.org/errata/2004/0050", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583", - "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497" - ] - }, - { - "VulnerabilityID": "CVE-2018-5709", - "PkgName": "libkrb5support0", - "InstalledVersion": "1.17-3", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "krb5: integer overflow in dbentry-\u003en_key_data in kadmin/dbutil/dump.c", - "Description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable \"dbentry-\u003en_key_data\" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a \"u4\" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow" - ] - }, - { - "VulnerabilityID": "CVE-2004-0971", - "PkgName": "libkrb5support0", - "InstalledVersion": "1.17-3", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "security flaw", - "Description": "The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.", - "Severity": "LOW", - "References": [ - "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304", - "http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml", - "http://www.redhat.com/support/errata/RHSA-2005-012.html", - "http://www.securityfocus.com/bid/11289", - "http://www.trustix.org/errata/2004/0050", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583", - "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497" - ] - }, - { - "VulnerabilityID": "CVE-2015-3276", - "PkgName": "libldap-2.4-2", - "InstalledVersion": "2.4.47+dfsg-3+deb10u1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "openldap: incorrect multi-keyword mode cipherstring parsing", - "Description": "The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2015-3276.html", - "http://linux.oracle.com/errata/ELSA-2015-2131.html", - "http://rhn.redhat.com/errata/RHSA-2015-2131.html", - "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "http://www.securitytracker.com/id/1034221", - "https://bugzilla.redhat.com/show_bug.cgi?id=1238322" - ] - }, - { - "VulnerabilityID": "CVE-2017-17740", - "PkgName": "libldap-2.4-2", - "InstalledVersion": "2.4.47+dfsg-3+deb10u1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers to cause a denial of service", - "Description": "contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", - "http://www.openldap.org/its/index.cgi/Incoming?id=8759" - ] - }, - { - "VulnerabilityID": "CVE-2017-14159", - "PkgName": "libldap-2.4-2", - "InstalledVersion": "2.4.47+dfsg-3+deb10u1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "openldap: Privilege escalation via PID file manipulation", - "Description": "slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a \"kill `cat /pathname`\" command, as demonstrated by openldap-initscript.", - "Severity": "LOW", - "References": [ - "http://www.openldap.org/its/index.cgi?findid=8703" - ] - }, - { - "VulnerabilityID": "CVE-2015-3276", - "PkgName": "libldap-common", - "InstalledVersion": "2.4.47+dfsg-3+deb10u1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "openldap: incorrect multi-keyword mode cipherstring parsing", - "Description": "The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2015-3276.html", - "http://linux.oracle.com/errata/ELSA-2015-2131.html", - "http://rhn.redhat.com/errata/RHSA-2015-2131.html", - "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "http://www.securitytracker.com/id/1034221", - "https://bugzilla.redhat.com/show_bug.cgi?id=1238322" - ] - }, - { - "VulnerabilityID": "CVE-2017-17740", - "PkgName": "libldap-common", - "InstalledVersion": "2.4.47+dfsg-3+deb10u1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers to cause a denial of service", - "Description": "contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", - "http://www.openldap.org/its/index.cgi/Incoming?id=8759" - ] - }, - { - "VulnerabilityID": "CVE-2017-14159", - "PkgName": "libldap-common", - "InstalledVersion": "2.4.47+dfsg-3+deb10u1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "openldap: Privilege escalation via PID file manipulation", - "Description": "slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a \"kill `cat /pathname`\" command, as demonstrated by openldap-initscript.", - "Severity": "LOW", - "References": [ - "http://www.openldap.org/its/index.cgi?findid=8703" - ] - }, - { - "VulnerabilityID": "CVE-2018-12886", - "PkgName": "liblsan0", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", - "https://www.gnu.org/software/gcc/gcc-8/changes.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15847", - "PkgName": "liblsan0", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", - "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" - ] - }, - { - "VulnerabilityID": "CVE-2019-17543", - "PkgName": "liblz4-1", - "InstalledVersion": "1.8.3-1", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "lz4: heap-based buffer overflow in LZ4_write32", - "Description": "LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states \"only a few specific / uncommon usages of the API are at risk.\"", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html", - "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", - "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", - "https://github.com/lz4/lz4/issues/801", - "https://github.com/lz4/lz4/pull/756", - "https://github.com/lz4/lz4/pull/760", - "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E", - "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E" - ] - }, - { - "VulnerabilityID": "CVE-2018-15607", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: CPU Exhaustion via crafted input file", - "Description": "In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.", - "Severity": "HIGH", - "References": [ - "http://linux.oracle.com/cve/CVE-2018-15607.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/105137", - "https://github.com/ImageMagick/ImageMagick/issues/1255", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-11470", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: denial of service in cineon parsing component", - "Description": "The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.", - "Severity": "HIGH", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11470.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", - "https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957", - "https://github.com/ImageMagick/ImageMagick/issues/1472", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19948", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c", - "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.", - "Severity": "HIGH", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-19948.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", - "https://github.com/ImageMagick/ImageMagick/issues/1562", - "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" - ] - }, - { - "VulnerabilityID": "CVE-2008-3134", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "GraphicsMagick/ImageMagick: multiple crash or DoS issues", - "Description": "Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html", - "http://secunia.com/advisories/30879", - "http://secunia.com/advisories/32151", - "http://sourceforge.net/forum/forum.php?forum_id=841176", - "http://sourceforge.net/project/shownotes.php?release_id=610253", - "http://www.securityfocus.com/bid/30055", - "http://www.securitytracker.com/id?1020413", - "http://www.vupen.com/english/advisories/2008/1984/references", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3134", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/43511", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/43513" - ] - }, - { - "VulnerabilityID": "CVE-2016-8678", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Heap-buffer overflow in IsPixelMonochrome", - "Description": "The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says \"This is a Q64 issue and we do not support Q64.\"", - "Severity": "MEDIUM", - "References": [ - "http://www.openwall.com/lists/oss-security/2016/10/16/2", - "http://www.openwall.com/lists/oss-security/2016/12/08/18", - "http://www.securityfocus.com/bid/93599", - "https://bugzilla.redhat.com/show_bug.cgi?id=1385694", - "https://github.com/ImageMagick/ImageMagick/issues/272" - ] - }, - { - "VulnerabilityID": "CVE-2017-11754", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in WritePICONImage function", - "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/ImageMagick/ImageMagick/issues/633" - ] - }, - { - "VulnerabilityID": "CVE-2017-11755", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call", - "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/ImageMagick/ImageMagick/issues/634" - ] - }, - { - "VulnerabilityID": "CVE-2017-7275", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866)", - "Description": "The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/97166", - "https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/", - "https://github.com/ImageMagick/ImageMagick/issues/271" - ] - }, - { - "VulnerabilityID": "CVE-2019-10649", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in SVGKeyValuePairs of coders/svg.c that leads to denial of service via crafted image file", - "Description": "In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107645", - "https://github.com/ImageMagick/ImageMagick/issues/1533", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-11472", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component", - "Description": "ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11472.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", - "https://github.com/ImageMagick/ImageMagick/issues/1546", - "https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-11597", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure", - "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11597.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108102", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", - "https://github.com/ImageMagick/ImageMagick/issues/1555", - "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-11598", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure", - "Description": "In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11598.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108102", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", - "https://github.com/ImageMagick/ImageMagick/issues/1540", - "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-12974", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service", - "Description": "A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12974.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", - "https://github.com/ImageMagick/ImageMagick/issues/1515" - ] - }, - { - "VulnerabilityID": "CVE-2019-12975", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c", - "Description": "ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12975.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1517" - ] - }, - { - "VulnerabilityID": "CVE-2019-12976", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c", - "Description": "ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12976.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1520" - ] - }, - { - "VulnerabilityID": "CVE-2019-12977", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: use of uninitialised value in function WriteJP2Image in coders/jp2.c", - "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the WriteJP2Image function in coders/jp2.c.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1518" - ] - }, - { - "VulnerabilityID": "CVE-2019-12978", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c", - "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the ReadPANGOImage function in coders/pango.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12978.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1519" - ] - }, - { - "VulnerabilityID": "CVE-2019-12979", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c", - "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12979.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1522" - ] - }, - { - "VulnerabilityID": "CVE-2019-13135", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: a \"use of uninitialized value\" vulnerability in the function ReadCUTImage leading to a crash and DoS", - "Description": "ImageMagick before 7.0.8-50 has a \"use of uninitialized value\" vulnerability in the function ReadCUTImage in coders/cut.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13135.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", - "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d", - "https://github.com/ImageMagick/ImageMagick/issues/1599", - "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13137", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: a memory leak vulnerability in the function ReadPSImage in coders/ps.c", - "Description": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34", - "https://github.com/ImageMagick/ImageMagick/issues/1601", - "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b" - ] - }, - { - "VulnerabilityID": "CVE-2019-13295", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13295.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", - "https://github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc", - "https://github.com/ImageMagick/ImageMagick/issues/1608", - "https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13297", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13297.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", - "https://github.com/ImageMagick/ImageMagick/commit/604588fc35c7585abb7a9e71f69bb82e4389fefc", - "https://github.com/ImageMagick/ImageMagick/issues/1609", - "https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13300", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13300.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a", - "https://github.com/ImageMagick/ImageMagick/issues/1586", - "https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450" - ] - }, - { - "VulnerabilityID": "CVE-2019-13301", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks in AcquireMagickMemory", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13301.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025", - "https://github.com/ImageMagick/ImageMagick/issues/1585", - "https://github.com/ImageMagick/ImageMagick/issues/1589" - ] - }, - { - "VulnerabilityID": "CVE-2019-13304", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment", - "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13304.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", - "https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e", - "https://github.com/ImageMagick/ImageMagick/issues/1614", - "https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13305", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error", - "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13305.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", - "https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888", - "https://github.com/ImageMagick/ImageMagick/issues/1613", - "https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13306", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors", - "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13306.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", - "https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd", - "https://github.com/ImageMagick/ImageMagick/issues/1612", - "https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13307", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13307.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48", - "https://github.com/ImageMagick/ImageMagick/issues/1615", - "https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe" - ] - }, - { - "VulnerabilityID": "CVE-2019-13308", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow in MagickCore/fourier.c in ComplexImage", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/61135001a625364e29bdce83832f043eebde7b5a", - "https://github.com/ImageMagick/ImageMagick/issues/1595", - "https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01" - ] - }, - { - "VulnerabilityID": "CVE-2019-13309", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13309.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", - "https://github.com/ImageMagick/ImageMagick/issues/1616", - "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" - ] - }, - { - "VulnerabilityID": "CVE-2019-13310", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13310.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", - "https://github.com/ImageMagick/ImageMagick/issues/1616", - "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" - ] - }, - { - "VulnerabilityID": "CVE-2019-13311", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13311.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/4a334bbf5584de37c6f5a47c380a531c8c4b140a", - "https://github.com/ImageMagick/ImageMagick/issues/1623", - "https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91" - ] - }, - { - "VulnerabilityID": "CVE-2019-13391", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in MagickCore/fourier.c", - "Description": "In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7", - "https://github.com/ImageMagick/ImageMagick/issues/1588", - "https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984" - ] - }, - { - "VulnerabilityID": "CVE-2019-13454", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c", - "Description": "ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13454.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "http://www.securityfocus.com/bid/109099", - "https://github.com/ImageMagick/ImageMagick/commit/1ddcf2e4f28029a888cadef2e757509ef5047ad8", - "https://github.com/ImageMagick/ImageMagick/issues/1629", - "https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4" - ] - }, - { - "VulnerabilityID": "CVE-2019-14981", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c", - "Description": "In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-14981.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", - "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc", - "https://github.com/ImageMagick/ImageMagick/issues/1552", - "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256", - "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15139", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c", - "Description": "The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-15139.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", - "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7", - "https://github.com/ImageMagick/ImageMagick/issues/1553", - "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15140", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Use after free in ReadMATImage in coders/mat.c", - "Description": "coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-15140.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", - "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0", - "https://github.com/ImageMagick/ImageMagick/issues/1554", - "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-16708", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in magick/xwindow.c", - "Description": "ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16708.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1531", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16709", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in coders/dps.c", - "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16709.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", - "https://github.com/ImageMagick/ImageMagick/issues/1531" - ] - }, - { - "VulnerabilityID": "CVE-2019-16710", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in coders/dot.c", - "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16710.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1528", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16711", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c", - "Description": "ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16711.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1542", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16712", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c", - "Description": "ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16712.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1557" - ] - }, - { - "VulnerabilityID": "CVE-2019-16713", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in coders/dot.c", - "Description": "ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16713.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1558", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19949", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c", - "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-19949.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", - "https://github.com/ImageMagick/ImageMagick/issues/1561", - "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-7175", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: memory leak in function DecodeImage in coders/pcd.c", - "Description": "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-7175.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", - "https://github.com/ImageMagick/ImageMagick/issues/1450" - ] - }, - { - "VulnerabilityID": "CVE-2019-7395", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the WritePSDChannel function in coders/psd.c", - "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "http://www.securityfocus.com/bid/106850", - "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06", - "https://github.com/ImageMagick/ImageMagick/issues/1451" - ] - }, - { - "VulnerabilityID": "CVE-2019-7396", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the ReadSIXELImage function in coders/sixel.c", - "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://www.securityfocus.com/bid/106849", - "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce", - "https://github.com/ImageMagick/ImageMagick/issues/1452", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-7397", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c", - "Description": "In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.", - "Severity": "MEDIUM", - "References": [ - "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1", - "http://linux.oracle.com/cve/CVE-2019-7397.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "http://www.securityfocus.com/bid/106847", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", - "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82", - "https://github.com/ImageMagick/ImageMagick/issues/1454" - ] - }, - { - "VulnerabilityID": "CVE-2019-7398", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c", - "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-7398.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "http://www.securityfocus.com/bid/106848", - "https://github.com/ImageMagick/ImageMagick/issues/1453" - ] - }, - { - "VulnerabilityID": "CVE-2020-10251", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: out-of-bounds read in ReadHEICImageByID function in coders/heic.c", - "Description": "In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/ImageMagick/ImageMagick/issues/1859" - ] - }, - { - "VulnerabilityID": "CVE-2005-0406", - "PkgName": "libmagickcore-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Description": "A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.", - "Severity": "LOW", - "References": [ - "http://seclists.org/lists/fulldisclosure/2005/Feb/0343.html", - "http://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt" - ] - }, - { - "VulnerabilityID": "CVE-2018-15607", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: CPU Exhaustion via crafted input file", - "Description": "In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.", - "Severity": "HIGH", - "References": [ - "http://linux.oracle.com/cve/CVE-2018-15607.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/105137", - "https://github.com/ImageMagick/ImageMagick/issues/1255", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-11470", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: denial of service in cineon parsing component", - "Description": "The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.", - "Severity": "HIGH", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11470.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", - "https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957", - "https://github.com/ImageMagick/ImageMagick/issues/1472", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19948", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c", - "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.", - "Severity": "HIGH", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-19948.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", - "https://github.com/ImageMagick/ImageMagick/issues/1562", - "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" - ] - }, - { - "VulnerabilityID": "CVE-2008-3134", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "GraphicsMagick/ImageMagick: multiple crash or DoS issues", - "Description": "Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html", - "http://secunia.com/advisories/30879", - "http://secunia.com/advisories/32151", - "http://sourceforge.net/forum/forum.php?forum_id=841176", - "http://sourceforge.net/project/shownotes.php?release_id=610253", - "http://www.securityfocus.com/bid/30055", - "http://www.securitytracker.com/id?1020413", - "http://www.vupen.com/english/advisories/2008/1984/references", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3134", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/43511", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/43513" - ] - }, - { - "VulnerabilityID": "CVE-2016-8678", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Heap-buffer overflow in IsPixelMonochrome", - "Description": "The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says \"This is a Q64 issue and we do not support Q64.\"", - "Severity": "MEDIUM", - "References": [ - "http://www.openwall.com/lists/oss-security/2016/10/16/2", - "http://www.openwall.com/lists/oss-security/2016/12/08/18", - "http://www.securityfocus.com/bid/93599", - "https://bugzilla.redhat.com/show_bug.cgi?id=1385694", - "https://github.com/ImageMagick/ImageMagick/issues/272" - ] - }, - { - "VulnerabilityID": "CVE-2017-11754", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in WritePICONImage function", - "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/ImageMagick/ImageMagick/issues/633" - ] - }, - { - "VulnerabilityID": "CVE-2017-11755", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call", - "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/ImageMagick/ImageMagick/issues/634" - ] - }, - { - "VulnerabilityID": "CVE-2017-7275", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866)", - "Description": "The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/97166", - "https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/", - "https://github.com/ImageMagick/ImageMagick/issues/271" - ] - }, - { - "VulnerabilityID": "CVE-2019-10649", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in SVGKeyValuePairs of coders/svg.c that leads to denial of service via crafted image file", - "Description": "In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/107645", - "https://github.com/ImageMagick/ImageMagick/issues/1533", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-11472", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component", - "Description": "ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11472.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", - "https://github.com/ImageMagick/ImageMagick/issues/1546", - "https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-11597", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure", - "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11597.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108102", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", - "https://github.com/ImageMagick/ImageMagick/issues/1555", - "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-11598", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure", - "Description": "In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-11598.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108102", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", - "https://github.com/ImageMagick/ImageMagick/issues/1540", - "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-12974", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service", - "Description": "A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12974.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", - "https://github.com/ImageMagick/ImageMagick/issues/1515" - ] - }, - { - "VulnerabilityID": "CVE-2019-12975", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c", - "Description": "ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12975.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1517" - ] - }, - { - "VulnerabilityID": "CVE-2019-12976", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c", - "Description": "ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12976.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1520" - ] - }, - { - "VulnerabilityID": "CVE-2019-12977", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: use of uninitialised value in function WriteJP2Image in coders/jp2.c", - "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the WriteJP2Image function in coders/jp2.c.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1518" - ] - }, - { - "VulnerabilityID": "CVE-2019-12978", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c", - "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the ReadPANGOImage function in coders/pango.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12978.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1519" - ] - }, - { - "VulnerabilityID": "CVE-2019-12979", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c", - "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12979.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://www.securityfocus.com/bid/108913", - "https://github.com/ImageMagick/ImageMagick/issues/1522" - ] - }, - { - "VulnerabilityID": "CVE-2019-13135", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: a \"use of uninitialized value\" vulnerability in the function ReadCUTImage leading to a crash and DoS", - "Description": "ImageMagick before 7.0.8-50 has a \"use of uninitialized value\" vulnerability in the function ReadCUTImage in coders/cut.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13135.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", - "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d", - "https://github.com/ImageMagick/ImageMagick/issues/1599", - "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13137", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: a memory leak vulnerability in the function ReadPSImage in coders/ps.c", - "Description": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34", - "https://github.com/ImageMagick/ImageMagick/issues/1601", - "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b" - ] - }, - { - "VulnerabilityID": "CVE-2019-13295", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13295.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", - "https://github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc", - "https://github.com/ImageMagick/ImageMagick/issues/1608", - "https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13297", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13297.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", - "https://github.com/ImageMagick/ImageMagick/commit/604588fc35c7585abb7a9e71f69bb82e4389fefc", - "https://github.com/ImageMagick/ImageMagick/issues/1609", - "https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13300", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13300.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a", - "https://github.com/ImageMagick/ImageMagick/issues/1586", - "https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450" - ] - }, - { - "VulnerabilityID": "CVE-2019-13301", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks in AcquireMagickMemory", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13301.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025", - "https://github.com/ImageMagick/ImageMagick/issues/1585", - "https://github.com/ImageMagick/ImageMagick/issues/1589" - ] - }, - { - "VulnerabilityID": "CVE-2019-13304", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment", - "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13304.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", - "https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e", - "https://github.com/ImageMagick/ImageMagick/issues/1614", - "https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13305", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error", - "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13305.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", - "https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888", - "https://github.com/ImageMagick/ImageMagick/issues/1613", - "https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13306", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors", - "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13306.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", - "https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd", - "https://github.com/ImageMagick/ImageMagick/issues/1612", - "https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa", - "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-13307", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13307.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48", - "https://github.com/ImageMagick/ImageMagick/issues/1615", - "https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe" - ] - }, - { - "VulnerabilityID": "CVE-2019-13308", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer overflow in MagickCore/fourier.c in ComplexImage", - "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/61135001a625364e29bdce83832f043eebde7b5a", - "https://github.com/ImageMagick/ImageMagick/issues/1595", - "https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01" - ] - }, - { - "VulnerabilityID": "CVE-2019-13309", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13309.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", - "https://github.com/ImageMagick/ImageMagick/issues/1616", - "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" - ] - }, - { - "VulnerabilityID": "CVE-2019-13310", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13310.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", - "https://github.com/ImageMagick/ImageMagick/issues/1616", - "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" - ] - }, - { - "VulnerabilityID": "CVE-2019-13311", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error", - "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13311.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/4a334bbf5584de37c6f5a47c380a531c8c4b140a", - "https://github.com/ImageMagick/ImageMagick/issues/1623", - "https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91" - ] - }, - { - "VulnerabilityID": "CVE-2019-13391", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in MagickCore/fourier.c", - "Description": "In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7", - "https://github.com/ImageMagick/ImageMagick/issues/1588", - "https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984" - ] - }, - { - "VulnerabilityID": "CVE-2019-13454", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c", - "Description": "ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-13454.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", - "http://www.securityfocus.com/bid/109099", - "https://github.com/ImageMagick/ImageMagick/commit/1ddcf2e4f28029a888cadef2e757509ef5047ad8", - "https://github.com/ImageMagick/ImageMagick/issues/1629", - "https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4" - ] - }, - { - "VulnerabilityID": "CVE-2019-14981", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c", - "Description": "In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-14981.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", - "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc", - "https://github.com/ImageMagick/ImageMagick/issues/1552", - "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256", - "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15139", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c", - "Description": "The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-15139.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", - "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7", - "https://github.com/ImageMagick/ImageMagick/issues/1553", - "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15140", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Use after free in ReadMATImage in coders/mat.c", - "Description": "coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-15140.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", - "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0", - "https://github.com/ImageMagick/ImageMagick/issues/1554", - "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-16708", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in magick/xwindow.c", - "Description": "ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16708.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1531", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16709", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in coders/dps.c", - "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16709.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", - "https://github.com/ImageMagick/ImageMagick/issues/1531" - ] - }, - { - "VulnerabilityID": "CVE-2019-16710", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in coders/dot.c", - "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16710.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1528", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16711", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c", - "Description": "ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16711.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1542", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16712", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c", - "Description": "ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16712.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1557" - ] - }, - { - "VulnerabilityID": "CVE-2019-16713", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: memory leak in coders/dot.c", - "Description": "ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16713.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", - "https://github.com/ImageMagick/ImageMagick/issues/1558", - "https://usn.ubuntu.com/4192-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19949", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c", - "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-19949.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", - "https://github.com/ImageMagick/ImageMagick/issues/1561", - "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-7175", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "imagemagick: memory leak in function DecodeImage in coders/pcd.c", - "Description": "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-7175.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", - "https://github.com/ImageMagick/ImageMagick/issues/1450" - ] - }, - { - "VulnerabilityID": "CVE-2019-7395", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the WritePSDChannel function in coders/psd.c", - "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "http://www.securityfocus.com/bid/106850", - "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06", - "https://github.com/ImageMagick/ImageMagick/issues/1451" - ] - }, - { - "VulnerabilityID": "CVE-2019-7396", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the ReadSIXELImage function in coders/sixel.c", - "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://www.securityfocus.com/bid/106849", - "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce", - "https://github.com/ImageMagick/ImageMagick/issues/1452", - "https://usn.ubuntu.com/4034-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-7397", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c", - "Description": "In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.", - "Severity": "MEDIUM", - "References": [ - "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1", - "http://linux.oracle.com/cve/CVE-2019-7397.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "http://www.securityfocus.com/bid/106847", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", - "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82", - "https://github.com/ImageMagick/ImageMagick/issues/1454" - ] - }, - { - "VulnerabilityID": "CVE-2019-7398", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c", - "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-7398.html", - "http://linux.oracle.com/errata/ELSA-2020-1180.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", - "http://www.securityfocus.com/bid/106848", - "https://github.com/ImageMagick/ImageMagick/issues/1453" - ] - }, - { - "VulnerabilityID": "CVE-2020-10251", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "ImageMagick: out-of-bounds read in ReadHEICImageByID function in coders/heic.c", - "Description": "In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/ImageMagick/ImageMagick/issues/1859" - ] - }, - { - "VulnerabilityID": "CVE-2005-0406", - "PkgName": "libmagickwand-6.q16-6", - "InstalledVersion": "8:6.9.10.23+dfsg-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Description": "A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.", - "Severity": "LOW", - "References": [ - "http://seclists.org/lists/fulldisclosure/2005/Feb/0343.html", - "http://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt" - ] - }, - { - "VulnerabilityID": "CVE-2018-12886", - "PkgName": "libmpx2", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", - "https://www.gnu.org/software/gcc/gcc-8/changes.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15847", - "PkgName": "libmpx2", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", - "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" - ] - }, - { - "VulnerabilityID": "TEMP-0000000-A4EF31", - "PkgName": "libnghttp2-14", - "InstalledVersion": "1.36.0-2+deb10u1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Severity": "LOW" - }, - { - "VulnerabilityID": "CVE-2017-17479", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "openjpeg: Stack-buffer overflow in the pgxtoimage function", - "Description": "In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtoimage function in jpwl/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.", - "Severity": "HIGH", - "References": [ - "https://github.com/uclouvain/openjpeg/issues/1044" - ] - }, - { - "VulnerabilityID": "CVE-2018-7648", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Description": "An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line.", - "Severity": "HIGH", - "References": [ - "https://github.com/kbabioch/openjpeg/commit/6d8c0c06ee32dc03ba80acd48334e98728e56cf5", - "https://github.com/uclouvain/openjpeg/issues/1088" - ] - }, - { - "VulnerabilityID": "CVE-2016-10505", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "openjpeg: NULL pointer dereference in imagetopnm function in convert.c", - "Description": "NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/uclouvain/openjpeg/issues/776", - "https://github.com/uclouvain/openjpeg/issues/784", - "https://github.com/uclouvain/openjpeg/issues/785", - "https://github.com/uclouvain/openjpeg/issues/792", - "https://security.gentoo.org/glsa/201710-26" - ] - }, - { - "VulnerabilityID": "CVE-2016-10506", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "openjpeg: Division by zero in functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c", - "Description": "Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/100573", - "https://github.com/uclouvain/openjpeg/commit/d27ccf01c68a31ad62b33d2dc1ba2bb1eeaafe7b", - "https://github.com/uclouvain/openjpeg/issues/731", - "https://github.com/uclouvain/openjpeg/issues/732", - "https://github.com/uclouvain/openjpeg/issues/777", - "https://github.com/uclouvain/openjpeg/issues/778", - "https://github.com/uclouvain/openjpeg/issues/779", - "https://github.com/uclouvain/openjpeg/issues/780", - "https://security.gentoo.org/glsa/201710-26" - ] - }, - { - "VulnerabilityID": "CVE-2016-9113", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues", - "Description": "There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image-\u003ecomps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/93980", - "https://github.com/uclouvain/openjpeg/issues/856", - "https://security.gentoo.org/glsa/201710-26" - ] - }, - { - "VulnerabilityID": "CVE-2016-9114", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues", - "Description": "There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image-\u003ecomps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/93979", - "https://github.com/uclouvain/openjpeg/issues/857", - "https://security.gentoo.org/glsa/201710-26" - ] - }, - { - "VulnerabilityID": "CVE-2016-9115", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues", - "Description": "Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/93977", - "https://github.com/uclouvain/openjpeg/issues/858", - "https://security.gentoo.org/glsa/201710-26" - ] - }, - { - "VulnerabilityID": "CVE-2016-9116", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues", - "Description": "NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/93975", - "https://github.com/uclouvain/openjpeg/issues/859", - "https://security.gentoo.org/glsa/201710-26" - ] - }, - { - "VulnerabilityID": "CVE-2016-9117", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues", - "Description": "NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/93783", - "https://github.com/uclouvain/openjpeg/issues/860", - "https://security.gentoo.org/glsa/201710-26" - ] - }, - { - "VulnerabilityID": "CVE-2016-9580", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "openjpeg2: Integer overflow in tiftoimage causes heap buffer overflow", - "Description": "An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/94822", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9580", - "https://github.com/szukw000/openjpeg/commit/cadff5fb6e73398de26a92e96d3d7cac893af255", - "https://github.com/uclouvain/openjpeg/issues/871", - "https://security.gentoo.org/glsa/201710-26" - ] - }, - { - "VulnerabilityID": "CVE-2016-9581", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "openjpeg2: Infinite loop in tiftoimage resulting into heap buffer overflow in convert_32s_C1P1", - "Description": "An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/94822", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9581", - "https://github.com/szukw000/openjpeg/commit/cadff5fb6e73398de26a92e96d3d7cac893af255", - "https://github.com/uclouvain/openjpeg/issues/872", - "https://security.gentoo.org/glsa/201710-26" - ] - }, - { - "VulnerabilityID": "CVE-2018-16375", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "openjpeg: Heap-based buffer overflow in pnmtoimage function in bin/jpwl/convert.c", - "Description": "An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/105266", - "https://github.com/uclouvain/openjpeg/issues/1126" - ] - }, - { - "VulnerabilityID": "CVE-2018-16376", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "openjpeg: Heap-based buffer overflow in function t2_encode_packet in src/lib/openmj2/t2.c", - "Description": "An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/105262", - "https://github.com/uclouvain/openjpeg/issues/1127" - ] - }, - { - "VulnerabilityID": "CVE-2018-20845", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "openjpeg: division-by-zero in function pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c", - "Description": "Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108921", - "https://github.com/uclouvain/openjpeg/pull/1168/commits/c5bd64ea146162967c29bd2af0cbb845ba3eaaaf" - ] - }, - { - "VulnerabilityID": "CVE-2018-20846", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "openjpeg: out-of-bounds read in functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c leads to denial of service", - "Description": "Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108921", - "https://github.com/uclouvain/openjpeg/pull/1168/commits/c277159986c80142180fbe5efb256bbf3bdf3edc" - ] - }, - { - "VulnerabilityID": "CVE-2018-5727", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "openjpeg: integer overflow in opj_t1_encode_cblks in src/lib/openjp2/t1.c", - "Description": "In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/uclouvain/openjpeg/issues/1053" - ] - }, - { - "VulnerabilityID": "CVE-2019-12973", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "openjpeg: denial of service in function opj_t1_encode_cblks in openjp2/t1.c", - "Description": "In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00088.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00090.html", - "http://www.securityfocus.com/bid/108900", - "https://github.com/uclouvain/openjpeg/commit/8ee335227bbcaf1614124046aa25e53d67b11ec3", - "https://github.com/uclouvain/openjpeg/pull/1185/commits/cbe7384016083eac16078b359acd7a842253d503" - ] - }, - { - "VulnerabilityID": "CVE-2019-6988", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "openjpeg: DoS via memory exhaustion in opj_decompress", - "Description": "An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c, as demonstrated by the 64-bit opj_decompress.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/106785", - "https://github.com/uclouvain/openjpeg/issues/1178" - ] - }, - { - "VulnerabilityID": "CVE-2020-6851", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor()", - "Description": "OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2020-6851.html", - "http://linux.oracle.com/errata/ELSA-2020-0274.html", - "https://access.redhat.com/errata/RHSA-2020:0262", - "https://access.redhat.com/errata/RHSA-2020:0274", - "https://access.redhat.com/errata/RHSA-2020:0296", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851", - "https://github.com/uclouvain/openjpeg/issues/1228", - "https://lists.debian.org/debian-lts-announce/2020/01/msg00025.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LACIIDDCKZJEPKTTFILSOSBQL7L3FC6V/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBRMI2D3XPVWKE3V52KRBW7BJVLS5LD3/" - ] - }, - { - "VulnerabilityID": "CVE-2020-8112", - "PkgName": "libopenjp2-7", - "InstalledVersion": "2.3.0-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "openjpeg: heap-based buffer overflow in pj_t1_clbl_decode_processor in openjp2/t1.c", - "Description": "opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2020-8112.html", - "http://linux.oracle.com/errata/ELSA-2020-0570.html", - "https://access.redhat.com/errata/RHSA-2020:0550", - "https://access.redhat.com/errata/RHSA-2020:0569", - "https://access.redhat.com/errata/RHSA-2020:0570", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112", - "https://github.com/uclouvain/openjpeg/issues/1231", - "https://lists.debian.org/debian-lts-announce/2020/01/msg00035.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFEVEKETJV7GOXD5RDWL35ESEDHC663E/" - ] - }, - { - "VulnerabilityID": "CVE-2019-3843", - "PkgName": "libpam-systemd", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "systemd: services with DynamicUser can create SUID/SGID binaries", - "Description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108116", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", - "https://security.netapp.com/advisory/ntap-20190619-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2019-3844", - "PkgName": "libpam-systemd", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "systemd: services with DynamicUser can get new privileges and create SGID binaries", - "Description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108096", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", - "https://security.netapp.com/advisory/ntap-20190619-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2020-1712", - "PkgName": "libpam-systemd", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "systemd: use-after-free when asynchronous polkit queries are performed", - "Description": "A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2020-1712.html", - "http://linux.oracle.com/errata/ELSA-2020-0575.html", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712", - "https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54", - "https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb", - "https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d", - "https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2", - "https://www.openwall.com/lists/oss-security/2020/02/05/1" - ] - }, - { - "VulnerabilityID": "CVE-2013-4392", - "PkgName": "libpam-systemd", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "systemd: TOCTOU race condition when updating file permissions and SELinux security contexts", - "Description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", - "Severity": "LOW", - "References": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060" - ] - }, - { - "VulnerabilityID": "CVE-2019-20386", - "PkgName": "libpam-systemd", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "systemd: a memory leak was discovered in button_open in login/logind-button.c when udev events are received", - "Description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", - "Severity": "LOW", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", - "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", - "https://security.netapp.com/advisory/ntap-20200210-0002/", - "https://usn.ubuntu.com/4269-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-20454", - "PkgName": "libpcre2-8-0", - "InstalledVersion": "10.32-5", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "pcre: out-of-bounds read in JIT mode when \\X is used in non-UTF mode", - "Description": "An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \\X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. The flaw occurs in do_extuni_no_utf in pcre2_jit_compile.c.", - "Severity": "MEDIUM", - "References": [ - "https://bugs.exim.org/show_bug.cgi?id=2421", - "https://bugs.php.net/bug.php?id=78338", - "https://bugzilla.redhat.com/show_bug.cgi?id=1735494", - "https://vcs.pcre.org/pcre2?view=revision\u0026revision=1092" - ] - }, - { - "VulnerabilityID": "CVE-2017-11164", - "PkgName": "libpcre3", - "InstalledVersion": "2:8.39-12", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", - "Description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", - "Severity": "HIGH", - "References": [ - "http://openwall.com/lists/oss-security/2017/07/11/3", - "http://www.securityfocus.com/bid/99575" - ] - }, - { - "VulnerabilityID": "CVE-2017-7245", - "PkgName": "libpcre3", - "InstalledVersion": "2:8.39-12", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "pcre: stack-based buffer overflow write in pcre32_copy_substring", - "Description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/97067", - "https://access.redhat.com/errata/RHSA-2018:2486", - "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", - "https://security.gentoo.org/glsa/201710-25" - ] - }, - { - "VulnerabilityID": "CVE-2017-7246", - "PkgName": "libpcre3", - "InstalledVersion": "2:8.39-12", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "pcre: stack-based buffer overflow write in pcre32_copy_substring", - "Description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/97067", - "https://access.redhat.com/errata/RHSA-2018:2486", - "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", - "https://security.gentoo.org/glsa/201710-25" - ] - }, - { - "VulnerabilityID": "CVE-2017-16231", - "PkgName": "libpcre3", - "InstalledVersion": "2:8.39-12", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", - "Description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", - "Severity": "LOW", - "References": [ - "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", - "http://seclists.org/fulldisclosure/2018/Dec/33", - "http://www.openwall.com/lists/oss-security/2017/11/01/11", - "http://www.openwall.com/lists/oss-security/2017/11/01/3", - "http://www.openwall.com/lists/oss-security/2017/11/01/7", - "http://www.openwall.com/lists/oss-security/2017/11/01/8", - "http://www.securityfocus.com/bid/101688", - "https://bugs.exim.org/show_bug.cgi?id=2047" - ] - }, - { - "VulnerabilityID": "CVE-2011-4116", - "PkgName": "libperl5.28", - "InstalledVersion": "5.28.1-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "perl: File::Temp insecure temporary file handling", - "Description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", - "Severity": "MEDIUM", - "References": [ - "http://www.openwall.com/lists/oss-security/2011/11/04/2", - "http://www.openwall.com/lists/oss-security/2011/11/04/4", - "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", - "https://rt.cpan.org/Public/Bug/Display.html?id=69106", - "https://seclists.org/oss-sec/2011/q4/238" - ] - }, - { - "VulnerabilityID": "CVE-2018-14048", - "PkgName": "libpng16-16", - "InstalledVersion": "1.6.36-6", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "libpng: Segmentation fault in png.c:png_free_data function causing denial of service", - "Description": "An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.", - "Severity": "MEDIUM", - "References": [ - "http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html", - "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", - "https://github.com/fouzhe/security/tree/master/libpng", - "https://github.com/glennrp/libpng/issues/238", - "https://seclists.org/bugtraq/2019/Apr/30", - "https://security.gentoo.org/glsa/201908-02" - ] - }, - { - "VulnerabilityID": "CVE-2018-14550", - "PkgName": "libpng16-16", - "InstalledVersion": "1.6.36-6", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "libpng: Stack-based buffer overflow in contrib/pngminus/pnm2png.c:get_token() potentially leading to arbitrary code execution", - "Description": "An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/fouzhe/security/tree/master/libpng#stack-buffer-overflow-in-png2pnm-in-function-get_token", - "https://github.com/glennrp/libpng/issues/246", - "https://security.gentoo.org/glsa/201908-02" - ] - }, - { - "VulnerabilityID": "CVE-2019-6129", - "PkgName": "libpng16-16", - "InstalledVersion": "1.6.36-6", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "libpng: memory leak of png_info struct in pngcp.c", - "Description": "** DISPUTED ** png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated \"I don't think it is libpng's job to free this buffer.\"", - "Severity": "MEDIUM", - "References": [ - "https://github.com/glennrp/libpng/issues/269", - "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" - ] - }, - { - "VulnerabilityID": "CVE-2020-8492", - "PkgName": "libpython3.7-minimal", - "InstalledVersion": "3.7.3-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS", - "Description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.", - "Severity": "HIGH", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", - "https://bugs.python.org/issue39503", - "https://github.com/python/cpython/pull/18284", - "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html", - "https://security.netapp.com/advisory/ntap-20200221-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2017-17522", - "PkgName": "libpython3.7-minimal", - "InstalledVersion": "3.7.3-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "python: Command injection in Lib/webbrowser.py", - "Description": "** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/102207", - "https://bugs.python.org/issue32367", - "https://security-tracker.debian.org/tracker/CVE-2017-17522" - ] - }, - { - "VulnerabilityID": "CVE-2019-18348", - "PkgName": "libpython3.7-minimal", - "InstalledVersion": "3.7.3-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "python: CRLF injection via the host part of the url passed to urlopen()", - "Description": "An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.)", - "Severity": "MEDIUM", - "References": [ - "https://bugs.python.org/issue30458#msg347282", - "https://bugzilla.redhat.com/show_bug.cgi?id=1727276", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/", - "https://security.netapp.com/advisory/ntap-20191107-0004/" - ] - }, - { - "VulnerabilityID": "CVE-2019-9674", - "PkgName": "libpython3.7-minimal", - "InstalledVersion": "3.7.3-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "python: Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py", - "Description": "Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", - "https://bugs.python.org/issue36260", - "https://bugs.python.org/issue36462", - "https://github.com/python/cpython/blob/master/Lib/zipfile.py", - "https://python-security.readthedocs.io/security.html#archives-and-zip-bomb", - "https://security.netapp.com/advisory/ntap-20200221-0003/", - "https://www.python.org/news/security/" - ] - }, - { - "VulnerabilityID": "CVE-2020-8492", - "PkgName": "libpython3.7-stdlib", - "InstalledVersion": "3.7.3-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS", - "Description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.", - "Severity": "HIGH", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", - "https://bugs.python.org/issue39503", - "https://github.com/python/cpython/pull/18284", - "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html", - "https://security.netapp.com/advisory/ntap-20200221-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2017-17522", - "PkgName": "libpython3.7-stdlib", - "InstalledVersion": "3.7.3-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "python: Command injection in Lib/webbrowser.py", - "Description": "** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/102207", - "https://bugs.python.org/issue32367", - "https://security-tracker.debian.org/tracker/CVE-2017-17522" - ] - }, - { - "VulnerabilityID": "CVE-2019-18348", - "PkgName": "libpython3.7-stdlib", - "InstalledVersion": "3.7.3-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "python: CRLF injection via the host part of the url passed to urlopen()", - "Description": "An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.)", - "Severity": "MEDIUM", - "References": [ - "https://bugs.python.org/issue30458#msg347282", - "https://bugzilla.redhat.com/show_bug.cgi?id=1727276", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/", - "https://security.netapp.com/advisory/ntap-20191107-0004/" - ] - }, - { - "VulnerabilityID": "CVE-2019-9674", - "PkgName": "libpython3.7-stdlib", - "InstalledVersion": "3.7.3-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "python: Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py", - "Description": "Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", - "https://bugs.python.org/issue36260", - "https://bugs.python.org/issue36462", - "https://github.com/python/cpython/blob/master/Lib/zipfile.py", - "https://python-security.readthedocs.io/security.html#archives-and-zip-bomb", - "https://security.netapp.com/advisory/ntap-20200221-0003/", - "https://www.python.org/news/security/" - ] - }, - { - "VulnerabilityID": "CVE-2018-12886", - "PkgName": "libquadmath0", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", - "https://www.gnu.org/software/gcc/gcc-8/changes.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15847", - "PkgName": "libquadmath0", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", - "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" - ] - }, - { - "VulnerabilityID": "CVE-2019-20446", - "PkgName": "librsvg2-2", - "InstalledVersion": "2.44.10-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "librsvg: Resource exhaustion via crafted SVG file with nested patterns", - "Description": "In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00024.html", - "https://gitlab.gnome.org/GNOME/librsvg/issues/515", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/" - ] - }, - { - "VulnerabilityID": "CVE-2019-20446", - "PkgName": "librsvg2-bin", - "InstalledVersion": "2.44.10-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "librsvg: Resource exhaustion via crafted SVG file with nested patterns", - "Description": "In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00024.html", - "https://gitlab.gnome.org/GNOME/librsvg/issues/515", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/" - ] - }, - { - "VulnerabilityID": "CVE-2019-20446", - "PkgName": "librsvg2-common", - "InstalledVersion": "2.44.10-2.1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "librsvg: Resource exhaustion via crafted SVG file with nested patterns", - "Description": "In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00024.html", - "https://gitlab.gnome.org/GNOME/librsvg/issues/515", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/" - ] - }, - { - "VulnerabilityID": "CVE-2019-9893", - "PkgName": "libseccomp2", - "InstalledVersion": "2.3.3-4", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "libseccomp: incorrect generation of syscall filters in libseccomp", - "Description": "libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.", - "Severity": "HIGH", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-9893.html", - "http://linux.oracle.com/errata/ELSA-2019-3624.html", - "https://github.com/seccomp/libseccomp/issues/139", - "https://seclists.org/oss-sec/2019/q1/179", - "https://security.gentoo.org/glsa/201904-18", - "https://usn.ubuntu.com/4001-1/", - "https://usn.ubuntu.com/4001-2/" - ] - }, - { - "VulnerabilityID": "CVE-2020-11656", - "PkgName": "libsqlite3-0", - "InstalledVersion": "3.27.2-3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "sqlite: use-after-free in the ALTER TABLE implementation", - "Description": "In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.", - "Severity": "HIGH", - "References": [ - "https://security.netapp.com/advisory/ntap-20200416-0001/", - "https://www.sqlite.org/src/info/d09f8c3621d5f7f8", - "https://www3.sqlite.org/cgi/src/info/b64674919f673602" - ] - }, - { - "VulnerabilityID": "CVE-2019-16168", - "PkgName": "libsqlite3-0", - "InstalledVersion": "3.27.2-3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "sqlite: division by zero in whereLoopAddBtreeIndex in sqlite3.c", - "Description": "In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a \"severe division by zero in the query planner.\"", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00032.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00033.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XZARJHJJDBHI7CE5PZEBXS5HKK6HXKW2/", - "https://security.netapp.com/advisory/ntap-20190926-0003/", - "https://security.netapp.com/advisory/ntap-20200122-0003/", - "https://usn.ubuntu.com/4205-1/", - "https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg116312.html", - "https://www.oracle.com/security-alerts/cpujan2020.html", - "https://www.sqlite.org/src/info/e4598ecbdd18bd82945f6029013296690e719a62", - "https://www.sqlite.org/src/timeline?c=98357d8c1263920b" - ] - }, - { - "VulnerabilityID": "CVE-2019-19242", - "PkgName": "libsqlite3-0", - "InstalledVersion": "3.27.2-3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "sqlite: SQL injection in sqlite3ExprCodeTarget in expr.c", - "Description": "SQLite 3.30.1 mishandles pExpr-\u003ey.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/sqlite/sqlite/commit/57f7ece78410a8aae86aa4625fb7556897db384c", - "https://usn.ubuntu.com/4205-1/", - "https://www.oracle.com/security-alerts/cpuapr2020.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-19244", - "PkgName": "libsqlite3-0", - "InstalledVersion": "3.27.2-3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "sqlite: allows a crash if a sub-select uses both DISTINCT and window functions and also has certain ORDER BY usage", - "Description": "sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/sqlite/sqlite/commit/e59c562b3f6894f84c715772c4b116d7b5c01348", - "https://usn.ubuntu.com/4205-1/", - "https://www.oracle.com/security-alerts/cpuapr2020.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-19603", - "PkgName": "libsqlite3-0", - "InstalledVersion": "3.27.2-3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "sqlite: mishandles certain SELECT statements with a nonexistent VIEW, leading to DoS", - "Description": "SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/sqlite/sqlite/commit/527cbd4a104cb93bf3994b3dd3619a6299a78b13", - "https://security.netapp.com/advisory/ntap-20191223-0001/", - "https://www.oracle.com/security-alerts/cpuapr2020.html", - "https://www.sqlite.org/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19923", - "PkgName": "libsqlite3-0", - "InstalledVersion": "3.27.2-3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "sqlite: mishandling of certain uses of SELECT DISTINCT involving a LEFT JOIN in flattenSubquery in select.c leads to a NULL pointer dereference", - "Description": "flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).", - "Severity": "MEDIUM", - "References": [ - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19923", - "https://github.com/sqlite/sqlite/commit/396afe6f6aa90a31303c183e11b2b2d4b7956b35", - "https://security.netapp.com/advisory/ntap-20200114-0003/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19924", - "PkgName": "libsqlite3-0", - "InstalledVersion": "3.27.2-3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rewriting", - "Description": "SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/sqlite/sqlite/commit/8654186b0236d556aa85528c2573ee0b6ab71be3", - "https://security.netapp.com/advisory/ntap-20200114-0003/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19925", - "PkgName": "libsqlite3-0", - "InstalledVersion": "3.27.2-3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "sqlite: zipfileUpdate in ext/misc/zipfile.c mishandles a NULL pathname during an update of a ZIP archive", - "Description": "zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.", - "Severity": "MEDIUM", - "References": [ - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19925", - "https://github.com/sqlite/sqlite/commit/54d501092d88c0cf89bec4279951f548fb0b8618", - "https://security.netapp.com/advisory/ntap-20200114-0003/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19959", - "PkgName": "libsqlite3-0", - "InstalledVersion": "3.27.2-3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "sqlite: mishandles certain uses of INSERT INTO in situations involving embedded '\\0' characters in filenames", - "Description": "ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/sqlite/sqlite/commit/1e490c4ca6b43a9cf8637d695907888349f69bec", - "https://github.com/sqlite/sqlite/commit/d8f2d46cbc9925e034a68aaaf60aad788d9373c1", - "https://security.netapp.com/advisory/ntap-20200204-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-20218", - "PkgName": "libsqlite3-0", - "InstalledVersion": "3.27.2-3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "sqlite: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error", - "Description": "selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/sqlite/sqlite/commit/a6c1a71cde082e09750465d5675699062922e387", - "https://usn.ubuntu.com/4298-1/" - ] - }, - { - "VulnerabilityID": "CVE-2020-11655", - "PkgName": "libsqlite3-0", - "InstalledVersion": "3.27.2-3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "sqlite: malformed window-function query leads to DoS", - "Description": "SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.", - "Severity": "MEDIUM", - "References": [ - "https://security.netapp.com/advisory/ntap-20200416-0001/", - "https://www3.sqlite.org/cgi/src/info/4a302b42c7bf5e11", - "https://www3.sqlite.org/cgi/src/tktview?name=af4556bb5c" - ] - }, - { - "VulnerabilityID": "CVE-2020-9327", - "PkgName": "libsqlite3-0", - "InstalledVersion": "3.27.2-3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "sqlite: NULL pointer dereference and segmentation fault because of generated column optimizations", - "Description": "In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.", - "Severity": "MEDIUM", - "References": [ - "https://security.gentoo.org/glsa/202003-16", - "https://security.netapp.com/advisory/ntap-20200313-0002/", - "https://usn.ubuntu.com/4298-1/", - "https://www.sqlite.org/cgi/src/info/4374860b29383380", - "https://www.sqlite.org/cgi/src/info/9d0d4ab95dc0c56e", - "https://www.sqlite.org/cgi/src/info/abc473fb8fb99900" - ] - }, - { - "VulnerabilityID": "CVE-2019-19645", - "PkgName": "libsqlite3-0", - "InstalledVersion": "3.27.2-3", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "sqlite: infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements", - "Description": "alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.", - "Severity": "LOW", - "References": [ - "https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06", - "https://security.netapp.com/advisory/ntap-20191223-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-13115", - "PkgName": "libssh2-1", - "InstalledVersion": "1.8.0-2.1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "libssh2: integer overflow in kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c leads to out-of-bounds write", - "Description": "In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.", - "Severity": "MEDIUM", - "References": [ - "https://blog.semmle.com/libssh2-integer-overflow/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13115", - "https://github.com/libssh2/libssh2/compare/02ecf17...42d37aa", - "https://github.com/libssh2/libssh2/pull/350", - "https://libssh2.org/changes.html", - "https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-17498", - "PkgName": "libssh2-1", - "InstalledVersion": "1.8.0-2.1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "libssh2: integer overflow in SSH_MSG_DISCONNECT logic in packet.c", - "Description": "In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html", - "https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17498", - "https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498", - "https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480", - "https://github.com/libssh2/libssh2/pull/402/commits/1c6fa92b77e34d089493fe6d3e2c6c8775858b94", - "https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/" - ] - }, - { - "VulnerabilityID": "CVE-2007-6755", - "PkgName": "libssl1.1", - "InstalledVersion": "1.1.1d-0+deb10u3", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "Dual_EC_DRBG: weak pseudo random number generator", - "Description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain \"skeleton key\" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", - "Severity": "MEDIUM", - "References": [ - "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", - "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", - "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", - "http://rump2007.cr.yp.to/15-shumow.pdf", - "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", - "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", - "http://www.securityfocus.com/bid/63657", - "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html" - ] - }, - { - "VulnerabilityID": "CVE-2010-0928", - "PkgName": "libssl1.1", - "InstalledVersion": "1.1.1d-0+deb10u3", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "openssl: RSA authentication weakness", - "Description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a \"fault-based attack.\"", - "Severity": "MEDIUM", - "References": [ - "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", - "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", - "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", - "http://www.osvdb.org/62808", - "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750" - ] - }, - { - "VulnerabilityID": "CVE-2019-1551", - "PkgName": "libssl1.1", - "InstalledVersion": "1.1.1d-0+deb10u3", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", - "Description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html", - "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98", - "https://github.com/openssl/openssl/pull/10575", - "https://seclists.org/bugtraq/2019/Dec/39", - "https://seclists.org/bugtraq/2019/Dec/46", - "https://security.netapp.com/advisory/ntap-20191210-0001/", - "https://www.debian.org/security/2019/dsa-4594", - "https://www.openssl.org/news/secadv/20191206.txt", - "https://www.tenable.com/security/tns-2019-09" - ] - }, - { - "VulnerabilityID": "CVE-2018-12886", - "PkgName": "libstdc++-8-dev", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", - "https://www.gnu.org/software/gcc/gcc-8/changes.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15847", - "PkgName": "libstdc++-8-dev", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", - "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" - ] - }, - { - "VulnerabilityID": "CVE-2018-12886", - "PkgName": "libstdc++6", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", - "https://www.gnu.org/software/gcc/gcc-8/changes.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15847", - "PkgName": "libstdc++6", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", - "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" - ] - }, - { - "VulnerabilityID": "CVE-2019-3843", - "PkgName": "libsystemd0", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "systemd: services with DynamicUser can create SUID/SGID binaries", - "Description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108116", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", - "https://security.netapp.com/advisory/ntap-20190619-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2019-3844", - "PkgName": "libsystemd0", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "systemd: services with DynamicUser can get new privileges and create SGID binaries", - "Description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108096", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", - "https://security.netapp.com/advisory/ntap-20190619-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2020-1712", - "PkgName": "libsystemd0", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "systemd: use-after-free when asynchronous polkit queries are performed", - "Description": "A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2020-1712.html", - "http://linux.oracle.com/errata/ELSA-2020-0575.html", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712", - "https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54", - "https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb", - "https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d", - "https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2", - "https://www.openwall.com/lists/oss-security/2020/02/05/1" - ] - }, - { - "VulnerabilityID": "CVE-2013-4392", - "PkgName": "libsystemd0", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "systemd: TOCTOU race condition when updating file permissions and SELinux security contexts", - "Description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", - "Severity": "LOW", - "References": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060" - ] - }, - { - "VulnerabilityID": "CVE-2019-20386", - "PkgName": "libsystemd0", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "systemd: a memory leak was discovered in button_open in login/logind-button.c when udev events are received", - "Description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", - "Severity": "LOW", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", - "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", - "https://security.netapp.com/advisory/ntap-20200210-0002/", - "https://usn.ubuntu.com/4269-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-1000654", - "PkgName": "libtasn1-6", - "InstalledVersion": "4.13-3", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion", - "Description": "GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file.", - "Severity": "HIGH", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html", - "http://www.securityfocus.com/bid/105151", - "https://gitlab.com/gnutls/libtasn1/issues/4" - ] - }, - { - "VulnerabilityID": "CVE-2017-9117", - "PkgName": "libtiff5", - "InstalledVersion": "4.1.0+git191117-2~deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "libtiff: Heap-based buffer over-read in bmp2tiff", - "Description": "In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, leading to a heap-based buffer over-read in bmp2tiff.", - "Severity": "HIGH", - "References": [ - "http://bugzilla.maptools.org/show_bug.cgi?id=2690", - "http://www.securityfocus.com/bid/98581", - "https://usn.ubuntu.com/3606-1/" - ] - }, - { - "VulnerabilityID": "CVE-2014-8130", - "PkgName": "libtiff5", - "InstalledVersion": "4.1.0+git191117-2~deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "libtiff: divide by zero in the tiffdither tool", - "Description": "The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.", - "Severity": "MEDIUM", - "References": [ - "http://bugzilla.maptools.org/show_bug.cgi?id=2483", - "http://linux.oracle.com/cve/CVE-2014-8130.html", - "http://linux.oracle.com/errata/ELSA-2016-1547.html", - "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html", - "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html", - "http://openwall.com/lists/oss-security/2015/01/24/15", - "http://rhn.redhat.com/errata/RHSA-2016-1546.html", - "http://rhn.redhat.com/errata/RHSA-2016-1547.html", - "http://support.apple.com/kb/HT204941", - "http://support.apple.com/kb/HT204942", - "http://www.conostix.com/pub/adv/CVE-2014-8130-LibTIFF-Division_By_Zero.txt", - "http://www.securityfocus.com/bid/72353", - "http://www.securitytracker.com/id/1032760", - "https://bugzilla.redhat.com/show_bug.cgi?id=1185817", - "https://github.com/vadz/libtiff/commit/3c5eb8b1be544e41d2c336191bc4936300ad7543", - "https://security.gentoo.org/glsa/201701-16" - ] - }, - { - "VulnerabilityID": "CVE-2017-16232", - "PkgName": "libtiff5", - "InstalledVersion": "4.1.0+git191117-2~deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "libtiff: Memory leaks in tif_open.c, tif_lzw.c, and tif_aux.c", - "Description": "** DISPUTED ** LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00036.html", - "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00041.html", - "http://packetstormsecurity.com/files/150896/LibTIFF-4.0.8-Memory-Leak.html", - "http://seclists.org/fulldisclosure/2018/Dec/32", - "http://seclists.org/fulldisclosure/2018/Dec/47", - "http://www.openwall.com/lists/oss-security/2017/11/01/11", - "http://www.openwall.com/lists/oss-security/2017/11/01/3", - "http://www.openwall.com/lists/oss-security/2017/11/01/7", - "http://www.openwall.com/lists/oss-security/2017/11/01/8", - "http://www.securityfocus.com/bid/101696" - ] - }, - { - "VulnerabilityID": "CVE-2017-17973", - "PkgName": "libtiff5", - "InstalledVersion": "4.1.0+git191117-2~deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "libtiff: heap-based use after free in tiff2pdf.c:t2p_writeproc", - "Description": "** DISPUTED ** In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue.", - "Severity": "MEDIUM", - "References": [ - "http://bugzilla.maptools.org/show_bug.cgi?id=2769", - "http://www.securityfocus.com/bid/102331", - "https://bugzilla.novell.com/show_bug.cgi?id=1074318", - "https://bugzilla.redhat.com/show_bug.cgi?id=1530912" - ] - }, - { - "VulnerabilityID": "CVE-2017-5563", - "PkgName": "libtiff5", - "InstalledVersion": "4.1.0+git191117-2~deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "libtiff: Heap-buffer overflow in LZWEncode tif_lzw.c", - "Description": "LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.", - "Severity": "MEDIUM", - "References": [ - "http://bugzilla.maptools.org/show_bug.cgi?id=2664", - "http://www.securityfocus.com/bid/95705", - "https://security.gentoo.org/glsa/201709-27", - "https://usn.ubuntu.com/3606-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-10126", - "PkgName": "libtiff5", - "InstalledVersion": "4.1.0+git191117-2~deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "libtiff: NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c", - "Description": "LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c.", - "Severity": "MEDIUM", - "References": [ - "http://bugzilla.maptools.org/show_bug.cgi?id=2786" - ] - }, - { - "VulnerabilityID": "CVE-2018-12886", - "PkgName": "libtsan0", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", - "https://www.gnu.org/software/gcc/gcc-8/changes.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15847", - "PkgName": "libtsan0", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", - "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" - ] - }, - { - "VulnerabilityID": "CVE-2018-12886", - "PkgName": "libubsan1", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", - "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", - "Severity": "MEDIUM", - "References": [ - "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", - "https://www.gnu.org/software/gcc/gcc-8/changes.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15847", - "PkgName": "libubsan1", - "InstalledVersion": "8.3.0-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", - "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" - ] - }, - { - "VulnerabilityID": "CVE-2019-3843", - "PkgName": "libudev1", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "systemd: services with DynamicUser can create SUID/SGID binaries", - "Description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108116", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", - "https://security.netapp.com/advisory/ntap-20190619-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2019-3844", - "PkgName": "libudev1", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "systemd: services with DynamicUser can get new privileges and create SGID binaries", - "Description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108096", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", - "https://security.netapp.com/advisory/ntap-20190619-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2020-1712", - "PkgName": "libudev1", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "systemd: use-after-free when asynchronous polkit queries are performed", - "Description": "A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2020-1712.html", - "http://linux.oracle.com/errata/ELSA-2020-0575.html", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712", - "https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54", - "https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb", - "https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d", - "https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2", - "https://www.openwall.com/lists/oss-security/2020/02/05/1" - ] - }, - { - "VulnerabilityID": "CVE-2013-4392", - "PkgName": "libudev1", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "systemd: TOCTOU race condition when updating file permissions and SELinux security contexts", - "Description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", - "Severity": "LOW", - "References": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060" - ] - }, - { - "VulnerabilityID": "CVE-2019-20386", - "PkgName": "libudev1", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "systemd: a memory leak was discovered in button_open in login/logind-button.c when udev events are received", - "Description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", - "Severity": "LOW", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", - "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", - "https://security.netapp.com/advisory/ntap-20200210-0002/", - "https://usn.ubuntu.com/4269-1/" - ] - }, - { - "VulnerabilityID": "CVE-2016-9085", - "PkgName": "libwebp6", - "InstalledVersion": "0.6.1-2", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "libwebp: Several integer overflows", - "Description": "Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors.", - "Severity": "HIGH", - "References": [ - "http://www.openwall.com/lists/oss-security/2016/10/27/3", - "http://www.securityfocus.com/bid/93928", - "https://bugzilla.redhat.com/show_bug.cgi?id=1389338", - "https://chromium.googlesource.com/webm/libwebp/+/e2affacc35f1df6cc3b1a9fa0ceff5ce2d0cce83", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LG5Q42J7EJDKQKWTTHCO4YZMOMP74YPQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTR2ZW67TMT7KC24RBENIF25KWUJ7VPD/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SH6X3MWD5AHZC5JT4625PGFHAYLR7YW7/", - "https://security.gentoo.org/glsa/201701-61" - ] - }, - { - "VulnerabilityID": "CVE-2016-9085", - "PkgName": "libwebpmux3", - "InstalledVersion": "0.6.1-2", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "libwebp: Several integer overflows", - "Description": "Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors.", - "Severity": "HIGH", - "References": [ - "http://www.openwall.com/lists/oss-security/2016/10/27/3", - "http://www.securityfocus.com/bid/93928", - "https://bugzilla.redhat.com/show_bug.cgi?id=1389338", - "https://chromium.googlesource.com/webm/libwebp/+/e2affacc35f1df6cc3b1a9fa0ceff5ce2d0cce83", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LG5Q42J7EJDKQKWTTHCO4YZMOMP74YPQ/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTR2ZW67TMT7KC24RBENIF25KWUJ7VPD/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SH6X3MWD5AHZC5JT4625PGFHAYLR7YW7/", - "https://security.gentoo.org/glsa/201701-61" - ] - }, - { - "VulnerabilityID": "CVE-2016-9318", - "PkgName": "libxml2", - "InstalledVersion": "2.9.4+dfsg1-7", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "libxml2: XML External Entity vulnerability", - "Description": "libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/94347", - "https://bugzilla.gnome.org/show_bug.cgi?id=772726", - "https://github.com/lsh123/xmlsec/issues/43", - "https://security.gentoo.org/glsa/201711-01", - "https://usn.ubuntu.com/3739-1/", - "https://usn.ubuntu.com/3739-2/" - ] - }, - { - "VulnerabilityID": "CVE-2017-16932", - "PkgName": "libxml2", - "InstalledVersion": "2.9.4+dfsg1-7", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "libxml2: Infinite recursion in parameter entities", - "Description": "parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.", - "Severity": "MEDIUM", - "References": [ - "http://xmlsoft.org/news.html", - "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html", - "https://bugzilla.gnome.org/show_bug.cgi?id=759579", - "https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961", - "https://github.com/sparklemotion/nokogiri/issues/1714", - "https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html", - "https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-16932.html", - "https://usn.ubuntu.com/3739-1/", - "https://usn.ubuntu.com/usn/usn-3504-1/" - ] - }, - { - "VulnerabilityID": "CVE-2017-18258", - "PkgName": "libxml2", - "InstalledVersion": "2.9.4+dfsg1-7", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", - "Description": "The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2017-18258.html", - "http://linux.oracle.com/errata/ELSA-2020-1190.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18258", - "https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb", - "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10284", - "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html", - "https://security.netapp.com/advisory/ntap-20190719-0001/", - "https://usn.ubuntu.com/3739-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-14404", - "PkgName": "libxml2", - "InstalledVersion": "2.9.4+dfsg1-7", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", - "Description": "A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2018-14404.html", - "http://linux.oracle.com/errata/ELSA-2020-1190.html", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817", - "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14404", - "https://github.com/sparklemotion/nokogiri/issues/1785", - "https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74", - "https://gitlab.gnome.org/GNOME/libxml2/commit/a436374994c47b12d5de1b8b1d191a098fa23594", - "https://gitlab.gnome.org/GNOME/libxml2/issues/10", - "https://groups.google.com/forum/#!msg/ruby-security-ann/uVrmO2HjqQw/Fw3ocLI0BQAJ", - "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html", - "https://usn.ubuntu.com/3739-1/", - "https://usn.ubuntu.com/3739-2/" - ] - }, - { - "VulnerabilityID": "CVE-2018-14567", - "PkgName": "libxml2", - "InstalledVersion": "2.9.4+dfsg1-7", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", - "Description": "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2018-14567.html", - "http://linux.oracle.com/errata/ELSA-2020-1190.html", - "http://www.securityfocus.com/bid/105198", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14567", - "https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74", - "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html", - "https://usn.ubuntu.com/3739-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19956", - "PkgName": "libxml2", - "InstalledVersion": "2.9.4+dfsg1-7", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "libxml2: There's a memory leak in xmlParseBalancedChunkMemoryRecover in parser.c that could result in a crash", - "Description": "xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc-\u003eoldNs.", - "Severity": "MEDIUM", - "References": [ - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19956", - "https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549", - "https://lists.debian.org/debian-lts-announce/2019/12/msg00032.html", - "https://security.netapp.com/advisory/ntap-20200114-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2019-20388", - "PkgName": "libxml2", - "InstalledVersion": "2.9.4+dfsg1-7", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c", - "Description": "xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.", - "Severity": "MEDIUM", - "References": [ - "https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/" - ] - }, - { - "VulnerabilityID": "CVE-2020-7595", - "PkgName": "libxml2", - "InstalledVersion": "2.9.4+dfsg1-7", - "Layer": { - "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", - "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" - }, - "Title": "libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations", - "Description": "xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/sparklemotion/nokogiri/issues/1992", - "https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/", - "https://usn.ubuntu.com/4274-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19814", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: out-of-bounds write in __remove_dirty_segment in fs/f2fs/segment.c", - "Description": "In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.", - "Severity": "CRITICAL", - "References": [ - "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19814", - "https://security.netapp.com/advisory/ntap-20200103-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19816", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: out-of-bounds write in __btrfs_map_block in fs/btrfs/volumes.c", - "Description": "In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandled.", - "Severity": "CRITICAL", - "References": [ - "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19816", - "https://security.netapp.com/advisory/ntap-20200103-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2008-4609", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: TCP protocol vulnerabilities from Outpost24", - "Description": "The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.", - "Severity": "HIGH", - "References": [ - "http://blog.robertlee.name/2008/10/conjecture-speculation.html", - "http://insecure.org/stf/tcp-dos-attack-explained.html", - "http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html", - "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2", - "http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked", - "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml", - "http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html", - "http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf", - "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", - "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html", - "http://www.outpost24.com/news/news-2008-10-02.html", - "http://www.us-cert.gov/cas/techalerts/TA09-251A.html", - "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048", - "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6340", - "https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html" - ] - }, - { - "VulnerabilityID": "CVE-2013-7445", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: memory exhaustion via crafted Graphics Execution Manager (GEM) objects", - "Description": "The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.", - "Severity": "HIGH", - "References": [ - "https://bugzilla.kernel.org/show_bug.cgi?id=60533" - ] - }, - { - "VulnerabilityID": "CVE-2018-20669", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: missing access_ok() checks in i915_gem_execbuffer2_ioctl() results in priviledge escalation", - "Description": "An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.", - "Severity": "HIGH", - "References": [ - "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c", - "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html", - "http://www.openwall.com/lists/oss-security/2019/01/23/6", - "http://www.securityfocus.com/bid/106748", - "https://access.redhat.com/security/cve/cve-2018-20669", - "https://security.netapp.com/advisory/ntap-20190404-0002/", - "https://support.f5.com/csp/article/K32059550" - ] - }, - { - "VulnerabilityID": "CVE-2019-12456", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: double fetch in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c", - "Description": "** DISPUTED ** An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a \"double fetch\" vulnerability. NOTE: a third party reports that this is unexploitable because the doubly fetched value is not used.", - "Severity": "HIGH", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html", - "https://bugzilla.redhat.com/show_bug.cgi?id=1717182", - "https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=5.3/scsi-queue\u0026id=86e5aca7fa2927060839f3e3b40c8bd65a7e8d1e", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDURACJVGIBIYBSGDZJTRDPX46H5WPZW/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBJHGQXA4PQ5EOGCOXEH3KFDNVZ2I4X7/", - "https://lkml.org/lkml/2019/5/29/1164" - ] - }, - { - "VulnerabilityID": "CVE-2019-12615", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: null pointer dereference in get_vdev_port_node_info in arch /sparc/kernel/mdesc.c", - "Description": "An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup_const of node_info-\u003evdev_port.name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).", - "Severity": "HIGH", - "References": [ - "http://www.securityfocus.com/bid/108549", - "https://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc.git/commit/?id=80caf43549e7e41a695c6d1e11066286538b336f", - "https://security.netapp.com/advisory/ntap-20190710-0002/", - "https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg2014901.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-16229", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: null pointer dereference in drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c", - "Description": "** DISPUTED ** drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: The security community disputes this issues as not being serious enough to be deserving a CVE id.", - "Severity": "HIGH", - "References": [ - "https://bugzilla.suse.com/show_bug.cgi?id=1150469#c3", - "https://lkml.org/lkml/2019/9/9/487", - "https://security.netapp.com/advisory/ntap-20191004-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16230", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: null pointer dereference in drivers/gpu/drm/radeon/radeon_display.c", - "Description": "** DISPUTED ** drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: A third-party software maintainer states that the work queue allocation is happening during device initialization, which for a graphics card occurs during boot. It is not attacker controllable and OOM at that time is highly unlikely.", - "Severity": "HIGH", - "References": [ - "https://bugzilla.suse.com/show_bug.cgi?id=1150468", - "https://lkml.org/lkml/2019/9/9/487", - "https://security.netapp.com/advisory/ntap-20191004-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16231", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c", - "Description": "drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.", - "Severity": "HIGH", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16231.html", - "http://linux.oracle.com/errata/ELSA-2020-5533.html", - "https://lkml.org/lkml/2019/9/9/487", - "https://security.netapp.com/advisory/ntap-20191004-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16232", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: null-pointer dereference in drivers/net/wireless/marvell/libertas/if_sdio.c", - "Description": "drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.", - "Severity": "HIGH", - "References": [ - "https://lkml.org/lkml/2019/9/9/487", - "https://security.netapp.com/advisory/ntap-20191004-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16233", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: null pointer dereference in drivers/scsi/qla2xxx/qla_os.c", - "Description": "drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.", - "Severity": "HIGH", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-16233.html", - "http://linux.oracle.com/errata/ELSA-2020-5508.html", - "https://lkml.org/lkml/2019/9/9/487", - "https://security.netapp.com/advisory/ntap-20191004-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-16234", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: null pointer dereference in drivers/net/wireless/intel/iwlwifi/pcie/trans.c", - "Description": "drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.", - "Severity": "HIGH", - "References": [ - "https://lkml.org/lkml/2019/9/9/487", - "https://security.netapp.com/advisory/ntap-20191004-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-18814", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: use-after-free in aa_audit_rule_init() in security/apparmor/audit.c", - "Description": "An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_audit_rule_init() in security/apparmor/audit.c.", - "Severity": "HIGH", - "References": [ - "https://lore.kernel.org/patchwork/patch/1142523/", - "https://support.f5.com/csp/article/K21561554?utm_source=f5support\u0026amp;utm_medium=RSS" - ] - }, - { - "VulnerabilityID": "CVE-2019-19054", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c allows attackers to cause a DoS", - "Description": "A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.", - "Severity": "HIGH", - "References": [ - "https://github.com/torvalds/linux/commit/a7b2df76b42bdd026e3106cf2ba97db41345a177", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19061", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c allows for a DoS", - "Description": "A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3.", - "Severity": "HIGH", - "References": [ - "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9", - "https://github.com/torvalds/linux/commit/9c0530e898f384c5d279bfcebd8bb17af1105873", - "https://security.netapp.com/advisory/ntap-20191205-0001/", - "https://usn.ubuntu.com/4208-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19064", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c allows for a DoS", - "Description": "** DISPUTED ** A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering pm_runtime_get_sync() failures, aka CID-057b8945f78f. NOTE: third parties dispute the relevance of this because an attacker cannot realistically control these failures at probe time.", - "Severity": "HIGH", - "References": [ - "https://bugzilla.suse.com/show_bug.cgi?id=1157300", - "https://github.com/torvalds/linux/commit/057b8945f78f76d0b04eeb5c27cd9225e5e7ad86", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19067", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c allow for a DoS", - "Description": "** DISPUTED ** Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures, aka CID-57be09c6e874. NOTE: third parties dispute the relevance of this because the attacker must already have privileges for module loading.", - "Severity": "HIGH", - "References": [ - "https://bugzilla.suse.com/show_bug.cgi?id=1157180", - "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8", - "https://github.com/torvalds/linux/commit/57be09c6e8747bf48704136d9e3f92bfb93f5725" - ] - }, - { - "VulnerabilityID": "CVE-2019-19070", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c allows for a DoS", - "Description": "** DISPUTED ** A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering devm_add_action_or_reset() failures, aka CID-d3b0ffa1d75d. NOTE: third parties dispute the relevance of this because the system must have already been out of memory before the probe began.", - "Severity": "HIGH", - "References": [ - "https://bugzilla.suse.com/show_bug.cgi?id=1157294", - "https://github.com/torvalds/linux/commit/d3b0ffa1d75d5305ebe34735598993afbb8a869d", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19072", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c allows for a DoS", - "Description": "A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6.", - "Severity": "HIGH", - "References": [ - "https://github.com/torvalds/linux/commit/96c5c6e6a5b6db592acae039fed54b5c8844cd35", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19074", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: a memory leak in the ath9k management function in allows local DoS", - "Description": "A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.", - "Severity": "HIGH", - "References": [ - "https://github.com/torvalds/linux/commit/728c1e2a05e4b5fc52fab3421dce772a806612a2", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19813", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: use-after-free in __mutex_lock in kernel/locking/mutex.c", - "Description": "In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_meta in fs/btrfs/qgroup.c, and btrfs_insert_delayed_items in fs/btrfs/delayed-inode.c.", - "Severity": "HIGH", - "References": [ - "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19813", - "https://security.netapp.com/advisory/ntap-20200103-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19815", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: NULL pointer dereference in f2fs_recover_fsync_data in fs/f2fs/recovery.c", - "Description": "In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause a NULL pointer dereference in f2fs_recover_fsync_data in fs/f2fs/recovery.c. This is related to F2FS_P_SB in fs/f2fs/f2fs.h.", - "Severity": "HIGH", - "References": [ - "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19815", - "https://github.com/torvalds/linux/commit/4969c06a0d83c9c3dc50b8efcdc8eeedfce896f6#diff-41a7fa4590d2af87e82101f2b4dadb56", - "https://security.netapp.com/advisory/ntap-20200103-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2020-1749", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: some ipv6 protocols not encrypted over ipsec tunnel.", - "Description": "A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data unencrypted. This would allow anyone in between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.", - "Severity": "HIGH" - }, - { - "VulnerabilityID": "CVE-2004-0230", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Description": "TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.", - "Severity": "MEDIUM", - "References": [ - "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc", - "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt", - "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt", - "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt", - "ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc", - "http://kb.juniper.net/JSA10638", - "http://marc.info/?l=bugtraq\u0026m=108302060014745\u0026w=2", - "http://marc.info/?l=bugtraq\u0026m=108506952116653\u0026w=2", - "http://secunia.com/advisories/11440", - "http://secunia.com/advisories/11458", - "http://secunia.com/advisories/22341", - "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml", - "http://www.kb.cert.org/vuls/id/415294", - "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "http://www.osvdb.org/4030", - "http://www.securityfocus.com/archive/1/449179/100/0/threaded", - "http://www.securityfocus.com/bid/10183", - "http://www.uniras.gov.uk/vuls/2004/236929/index.htm", - "http://www.us-cert.gov/cas/techalerts/TA04-111A.html", - "http://www.vupen.com/english/advisories/2006/3983", - "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019", - "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/15886", - "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10053", - "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689", - "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270", - "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508", - "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791", - "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711" - ] - }, - { - "VulnerabilityID": "CVE-2005-3660", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Description": "Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service (memory exhaustion and panic) by creating a large number of connected file descriptors or socketpairs and setting a large data transfer buffer, then preventing Linux from being able to finish the transfer by causing the process to become a zombie, or closing the file descriptor without closing an associated reference.", - "Severity": "MEDIUM", - "References": [ - "http://secunia.com/advisories/18205", - "http://securityreason.com/securityalert/291", - "http://securitytracker.com/id?1015402", - "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=362", - "http://www.securityfocus.com/bid/16041", - "http://www.vupen.com/english/advisories/2005/3076", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/23835" - ] - }, - { - "VulnerabilityID": "CVE-2008-2544", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: mounting proc readonly on a different mount point silently mounts it rw if the /proc mount is rw", - "Description": "No description is available for this CVE.", - "Severity": "MEDIUM" - }, - { - "VulnerabilityID": "CVE-2010-4563", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: ipv6: sniffer detection", - "Description": "The Linux kernel, when using IPv6, allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent, as demonstrated by thcping.", - "Severity": "MEDIUM", - "References": [ - "http://seclists.org/dailydave/2011/q2/25", - "http://seclists.org/fulldisclosure/2011/Apr/254" - ] - }, - { - "VulnerabilityID": "CVE-2010-5321", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: v4l: videobuf: hotfix a bug on multiple calls to mmap()", - "Description": "Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service (memory consumption) by leveraging /dev/video access for a series of mmap calls that require new allocations, a different vulnerability than CVE-2007-6761. NOTE: as of 2016-06-18, this affects only 11 drivers that have not been updated to use videobuf2 instead of videobuf.", - "Severity": "MEDIUM", - "References": [ - "http://linuxtv.org/irc/v4l/index.php?date=2010-07-29", - "http://www.openwall.com/lists/oss-security/2015/02/08/4", - "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827340", - "https://bugzilla.kernel.org/show_bug.cgi?id=120571", - "https://bugzilla.redhat.com/show_bug.cgi?id=620629" - ] - }, - { - "VulnerabilityID": "CVE-2012-4542", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: block: default SCSI command filter does not accomodate commands overlap across device classes", - "Description": "block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SG_IO ioctl call that leverages overlapping opcodes.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2012-4542.html", - "http://linux.oracle.com/errata/ELSA-2013-2534.html", - "http://marc.info/?l=linux-kernel\u0026m=135903967015813\u0026w=2", - "http://marc.info/?l=linux-kernel\u0026m=135904012416042\u0026w=2", - "http://rhn.redhat.com/errata/RHSA-2013-0496.html", - "http://rhn.redhat.com/errata/RHSA-2013-0579.html", - "http://rhn.redhat.com/errata/RHSA-2013-0882.html", - "http://rhn.redhat.com/errata/RHSA-2013-0928.html", - "https://bugzilla.redhat.com/show_bug.cgi?id=875360", - "https://oss.oracle.com/git/?p=redpatch.git;a=commit;h=76a274e17114abf1a77de6b651424648ce9e10c8" - ] - }, - { - "VulnerabilityID": "CVE-2014-9892", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Description": "The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28770164 and Qualcomm internal bug CR568717.", - "Severity": "MEDIUM", - "References": [ - "http://source.android.com/security/bulletin/2016-08-01.html", - "http://www.securityfocus.com/bid/92222", - "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=591b1f455c32206704cbcf426bb30911c260c33e" - ] - }, - { - "VulnerabilityID": "CVE-2014-9900", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: Info leak in uninitialized structure ethtool_wolinfo in ethtool_get_wol()", - "Description": "The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not initialize a certain data structure, which allows local users to obtain sensitive information via a crafted application, aka Android internal bug 28803952 and Qualcomm internal bug CR570754.", - "Severity": "MEDIUM", - "References": [ - "http://source.android.com/security/bulletin/2016-08-01.html", - "http://www.securityfocus.com/bid/92222", - "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=63c317dbee97983004dffdd9f742a20d17150071" - ] - }, - { - "VulnerabilityID": "CVE-2016-10723", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Description": "** DISPUTED ** An issue was discovered in the Linux kernel through 4.17.2. Since the page allocator does not yield CPU resources to the owner of the oom_lock mutex, a local unprivileged user can trivially lock up the system forever by wasting CPU resources from the page allocator (e.g., via concurrent page fault events) when the global OOM killer is invoked. NOTE: the software maintainer has not accepted certain proposed patches, in part because of a viewpoint that \"the underlying problem is non-trivial to handle.\"", - "Severity": "MEDIUM", - "References": [ - "https://patchwork.kernel.org/patch/10395909/", - "https://patchwork.kernel.org/patch/9842889/", - "https://www.spinics.net/lists/linux-mm/msg117896.html" - ] - }, - { - "VulnerabilityID": "CVE-2016-8660", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: xfs: local DoS due to a page lock order bug in the XFS seek hole/data implementation", - "Description": "The XFS subsystem in the Linux kernel through 4.8.2 allows local users to cause a denial of service (fdatasync failure and system hang) by using the vfs syscall group in the trinity program, related to a \"page lock order bug in the XFS seek hole/data implementation.\"", - "Severity": "MEDIUM", - "References": [ - "http://www.openwall.com/lists/oss-security/2016/10/13/8", - "http://www.securityfocus.com/bid/93558", - "https://bugzilla.redhat.com/show_bug.cgi?id=1384851" - ] - }, - { - "VulnerabilityID": "CVE-2017-13693", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: ACPI operand cache leak in dsutils.c", - "Description": "The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/100502", - "https://github.com/acpica/acpica/pull/295/commits/987a3b5cf7175916e2a4b6ea5b8e70f830dfe732", - "https://patchwork.kernel.org/patch/9919053/" - ] - }, - { - "VulnerabilityID": "CVE-2018-1121", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "procps-ng, procps: process hiding through race condition enumerating /proc", - "Description": "procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's proc_pid_readdir() returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list is being scanned, and fork/exec to obtain a lower PID, thus avoiding enumeration. An unprivileged attacker can hide a process from procps-ng's utilities by exploiting a race condition in reading /proc/PID entries. This vulnerability affects procps and procps-ng up to version 3.3.15, newer versions might be affected also.", - "Severity": "MEDIUM", - "References": [ - "http://seclists.org/oss-sec/2018/q2/122", - "http://www.securityfocus.com/bid/104214", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1121", - "https://security.gentoo.org/glsa/201805-14", - "https://www.exploit-db.com/exploits/44806/", - "https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt" - ] - }, - { - "VulnerabilityID": "CVE-2018-12928", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: NULL pointer dereference in hfs_ext_read_extent in hfs.ko", - "Description": "In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/104593", - "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763384", - "https://marc.info/?l=linux-fsdevel\u0026m=152407263325766\u0026w=2" - ] - }, - { - "VulnerabilityID": "CVE-2018-17977", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: Mishandled interactions among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets resulting in a denial of service", - "Description": "The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets, which allows local users to cause a denial of service (memory consumption and system hang) by leveraging root access to execute crafted applications, as demonstrated on CentOS 7.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/105539", - "https://www.openwall.com/lists/oss-security/2018/10/05/5" - ] - }, - { - "VulnerabilityID": "CVE-2018-3693", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "Kernel: speculative bounds check bypass store", - "Description": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2018-3693.html", - "http://linux.oracle.com/errata/ELSA-2018-2390.html", - "https://01.org/security/advisories/intel-oss-10002", - "https://access.redhat.com/errata/RHSA-2018:2384", - "https://access.redhat.com/errata/RHSA-2018:2390", - "https://access.redhat.com/errata/RHSA-2018:2395", - "https://access.redhat.com/errata/RHSA-2019:1946", - "https://access.redhat.com/solutions/3523601", - "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", - "https://people.csail.mit.edu/vlk/spectre11.pdf", - "https://security.netapp.com/advisory/ntap-20180823-0001/", - "https://software.intel.com/sites/default/files/managed/4e/a1/337879-analyzing-potential-bounds-Check-bypass-vulnerabilities.pdf", - "https://thehackernews.com/2018/07/intel-spectre-vulnerability.html", - "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", - "https://www.suse.com/support/kb/doc/?id=7023075" - ] - }, - { - "VulnerabilityID": "CVE-2019-12378", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: unchecked kmalloc of new_ra in ip6_ra_control leads to denial of service", - "Description": "** DISPUTED ** An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12378.html", - "http://linux.oracle.com/errata/ELSA-2019-4746.html", - "http://www.securityfocus.com/bid/108475", - "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=95baa60a0da80a0143e3ddd4d3725758b4513825", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/", - "https://lkml.org/lkml/2019/5/25/229" - ] - }, - { - "VulnerabilityID": "CVE-2019-12379", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: memory leak in con_insert_unipair in drivers/tty/vt/consolemap.c", - "Description": "** DISPUTED ** An issue was discovered in con_insert_unipair in drivers/tty/vt/consolemap.c in the Linux kernel through 5.1.5. There is a memory leak in a certain case of an ENOMEM outcome of kmalloc. NOTE: This id is disputed as not being an issue.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108478", - "https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-next\u0026id=84ecc2f6eb1cb12e6d44818f94fa49b50f06e6ac", - "https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-testing\u0026id=15b3cd8ef46ad1b100e0d3c7e38774f330726820", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/", - "https://security.netapp.com/advisory/ntap-20190710-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2019-12381", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: unchecked kmalloc of new_ra in ip_ra_control leads to denial of service", - "Description": "An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12381.html", - "http://linux.oracle.com/errata/ELSA-2019-4746.html", - "http://www.securityfocus.com/bid/108473", - "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=425aa0e1d01513437668fa3d4a971168bbaa8515", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/", - "https://lkml.org/lkml/2019/5/25/230" - ] - }, - { - "VulnerabilityID": "CVE-2019-12382", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service", - "Description": "An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-12382.html", - "http://linux.oracle.com/errata/ELSA-2020-1016.html", - "http://www.securityfocus.com/bid/108474", - "https://cgit.freedesktop.org/drm/drm-misc/commit/?id=9f1f1a2dab38d4ce87a13565cf4dc1b73bef3a5f", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/", - "https://lkml.org/lkml/2019/5/24/843" - ] - }, - { - "VulnerabilityID": "CVE-2019-12455", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: null pointer dereference in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c causing denial of service", - "Description": "** DISPUTED ** An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c in the Linux kernel through 5.1.5. There is an unchecked kstrndup of derived_name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This id is disputed as not being an issue because β€œThe memory allocation that was not checked is part of a code that only runs at boot time, before user processes are started. Therefore, there is no possibility for an unprivileged user to control it, and no denial of service.”.", - "Severity": "MEDIUM", - "References": [ - "https://git.kernel.org/pub/scm/linux/kernel/git/sunxi/linux.git/commit/?h=sunxi/clk-for-5.3\u0026id=fcdf445ff42f036d22178b49cf64e92d527c1330", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/", - "https://security.netapp.com/advisory/ntap-20190710-0002/", - "https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg2010240.html" - ] - }, - { - "VulnerabilityID": "CVE-2019-15213", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: use-after-free caused by malicious USB device in drivers/media/usb/dvb-usb/dvb-usb-init.c", - "Description": "An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-15213.html", - "http://linux.oracle.com/errata/ELSA-2019-4872.html", - "http://www.openwall.com/lists/oss-security/2019/08/20/2", - "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3", - "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6cf97230cd5f36b7665099083272595c55d72be7", - "https://security.netapp.com/advisory/ntap-20190905-0002/", - "https://syzkaller.appspot.com/bug?id=a53c9c9dd2981bfdbfbcbc1ddbd35595eda8bced" - ] - }, - { - "VulnerabilityID": "CVE-2019-16089", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: Improper return check in nbd_genl_status function in drivers/block/nbd.c", - "Description": "An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.", - "Severity": "MEDIUM", - "References": [ - "https://lore.kernel.org/patchwork/patch/1106884/", - "https://lore.kernel.org/patchwork/patch/1126650/", - "https://security.netapp.com/advisory/ntap-20191004-0001/", - "https://support.f5.com/csp/article/K03814795?utm_source=f5support\u0026amp;utm_medium=RSS" - ] - }, - { - "VulnerabilityID": "CVE-2019-19036", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: null-pointer dereference in btrfs_root_node in fs/btrfs/ctree.c", - "Description": "btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root-\u003enode) can be zero.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19036", - "https://security.netapp.com/advisory/ntap-20191205-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19046", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: Denial Of Service in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c", - "Description": "** DISPUTED ** A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20. NOTE: third parties dispute the relevance of this because an attacker cannot realistically control this failure at probe time.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html", - "https://bugzilla.suse.com/show_bug.cgi?id=1157304", - "https://github.com/torvalds/linux/commit/4aa7afb0ee20a97fbf0c5bab3df028d5fb85fdab", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/", - "https://usn.ubuntu.com/4302-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19082", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc leads to DoS", - "Description": "Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption). This affects the dce120_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, the dce100_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, and the dce112_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, aka CID-104c307147ad.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html", - "https://github.com/torvalds/linux/commit/104c307147ad379617472dd91a5bcb368d72bd6d", - "https://security.netapp.com/advisory/ntap-20191205-0001/", - "https://usn.ubuntu.com/4258-1/", - "https://usn.ubuntu.com/4284-1/", - "https://usn.ubuntu.com/4287-1/", - "https://usn.ubuntu.com/4287-2/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19083", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc leads to DoS", - "Description": "Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html", - "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8", - "https://github.com/torvalds/linux/commit/055e547478a11a6360c7ce05e2afc3e366968a12", - "https://security.netapp.com/advisory/ntap-20191205-0001/", - "https://usn.ubuntu.com/4208-1/", - "https://usn.ubuntu.com/4226-1/", - "https://usn.ubuntu.com/4227-1/", - "https://usn.ubuntu.com/4227-2/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19318", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: use-after-free in rwsem_down_write_slowpath in kernel/locking/rwsem.c", - "Description": "In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,", - "Severity": "MEDIUM", - "References": [ - "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19318", - "https://security.netapp.com/advisory/ntap-20200103-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19377", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c", - "Description": "In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19377", - "https://security.netapp.com/advisory/ntap-20200103-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19378", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: out-of-bounds write in index_rbio_pages in fs/btrfs/raid56.c", - "Description": "In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19378", - "https://security.netapp.com/advisory/ntap-20200103-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19448", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c", - "Description": "In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19448", - "https://security.netapp.com/advisory/ntap-20200103-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19449", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c", - "Description": "In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).", - "Severity": "MEDIUM", - "References": [ - "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19449", - "https://security.netapp.com/advisory/ntap-20200103-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19462", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: NULL pointer dereference in relay_open in kernel/relay.c", - "Description": "relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.", - "Severity": "MEDIUM", - "References": [ - "https://lore.kernel.org/lkml/20191129013745.7168-1-dja@axtens.net/", - "https://syzkaller-ppc64.appspot.com/bug?id=1c09906c83a8ea811a9e318c2a4f8e243becc6f8", - "https://syzkaller-ppc64.appspot.com/bug?id=b05b4d005191cc375cdf848c3d4d980308d50531", - "https://syzkaller.appspot.com/bug?id=e4265490d26d6c01cd9bc79dc915ef0a1bf15046", - "https://syzkaller.appspot.com/bug?id=f4d1cb4330bd3ddf4a628332b4285407b2eedd7b" - ] - }, - { - "VulnerabilityID": "CVE-2019-19768", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c", - "Description": "In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-buffer).", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-19768.html", - "http://linux.oracle.com/errata/ELSA-2020-5663.html", - "https://bugzilla.kernel.org/show_bug.cgi?id=205711", - "https://security.netapp.com/advisory/ntap-20200103-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19770", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: use-after-free in debugfs_remove in fs/debugfs/inode.c", - "Description": "** DISPUTED ** In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfs_create_file). NOTE: Linux kernel developers dispute this issue as not being an issue with debugfs, instead this is an issue with misuse of debugfs within blktrace.", - "Severity": "MEDIUM", - "References": [ - "https://bugzilla.kernel.org/show_bug.cgi?id=205713", - "https://lore.kernel.org/linux-block/20200402000002.7442-1-mcgrof@kernel.org/", - "https://security.netapp.com/advisory/ntap-20200103-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2020-10708", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: race condition in kernel/audit.c may allow low privilege users trigger kernel panic", - "Description": "A race condition flaw was found in the Linux kernel audit subsystem. When the system is configured to panic on events being dropped, an attacker can use this flaw to trigger an audit event that begins while the audit is in the process of starting, causing the system to panic by exploiting a race condition in the audit event handling. This attack results in a denial of service.", - "Severity": "MEDIUM", - "References": [ - "https://www.openwall.com/lists/oss-security/2020/04/17/1" - ] - }, - { - "VulnerabilityID": "CVE-2020-10942", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "Kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field", - "Description": "In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2020-10942.html", - "http://linux.oracle.com/errata/ELSA-2020-5663.html", - "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.8", - "https://git.kernel.org/linus/42d84c8490f9f0931786f1623191fcab397c3d64", - "https://lkml.org/lkml/2020/2/15/125", - "https://security.netapp.com/advisory/ntap-20200403-0003/" - ] - }, - { - "VulnerabilityID": "CVE-2020-11565", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c", - "Description": "** DISPUTED ** An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability because the issue β€œis a bug in parsing mount options which can only be specified by a privileged user, so triggering the bug does not grant any powers not already held.”.", - "Severity": "MEDIUM", - "References": [ - "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=aa9f7d5172fac9bf1f09e678c35e287a40a7b7dd", - "https://github.com/torvalds/linux/commit/aa9f7d5172fac9bf1f09e678c35e287a40a7b7dd" - ] - }, - { - "VulnerabilityID": "CVE-2020-11609", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Description": "An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer dereference, aka CID-485b06aadb93.", - "Severity": "MEDIUM", - "References": [ - "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.1", - "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=485b06aadb933190f4bc44e006076bc27a23f205", - "https://github.com/torvalds/linux/commit/485b06aadb933190f4bc44e006076bc27a23f205" - ] - }, - { - "VulnerabilityID": "CVE-2020-11668", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c", - "Description": "In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.", - "Severity": "MEDIUM", - "References": [ - "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.1", - "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a246b4d547708f33ff4d4b9a7a5dbac741dc89d8", - "https://github.com/torvalds/linux/commit/a246b4d547708f33ff4d4b9a7a5dbac741dc89d8" - ] - }, - { - "VulnerabilityID": "CVE-2020-11669", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: powerpc: guest can cause DoS on POWER9 KVM hosts", - "Description": "An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd.", - "Severity": "MEDIUM", - "References": [ - "https://access.redhat.com/errata/RHSA-2019:3517", - "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2", - "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=53a712bae5dd919521a58d7bad773b949358add0", - "https://github.com/torvalds/linux/commit/53a712bae5dd919521a58d7bad773b949358add0", - "https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208660.html", - "https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208661.html", - "https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208663.html" - ] - }, - { - "VulnerabilityID": "CVE-2020-11725", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: improper handling of private_size*count multiplication due to count=info-\u003eowner typo", - "Description": "** DISPUTED ** snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info-\u003eowner line, which later affects a private_size*count multiplication for unspecified \"interesting side effects.\" NOTE: kernel engineers dispute this finding, because it could be relevant only if new callers were added that were unfamiliar with the misuse of the info-\u003eowner field to represent data unrelated to the \"owner\" concept. The existing callers, SNDRV_CTL_IOCTL_ELEM_ADD and SNDRV_CTL_IOCTL_ELEM_REPLACE, have been designed to misuse the info-\u003eowner field in a safe way.", - "Severity": "MEDIUM", - "References": [ - "https://github.com/torvalds/linux/blob/3b2549a3740efb8af0150415737067d87e466c5b/sound/core/control.c#L1434-L1474", - "https://lore.kernel.org/alsa-devel/s5h4ktmlfpx.wl-tiwai@suse.de/", - "https://twitter.com/yabbadabbadrew/status/1248632267028582400" - ] - }, - { - "VulnerabilityID": "CVE-2020-7053", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: use-after-free in i915_ppgtt_close in drivers/gpu/drm/i915/i915_gem_gtt.c", - "Description": "In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is related to i915_gem_context_destroy_ioctl in drivers/gpu/drm/i915/i915_gem_context.c.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2020-7053.html", - "http://linux.oracle.com/errata/ELSA-2020-5569.html", - "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1859522", - "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2", - "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7dc40713618c884bf07c030d1ab1f47a9dc1f310", - "https://lore.kernel.org/stable/20200114183937.12224-1-tyhicks@canonical.com", - "https://security.netapp.com/advisory/ntap-20200204-0002/", - "https://usn.ubuntu.com/4255-1/", - "https://usn.ubuntu.com/4255-2/" - ] - }, - { - "VulnerabilityID": "CVE-2020-8992", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: soft lockup via a crafted journal size in ext4_protect_reserved_inode in fs/ext4/block_validity.c", - "Description": "ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2020-8992.html", - "http://linux.oracle.com/errata/ELSA-2020-5663.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html", - "https://patchwork.ozlabs.org/patch/1236118/", - "https://security.netapp.com/advisory/ntap-20200313-0003/" - ] - }, - { - "VulnerabilityID": "CVE-2007-3719", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: secretly Monopolizing the CPU Without Superuser Privileges", - "Description": "The process scheduler in the Linux kernel 2.6.16 gives preference to \"interactive\" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in \"Secretly Monopolizing the CPU Without Superuser Privileges.\"", - "Severity": "LOW", - "References": [ - "http://osvdb.org/37127", - "http://www.cs.huji.ac.il/~dants/papers/Cheat07Security.pdf" - ] - }, - { - "VulnerabilityID": "CVE-2011-4915", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Description": "fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.", - "Severity": "LOW", - "References": [ - "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0499680a42141d86417a8fbaa8c8db806bea1201", - "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a2ef990ab5a6705a356d146dd773a3b359787497", - "http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-4915.html", - "http://www.openwall.com/lists/oss-security/2011/11/07/9", - "https://lkml.org/lkml/2011/11/7/340", - "https://seclists.org/oss-sec/2011/q4/571", - "https://security-tracker.debian.org/tracker/CVE-2011-4915", - "https://vigilance.fr/vulnerability/Linux-kernel-information-disclosure-about-keyboard-11131" - ] - }, - { - "VulnerabilityID": "CVE-2011-4917", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Severity": "LOW" - }, - { - "VulnerabilityID": "CVE-2015-2877", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "Kernel: Cross-VM ASL INtrospection (CAIN)", - "Description": "** DISPUTED ** Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAIN) attack. NOTE: the vendor states \"Basically if you care about this attack vector, disable deduplication.\" Share-until-written approaches for memory conservation among mutually untrusting tenants are inherently detectable for information disclosure, and can be classified as potentially misunderstood behaviors rather than vulnerabilities.", - "Severity": "LOW", - "References": [ - "http://www.antoniobarresi.com/files/cain_advisory.txt", - "http://www.kb.cert.org/vuls/id/935424", - "http://www.securityfocus.com/bid/76256", - "https://bugzilla.redhat.com/show_bug.cgi?id=1252096", - "https://www.kb.cert.org/vuls/id/BGAR-A2CNKG", - "https://www.kb.cert.org/vuls/id/BLUU-9ZAHZH", - "https://www.usenix.org/system/files/conference/woot15/woot15-paper-barresi.pdf" - ] - }, - { - "VulnerabilityID": "CVE-2017-0630", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: Information disclosure vulnerability in kernel trace subsystem", - "Description": "An information disclosure vulnerability in the kernel trace subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34277115.", - "Severity": "LOW", - "References": [ - "http://www.securityfocus.com/bid/98213", - "https://source.android.com/security/bulletin/2017-05-01", - "https://source.android.com/security/bulletin/2017-05-01#id-in-kernel-trace-subsystem" - ] - }, - { - "VulnerabilityID": "CVE-2017-13694", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: ACPI node and node_ext cache leak", - "Description": "The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and node_ext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.", - "Severity": "LOW", - "References": [ - "http://www.securityfocus.com/bid/100500", - "https://github.com/acpica/acpica/pull/278/commits/4a0243ecb4c94e2d73510d096c5ea4d0711fc6c0", - "https://patchwork.kernel.org/patch/9806085/" - ] - }, - { - "VulnerabilityID": "CVE-2018-8043", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: NULL pointer dereference in drivers/net/phy/mdio-bcm-unimac.c:unimac_mdio_probe() can lead to denial of service", - "Description": "The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference).", - "Severity": "LOW", - "References": [ - "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=297a6961ffb8ff4dc66c9fbf53b924bd1dda05d5", - "http://linux.oracle.com/cve/CVE-2018-8043.html", - "http://linux.oracle.com/errata/ELSA-2019-4509.html", - "http://www.securitytracker.com/id/1040749", - "https://github.com/torvalds/linux/commit/297a6961ffb8ff4dc66c9fbf53b924bd1dda05d5", - "https://usn.ubuntu.com/3619-1/", - "https://usn.ubuntu.com/3619-2/", - "https://usn.ubuntu.com/3630-1/", - "https://usn.ubuntu.com/3630-2/", - "https://usn.ubuntu.com/3632-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-11191", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: race condition in load_aout_binary() allows local users to bypass ASLR on setuid a.out programs", - "Description": "The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is called too late in load_aout_binary() in fs/binfmt_aout.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.", - "Severity": "LOW", - "References": [ - "http://www.openwall.com/lists/oss-security/2019/04/18/5", - "http://www.openwall.com/lists/oss-security/2019/05/22/7", - "http://www.securityfocus.com/bid/107887", - "https://usn.ubuntu.com/4006-1/", - "https://usn.ubuntu.com/4006-2/", - "https://usn.ubuntu.com/4007-1/", - "https://usn.ubuntu.com/4007-2/", - "https://usn.ubuntu.com/4008-1/", - "https://usn.ubuntu.com/4008-3/", - "https://www.openwall.com/lists/oss-security/2019/04/03/4", - "https://www.openwall.com/lists/oss-security/2019/04/03/4/1" - ] - }, - { - "VulnerabilityID": "CVE-2019-12380", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: memory allocation failure in the efi subsystem leads to denial of service", - "Description": "**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed as not being an issue because β€œAll the code touched by the referenced commit runs only at boot, before any user processes are started. Therefore, there is no possibility for an unprivileged user to control it.”.", - "Severity": "LOW", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html", - "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html", - "http://www.securityfocus.com/bid/108477", - "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=4e78921ba4dd0aca1cc89168f45039add4183f8e", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/", - "https://security.netapp.com/advisory/ntap-20190710-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2019-18808", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c", - "Description": "A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.", - "Severity": "LOW", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html", - "https://github.com/torvalds/linux/commit/128c66429247add5128c03dc1e144ca56f05a4e2", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYIFGYEDQXP5DVJQQUARQRK2PXKBKQGY/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YWWOOJKZ4NQYN4RMFIVJ3ZIXKJJI3MKP/", - "https://security.netapp.com/advisory/ntap-20191205-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-18885", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: fs/btrfs/volumes.c allows a btrfs_verify_dev_extents NULL pointer dereference", - "Description": "fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verify_dev_extents NULL pointer dereference via a crafted btrfs image because fs_devices-\u003edevices is mishandled within find_device, aka CID-09ba3bc9dd15.", - "Severity": "LOW", - "References": [ - "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=09ba3bc9dd150457c506e4661380a6183af651c1", - "https://github.com/bobfuzzer/CVE-2019-18885", - "https://github.com/torvalds/linux/commit/09ba3bc9dd150457c506e4661380a6183af651c1", - "https://security.netapp.com/advisory/ntap-20191205-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-19039", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: information disclosure in __btrfs_free_extent in fs/btrfs/extent-tree.c", - "Description": "** DISPUTED ** __btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: The BTRFS development team disputes this issues as not being a vulnerability because β€œ1) The kernel provide facilities to restrict access to dmesg - dmesg_restrict=1 sysctl option. So it's really up to the system administrator to judge whether dmesg access shall be disallowed or not. 2) WARN/WARN_ON are widely used macros in the linux kernel. If this CVE is considered valid this would mean there are literally thousands CVE lurking in the kernel - something which clearly is not the case.”", - "Severity": "LOW", - "References": [ - "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19039" - ] - }, - { - "VulnerabilityID": "CVE-2019-19073", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel (DOS)", - "Description": "Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10.", - "Severity": "LOW", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html", - "https://github.com/torvalds/linux/commit/853acf7caf10b828102d92d05b5c101666a6142b", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/", - "https://security.netapp.com/advisory/ntap-20191205-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2019-3016", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: kvm: Information leak within a KVM guest", - "Description": "In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out.", - "Severity": "LOW", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-3016.html", - "http://linux.oracle.com/errata/ELSA-2020-5533.html", - "http://packetstormsecurity.com/files/157233/Kernel-Live-Patch-Security-Notice-LSN-0065-1.html", - "http://www.openwall.com/lists/oss-security/2020/01/30/4", - "https://bugzilla.redhat.com/show_bug.cgi?id=1792167", - "https://git.kernel.org/linus/1eff70a9abd46f175defafd29bc17ad456f398a7", - "https://git.kernel.org/linus/8c6de56a42e0c657955e12b882a81ef07d1d073e", - "https://git.kernel.org/linus/917248144db5d7320655dbb41d3af0b8a0f3d589", - "https://git.kernel.org/linus/a6bd811f1209fe1c64c9f6fd578101d6436c6b6e", - "https://git.kernel.org/linus/b043138246a41064527cf019a3d51d9f015e9796", - "https://lore.kernel.org/lkml/1580407316-11391-1-git-send-email-pbonzini@redhat.com/", - "https://security.netapp.com/advisory/ntap-20200313-0003/", - "https://usn.ubuntu.com/4300-1/", - "https://usn.ubuntu.com/4301-1/", - "https://www.openwall.com/lists/oss-security/2020/01/30/4" - ] - }, - { - "VulnerabilityID": "CVE-2019-3874", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: SCTP socket buffer memory leak leading to denial of service", - "Description": "The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.", - "Severity": "LOW", - "References": [ - "http://linux.oracle.com/cve/CVE-2019-3874.html", - "http://linux.oracle.com/errata/ELSA-2019-3517.html", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3874", - "https://discuss.kubernetes.io/t/kubernetes-security-announcement-linux-kernel-memory-cgroups-escape-via-sctp-cve-2019-3874/5594", - "https://lore.kernel.org/netdev/20190401113110.GA20717@hmswarspite.think-freely.org/T/#u", - "https://security.netapp.com/advisory/ntap-20190411-0003/", - "https://usn.ubuntu.com/3979-1/", - "https://usn.ubuntu.com/3980-1/", - "https://usn.ubuntu.com/3980-2/", - "https://usn.ubuntu.com/3981-1/", - "https://usn.ubuntu.com/3981-2/", - "https://usn.ubuntu.com/3982-1/", - "https://usn.ubuntu.com/3982-2/" - ] - }, - { - "VulnerabilityID": "CVE-2020-0009", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Description": "In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-142938932", - "Severity": "LOW", - "References": [ - "http://packetstormsecurity.com/files/155903/Android-ashmem-Read-Only-Bypasses.html", - "https://source.android.com/security/bulletin/2020-01-01" - ] - }, - { - "VulnerabilityID": "CVE-2020-0067", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Description": "In f2fs_xattr_generic_list of xattr.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not required for exploitation.Product: Android. Versions: Android kernel. Android ID: A-120551147.", - "Severity": "LOW", - "References": [ - "http://android.googlesource.com/kernel/common/+/688078e7", - "https://source.android.com/security/bulletin/pixel/2020-04-01" - ] - }, - { - "VulnerabilityID": "CVE-2020-11494", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: transmission of uninitialized data allows attackers to read sensitive information", - "Description": "An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2cece4.", - "Severity": "LOW", - "References": [ - "http://linux.oracle.com/cve/CVE-2020-11494.html", - "http://linux.oracle.com/errata/ELSA-2020-5663.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00035.html", - "https://github.com/torvalds/linux/commit/b9258a2cece4ec1f020715fe3554bc2e360f6264" - ] - }, - { - "VulnerabilityID": "CVE-2020-11608", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Description": "An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints, aka CID-998912346c0d.", - "Severity": "LOW", - "References": [ - "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.1", - "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=998912346c0da53a6dbb71fab3a138586b596b30", - "https://github.com/torvalds/linux/commit/998912346c0da53a6dbb71fab3a138586b596b30" - ] - }, - { - "VulnerabilityID": "CVE-2020-2732", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources", - "Description": "A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest.", - "Severity": "LOW", - "References": [ - "http://linux.oracle.com/cve/CVE-2020-2732.html", - "http://linux.oracle.com/errata/ELSA-2020-5543.html", - "https://bugzilla.redhat.com/show_bug.cgi?id=1805135", - "https://git.kernel.org/linus/07721feee46b4b248402133228235318199b05ec", - "https://git.kernel.org/linus/35a571346a94fb93b5b3b6a599675ef3384bc75c", - "https://git.kernel.org/linus/e71237d3ff1abf9f3388337cfebf53b96df2020d", - "https://linux.oracle.com/errata/ELSA-2020-5540.html", - "https://linux.oracle.com/errata/ELSA-2020-5542.html", - "https://linux.oracle.com/errata/ELSA-2020-5543.html", - "https://www.openwall.com/lists/oss-security/2020/02/25/3", - "https://www.spinics.net/lists/kvm/msg208259.html" - ] - }, - { - "VulnerabilityID": "CVE-2020-8428", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: use-after-free in fs/namei.c", - "Description": "fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for a UNIX domain socket, if the socket is being moved to a new parent directory and its old parent directory is being removed.", - "Severity": "LOW", - "References": [ - "http://www.openwall.com/lists/oss-security/2020/01/28/4", - "http://www.openwall.com/lists/oss-security/2020/02/02/1", - "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d0cb50185ae942b03c4327be322055d622dc79f6", - "https://github.com/torvalds/linux/commit/d0cb50185ae942b03c4327be322055d622dc79f6", - "https://www.openwall.com/lists/oss-security/2020/01/28/2" - ] - }, - { - "VulnerabilityID": "CVE-2020-8647", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c", - "Description": "There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.", - "Severity": "LOW", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00039.html", - "https://bugzilla.kernel.org/show_bug.cgi?id=206359" - ] - }, - { - "VulnerabilityID": "CVE-2020-8648", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c", - "Description": "There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.", - "Severity": "LOW", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html", - "https://bugzilla.kernel.org/show_bug.cgi?id=206361" - ] - }, - { - "VulnerabilityID": "CVE-2020-8649", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: invalid read location in vgacon_invert_region function in drivers/video/console/vgacon.c", - "Description": "There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.", - "Severity": "LOW", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00039.html", - "https://bugzilla.kernel.org/show_bug.cgi?id=206357" - ] - }, - { - "VulnerabilityID": "CVE-2020-9383", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "kernel: out-of-bounds read in set_fdc in drivers/block/floppy.c", - "Description": "An issue was discovered in the Linux kernel through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.", - "Severity": "LOW", - "References": [ - "http://linux.oracle.com/cve/CVE-2020-9383.html", - "http://linux.oracle.com/errata/ELSA-2020-5663.html", - "https://github.com/torvalds/linux/commit/2e90ca68b0d2f5548804f22f0dd61145516171e3", - "https://security.netapp.com/advisory/ntap-20200313-0003/" - ] - }, - { - "VulnerabilityID": "TEMP-0000000-F7A20F", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Severity": "LOW" - }, - { - "VulnerabilityID": "CVE-2019-15794", - "PkgName": "linux-libc-dev", - "InstalledVersion": "4.19.98-1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Description": "Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma-\u003evm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.", - "Severity": "UNKNOWN", - "References": [ - "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/eoan/commit/?id=270d16ae48a4dbf1c7e25e94cc3e38b4bea37635", - "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/eoan/commit/?id=ef81780548d20a786cc77ed4203fca146fd81ce3", - "https://usn.ubuntu.com/usn/usn-4208-1", - "https://usn.ubuntu.com/usn/usn-4209-1" - ] - }, - { - "VulnerabilityID": "CVE-2007-5686", - "PkgName": "login", - "InstalledVersion": "1:4.5-1.1", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "Severity": "MEDIUM", - "References": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825" - ] - }, - { - "VulnerabilityID": "CVE-2018-7169", - "PkgName": "login", - "InstalledVersion": "1:4.5-1.1", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", - "Description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used \"group blacklisting\" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.", - "Severity": "MEDIUM", - "References": [ - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", - "https://security.gentoo.org/glsa/201805-09" - ] - }, - { - "VulnerabilityID": "CVE-2019-19882", - "PkgName": "login", - "InstalledVersion": "1:4.5-1.1", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", - "Description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", - "Severity": "MEDIUM", - "References": [ - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580" - ] - }, - { - "VulnerabilityID": "CVE-2013-4235", - "PkgName": "login", - "InstalledVersion": "1:4.5-1.1", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", - "Description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "Severity": "LOW", - "References": [ - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235" - ] - }, - { - "VulnerabilityID": "TEMP-0628843-DBAD28", - "PkgName": "login", - "InstalledVersion": "1:4.5-1.1", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Severity": "LOW" - }, - { - "VulnerabilityID": "CVE-2008-1687", - "PkgName": "m4", - "InstalledVersion": "1.4.18-2", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "m4: unquoted output of maketemp and mkstemp", - "Description": "The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename.", - "Severity": "HIGH", - "References": [ - "http://secunia.com/advisories/29671", - "http://secunia.com/advisories/29729", - "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.510612", - "http://www.openwall.com/lists/oss-security/2008/04/07/1", - "http://www.openwall.com/lists/oss-security/2008/04/07/12", - "http://www.openwall.com/lists/oss-security/2008/04/07/3", - "http://www.openwall.com/lists/oss-security/2008/04/07/4", - "http://www.securityfocus.com/bid/28688", - "http://www.vupen.com/english/advisories/2008/1151/references", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/41706" - ] - }, - { - "VulnerabilityID": "CVE-2008-1688", - "PkgName": "m4", - "InstalledVersion": "1.4.18-2", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "m4: code execution via -F argument", - "Description": "Unspecified vulnerability in GNU m4 before 1.4.11 might allow context-dependent attackers to execute arbitrary code, related to improper handling of filenames specified with the -F option. NOTE: it is not clear when this issue crosses privilege boundaries.", - "Severity": "HIGH", - "References": [ - "http://osvdb.org/44272", - "http://secunia.com/advisories/29671", - "http://secunia.com/advisories/29729", - "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.510612", - "http://www.openwall.com/lists/oss-security/2008/04/07/1", - "http://www.openwall.com/lists/oss-security/2008/04/07/3", - "http://www.securityfocus.com/bid/28688", - "http://www.vupen.com/english/advisories/2008/1151/references", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/41704" - ] - }, - { - "VulnerabilityID": "CVE-2007-6755", - "PkgName": "openssl", - "InstalledVersion": "1.1.1d-0+deb10u3", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "Dual_EC_DRBG: weak pseudo random number generator", - "Description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain \"skeleton key\" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", - "Severity": "MEDIUM", - "References": [ - "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", - "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", - "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", - "http://rump2007.cr.yp.to/15-shumow.pdf", - "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", - "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", - "http://www.securityfocus.com/bid/63657", - "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html" - ] - }, - { - "VulnerabilityID": "CVE-2010-0928", - "PkgName": "openssl", - "InstalledVersion": "1.1.1d-0+deb10u3", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "openssl: RSA authentication weakness", - "Description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a \"fault-based attack.\"", - "Severity": "MEDIUM", - "References": [ - "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", - "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", - "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", - "http://www.osvdb.org/62808", - "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", - "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750" - ] - }, - { - "VulnerabilityID": "CVE-2019-1551", - "PkgName": "openssl", - "InstalledVersion": "1.1.1d-0+deb10u3", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", - "Description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html", - "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html", - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f", - "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98", - "https://github.com/openssl/openssl/pull/10575", - "https://seclists.org/bugtraq/2019/Dec/39", - "https://seclists.org/bugtraq/2019/Dec/46", - "https://security.netapp.com/advisory/ntap-20191210-0001/", - "https://www.debian.org/security/2019/dsa-4594", - "https://www.openssl.org/news/secadv/20191206.txt", - "https://www.tenable.com/security/tns-2019-09" - ] - }, - { - "VulnerabilityID": "CVE-2007-5686", - "PkgName": "passwd", - "InstalledVersion": "1:4.5-1.1", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", - "Severity": "MEDIUM", - "References": [ - "http://secunia.com/advisories/27215", - "http://www.securityfocus.com/archive/1/482129/100/100/threaded", - "http://www.securityfocus.com/archive/1/482857/100/0/threaded", - "http://www.securityfocus.com/bid/26048", - "http://www.vupen.com/english/advisories/2007/3474", - "https://issues.rpath.com/browse/RPL-1825" - ] - }, - { - "VulnerabilityID": "CVE-2018-7169", - "PkgName": "passwd", - "InstalledVersion": "1:4.5-1.1", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", - "Description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used \"group blacklisting\" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.", - "Severity": "MEDIUM", - "References": [ - "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", - "https://security.gentoo.org/glsa/201805-09" - ] - }, - { - "VulnerabilityID": "CVE-2019-19882", - "PkgName": "passwd", - "InstalledVersion": "1:4.5-1.1", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", - "Description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", - "Severity": "MEDIUM", - "References": [ - "https://bugs.archlinux.org/task/64836", - "https://bugs.gentoo.org/702252", - "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", - "https://github.com/shadow-maint/shadow/pull/199", - "https://github.com/void-linux/void-packages/pull/17580" - ] - }, - { - "VulnerabilityID": "CVE-2013-4235", - "PkgName": "passwd", - "InstalledVersion": "1:4.5-1.1", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", - "Description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", - "Severity": "LOW", - "References": [ - "https://access.redhat.com/security/cve/cve-2013-4235", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", - "https://security-tracker.debian.org/tracker/CVE-2013-4235" - ] - }, - { - "VulnerabilityID": "TEMP-0628843-DBAD28", - "PkgName": "passwd", - "InstalledVersion": "1:4.5-1.1", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Severity": "LOW" - }, - { - "VulnerabilityID": "CVE-2010-4651", - "PkgName": "patch", - "InstalledVersion": "2.7.6-3+deb10u1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "patch: directory traversal flaw allows for arbitrary file creation", - "Description": "Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.", - "Severity": "MEDIUM", - "References": [ - "http://git.savannah.gnu.org/cgit/patch.git/commit/?id=685a78b6052f4df6eac6d625a545cfb54a6ac0e1", - "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", - "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055241.html", - "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055246.html", - "http://lists.gnu.org/archive/html/bug-patch/2010-12/msg00000.html", - "http://openwall.com/lists/oss-security/2011/01/05/10", - "http://openwall.com/lists/oss-security/2011/01/06/19", - "http://openwall.com/lists/oss-security/2011/01/06/20", - "http://openwall.com/lists/oss-security/2011/01/06/21", - "http://secunia.com/advisories/43663", - "http://secunia.com/advisories/43677", - "http://support.apple.com/kb/HT4723", - "http://www.securityfocus.com/bid/46768", - "http://www.vupen.com/english/advisories/2011/0600", - "https://bugzilla.redhat.com/show_bug.cgi?id=667529" - ] - }, - { - "VulnerabilityID": "CVE-2018-6951", - "PkgName": "patch", - "InstalledVersion": "2.7.6-3+deb10u1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "patch: NULL pointer dereference in pch.c:intuit_diff_type() causes a crash", - "Description": "An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a \"mangled rename\" issue.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/103044", - "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a", - "https://savannah.gnu.org/bugs/index.php?53132", - "https://security.gentoo.org/glsa/201904-17", - "https://usn.ubuntu.com/3624-1/" - ] - }, - { - "VulnerabilityID": "CVE-2018-6952", - "PkgName": "patch", - "InstalledVersion": "2.7.6-3+deb10u1", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "patch: Double free of memory in pch.c:another_hunk() causes a crash", - "Description": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2018-6952.html", - "http://linux.oracle.com/errata/ELSA-2019-2033.html", - "http://www.securityfocus.com/bid/103047", - "https://savannah.gnu.org/bugs/index.php?53133", - "https://security.gentoo.org/glsa/201904-17" - ] - }, - { - "VulnerabilityID": "CVE-2011-4116", - "PkgName": "perl", - "InstalledVersion": "5.28.1-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "perl: File::Temp insecure temporary file handling", - "Description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", - "Severity": "MEDIUM", - "References": [ - "http://www.openwall.com/lists/oss-security/2011/11/04/2", - "http://www.openwall.com/lists/oss-security/2011/11/04/4", - "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", - "https://rt.cpan.org/Public/Bug/Display.html?id=69106", - "https://seclists.org/oss-sec/2011/q4/238" - ] - }, - { - "VulnerabilityID": "CVE-2011-4116", - "PkgName": "perl-base", - "InstalledVersion": "5.28.1-6", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "perl: File::Temp insecure temporary file handling", - "Description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", - "Severity": "MEDIUM", - "References": [ - "http://www.openwall.com/lists/oss-security/2011/11/04/2", - "http://www.openwall.com/lists/oss-security/2011/11/04/4", - "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", - "https://rt.cpan.org/Public/Bug/Display.html?id=69106", - "https://seclists.org/oss-sec/2011/q4/238" - ] - }, - { - "VulnerabilityID": "CVE-2011-4116", - "PkgName": "perl-modules-5.28", - "InstalledVersion": "5.28.1-6", - "Layer": { - "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", - "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" - }, - "Title": "perl: File::Temp insecure temporary file handling", - "Description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", - "Severity": "MEDIUM", - "References": [ - "http://www.openwall.com/lists/oss-security/2011/11/04/2", - "http://www.openwall.com/lists/oss-security/2011/11/04/4", - "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", - "https://rt.cpan.org/Public/Bug/Display.html?id=69106", - "https://seclists.org/oss-sec/2011/q4/238" - ] - }, - { - "VulnerabilityID": "CVE-2020-8492", - "PkgName": "python3.7", - "InstalledVersion": "3.7.3-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS", - "Description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.", - "Severity": "HIGH", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", - "https://bugs.python.org/issue39503", - "https://github.com/python/cpython/pull/18284", - "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html", - "https://security.netapp.com/advisory/ntap-20200221-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2017-17522", - "PkgName": "python3.7", - "InstalledVersion": "3.7.3-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "python: Command injection in Lib/webbrowser.py", - "Description": "** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/102207", - "https://bugs.python.org/issue32367", - "https://security-tracker.debian.org/tracker/CVE-2017-17522" - ] - }, - { - "VulnerabilityID": "CVE-2019-18348", - "PkgName": "python3.7", - "InstalledVersion": "3.7.3-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "python: CRLF injection via the host part of the url passed to urlopen()", - "Description": "An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.)", - "Severity": "MEDIUM", - "References": [ - "https://bugs.python.org/issue30458#msg347282", - "https://bugzilla.redhat.com/show_bug.cgi?id=1727276", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/", - "https://security.netapp.com/advisory/ntap-20191107-0004/" - ] - }, - { - "VulnerabilityID": "CVE-2019-9674", - "PkgName": "python3.7", - "InstalledVersion": "3.7.3-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "python: Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py", - "Description": "Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", - "https://bugs.python.org/issue36260", - "https://bugs.python.org/issue36462", - "https://github.com/python/cpython/blob/master/Lib/zipfile.py", - "https://python-security.readthedocs.io/security.html#archives-and-zip-bomb", - "https://security.netapp.com/advisory/ntap-20200221-0003/", - "https://www.python.org/news/security/" - ] - }, - { - "VulnerabilityID": "CVE-2020-8492", - "PkgName": "python3.7-minimal", - "InstalledVersion": "3.7.3-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS", - "Description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.", - "Severity": "HIGH", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", - "https://bugs.python.org/issue39503", - "https://github.com/python/cpython/pull/18284", - "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html", - "https://security.netapp.com/advisory/ntap-20200221-0001/" - ] - }, - { - "VulnerabilityID": "CVE-2017-17522", - "PkgName": "python3.7-minimal", - "InstalledVersion": "3.7.3-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "python: Command injection in Lib/webbrowser.py", - "Description": "** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/102207", - "https://bugs.python.org/issue32367", - "https://security-tracker.debian.org/tracker/CVE-2017-17522" - ] - }, - { - "VulnerabilityID": "CVE-2019-18348", - "PkgName": "python3.7-minimal", - "InstalledVersion": "3.7.3-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "python: CRLF injection via the host part of the url passed to urlopen()", - "Description": "An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.)", - "Severity": "MEDIUM", - "References": [ - "https://bugs.python.org/issue30458#msg347282", - "https://bugzilla.redhat.com/show_bug.cgi?id=1727276", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/", - "https://security.netapp.com/advisory/ntap-20191107-0004/" - ] - }, - { - "VulnerabilityID": "CVE-2019-9674", - "PkgName": "python3.7-minimal", - "InstalledVersion": "3.7.3-2+deb10u1", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "python: Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py", - "Description": "Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.", - "Severity": "MEDIUM", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", - "https://bugs.python.org/issue36260", - "https://bugs.python.org/issue36462", - "https://github.com/python/cpython/blob/master/Lib/zipfile.py", - "https://python-security.readthedocs.io/security.html#archives-and-zip-bomb", - "https://security.netapp.com/advisory/ntap-20200221-0003/", - "https://www.python.org/news/security/" - ] - }, - { - "VulnerabilityID": "CVE-2019-3843", - "PkgName": "systemd", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "systemd: services with DynamicUser can create SUID/SGID binaries", - "Description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108116", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", - "https://security.netapp.com/advisory/ntap-20190619-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2019-3844", - "PkgName": "systemd", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "systemd: services with DynamicUser can get new privileges and create SGID binaries", - "Description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108096", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", - "https://security.netapp.com/advisory/ntap-20190619-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2020-1712", - "PkgName": "systemd", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "systemd: use-after-free when asynchronous polkit queries are performed", - "Description": "A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2020-1712.html", - "http://linux.oracle.com/errata/ELSA-2020-0575.html", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712", - "https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54", - "https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb", - "https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d", - "https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2", - "https://www.openwall.com/lists/oss-security/2020/02/05/1" - ] - }, - { - "VulnerabilityID": "CVE-2013-4392", - "PkgName": "systemd", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "systemd: TOCTOU race condition when updating file permissions and SELinux security contexts", - "Description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", - "Severity": "LOW", - "References": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060" - ] - }, - { - "VulnerabilityID": "CVE-2019-20386", - "PkgName": "systemd", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "systemd: a memory leak was discovered in button_open in login/logind-button.c when udev events are received", - "Description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", - "Severity": "LOW", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", - "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", - "https://security.netapp.com/advisory/ntap-20200210-0002/", - "https://usn.ubuntu.com/4269-1/" - ] - }, - { - "VulnerabilityID": "CVE-2019-3843", - "PkgName": "systemd-sysv", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "systemd: services with DynamicUser can create SUID/SGID binaries", - "Description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108116", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", - "https://security.netapp.com/advisory/ntap-20190619-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2019-3844", - "PkgName": "systemd-sysv", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "systemd: services with DynamicUser can get new privileges and create SGID binaries", - "Description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", - "Severity": "MEDIUM", - "References": [ - "http://www.securityfocus.com/bid/108096", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", - "https://security.netapp.com/advisory/ntap-20190619-0002/" - ] - }, - { - "VulnerabilityID": "CVE-2020-1712", - "PkgName": "systemd-sysv", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "systemd: use-after-free when asynchronous polkit queries are performed", - "Description": "A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.", - "Severity": "MEDIUM", - "References": [ - "http://linux.oracle.com/cve/CVE-2020-1712.html", - "http://linux.oracle.com/errata/ELSA-2020-0575.html", - "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712", - "https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54", - "https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb", - "https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d", - "https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2", - "https://www.openwall.com/lists/oss-security/2020/02/05/1" - ] - }, - { - "VulnerabilityID": "CVE-2013-4392", - "PkgName": "systemd-sysv", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "systemd: TOCTOU race condition when updating file permissions and SELinux security contexts", - "Description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", - "Severity": "LOW", - "References": [ - "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", - "http://www.openwall.com/lists/oss-security/2013/10/01/9", - "https://bugzilla.redhat.com/show_bug.cgi?id=859060" - ] - }, - { - "VulnerabilityID": "CVE-2019-20386", - "PkgName": "systemd-sysv", - "InstalledVersion": "241-7~deb10u3", - "Layer": { - "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", - "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" - }, - "Title": "systemd: a memory leak was discovered in button_open in login/logind-button.c when udev events are received", - "Description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", - "Severity": "LOW", - "References": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", - "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", - "https://security.netapp.com/advisory/ntap-20200210-0002/", - "https://usn.ubuntu.com/4269-1/" - ] - }, - { - "VulnerabilityID": "TEMP-0517018-A83CE6", - "PkgName": "sysvinit-utils", - "InstalledVersion": "2.93-8", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Severity": "LOW" - }, - { - "VulnerabilityID": "CVE-2005-2541", - "PkgName": "tar", - "InstalledVersion": "1.30+dfsg-6", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", - "Severity": "CRITICAL", - "References": [ - "http://marc.info/?l=bugtraq\u0026m=112327628230258\u0026w=2" - ] - }, - { - "VulnerabilityID": "CVE-2019-9923", - "PkgName": "tar", - "InstalledVersion": "1.30+dfsg-6", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Title": "tar: null-pointer dereference in pax_decode_header in sparse.c", - "Description": "pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.", - "Severity": "MEDIUM", - "References": [ - "http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120", - "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html", - "http://savannah.gnu.org/bugs/?55369", - "https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241" - ] - }, - { - "VulnerabilityID": "TEMP-0290435-0B57B5", - "PkgName": "tar", - "InstalledVersion": "1.30+dfsg-6", - "Layer": { - "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", - "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" - }, - "Severity": "LOW" - } - ] + "Vulnerabilities": + [ + { + "VulnerabilityID": "CVE-2007-0086", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": "** DISPUTED ** The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal.", + "Severity": "HIGH", + "References": + [ + "http://osvdb.org/33456", + "http://www.securityfocus.com/archive/1/455833/100/0/threaded", + "http://www.securityfocus.com/archive/1/455879/100/0/threaded", + "http://www.securityfocus.com/archive/1/455882/100/0/threaded", + "http://www.securityfocus.com/archive/1/455920/100/0/threaded", + ], + }, + { + "VulnerabilityID": "CVE-2003-1307", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": '** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server''s process group and use the server''s file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server''s TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP."', + "Severity": "MEDIUM", + "References": + [ + "http://bugs.php.net/38915", + "http://hackerdom.ru/~dimmo/phpexpl.c", + "http://www.securityfocus.com/archive/1/348368", + "http://www.securityfocus.com/archive/1/449234/100/0/threaded", + "http://www.securityfocus.com/archive/1/449298/100/0/threaded", + "http://www.securityfocus.com/bid/9302", + ], + }, + { + "VulnerabilityID": "CVE-2003-1580", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": 'The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.', + "Severity": "MEDIUM", + "References": ["http://www.securityfocus.com/archive/1/313867"], + }, + { + "VulnerabilityID": "CVE-2007-1743", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": 'suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root." In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.', + "Severity": "MEDIUM", + "References": + [ + "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511", + "http://marc.info/?l=apache-httpd-dev\u0026m=117511568709063\u0026w=2", + "http://marc.info/?l=apache-httpd-dev\u0026m=117511834512138\u0026w=2", + "http://www.securitytracker.com/id?1017904", + ], + }, + { + "VulnerabilityID": "CVE-2007-3303", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": "Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.", + "Severity": "MEDIUM", + "References": + [ + "http://osvdb.org/37050", + "http://security.psnc.pl/files/apache_report.pdf", + "http://securityreason.com/securityalert/2814", + "http://www.securityfocus.com/archive/1/469899/100/0/threaded", + "http://www.securityfocus.com/archive/1/471832/100/0/threaded", + "http://www.securityfocus.com/bid/24215", + ], + }, + { + "VulnerabilityID": "CVE-2008-0455", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "CVE-2012-2687 CVE-2008-0455 httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled", + "Description": 'Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.', + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2008-0455.html", + "http://linux.oracle.com/errata/ELSA-2013-0512.html", + "http://rhn.redhat.com/errata/RHSA-2012-1591.html", + "http://rhn.redhat.com/errata/RHSA-2012-1592.html", + "http://rhn.redhat.com/errata/RHSA-2012-1594.html", + "http://rhn.redhat.com/errata/RHSA-2013-0130.html", + "http://secunia.com/advisories/29348", + "http://secunia.com/advisories/51607", + "http://security.gentoo.org/glsa/glsa-200803-19.xml", + "http://securityreason.com/securityalert/3575", + "http://securitytracker.com/id?1019256", + "http://www.mindedsecurity.com/MSA01150108.html", + "http://www.securityfocus.com/archive/1/486847/100/0/threaded", + "http://www.securityfocus.com/bid/27409", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/39867", + ], + }, + { + "VulnerabilityID": "CVE-2020-1927", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "httpd: mod_rewrite configurations vulnerable to open redirect", + "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.", + "Severity": "MEDIUM", + "References": + [ + "http://www.openwall.com/lists/oss-security/2020/04/03/1", + "http://www.openwall.com/lists/oss-security/2020/04/04/1", + "https://httpd.apache.org/security/vulnerabilities_24.html", + "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E", + ], + }, + { + "VulnerabilityID": "CVE-2020-1934", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "httpd: mod_proxy_ftp use of uninitialized value", + "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.", + "Severity": "MEDIUM", + "References": + [ + "https://httpd.apache.org/security/vulnerabilities_24.html", + "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210@%3Ccvs.httpd.apache.org%3E", + "https://security.netapp.com/advisory/ntap-20200413-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2001-1534", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": "mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.", + "Severity": "LOW", + "References": + [ + "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html", + "http://www.iss.net/security_center/static/7494.php", + "http://www.securityfocus.com/bid/3521", + ], + }, + { + "VulnerabilityID": "CVE-2003-1581", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "httpd: Injection of arbitrary text into log files when DNS resolution is enabled", + "Description": 'The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue.', + "Severity": "LOW", + "References": ["http://www.securityfocus.com/archive/1/313867"], + }, + { + "VulnerabilityID": "CVE-2008-0456", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enabled", + "Description": 'CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.', + "Severity": "LOW", + "References": + [ + "http://linux.oracle.com/cve/CVE-2008-0456.html", + "http://linux.oracle.com/errata/ELSA-2013-0130.html", + "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", + "http://rhn.redhat.com/errata/RHSA-2013-0130.html", + "http://secunia.com/advisories/29348", + "http://secunia.com/advisories/35074", + "http://security.gentoo.org/glsa/glsa-200803-19.xml", + "http://securityreason.com/securityalert/3575", + "http://securitytracker.com/id?1019256", + "http://support.apple.com/kb/HT3549", + "http://www.mindedsecurity.com/MSA01150108.html", + "http://www.securityfocus.com/archive/1/486847/100/0/threaded", + "http://www.securityfocus.com/bid/27409", + "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", + "http://www.vupen.com/english/advisories/2009/1297", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/39893", + "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E", + ], + }, + { + "VulnerabilityID": "CVE-2007-0086", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": "** DISPUTED ** The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal.", + "Severity": "HIGH", + "References": + [ + "http://osvdb.org/33456", + "http://www.securityfocus.com/archive/1/455833/100/0/threaded", + "http://www.securityfocus.com/archive/1/455879/100/0/threaded", + "http://www.securityfocus.com/archive/1/455882/100/0/threaded", + "http://www.securityfocus.com/archive/1/455920/100/0/threaded", + ], + }, + { + "VulnerabilityID": "CVE-2003-1307", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": '** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server''s process group and use the server''s file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server''s TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP."', + "Severity": "MEDIUM", + "References": + [ + "http://bugs.php.net/38915", + "http://hackerdom.ru/~dimmo/phpexpl.c", + "http://www.securityfocus.com/archive/1/348368", + "http://www.securityfocus.com/archive/1/449234/100/0/threaded", + "http://www.securityfocus.com/archive/1/449298/100/0/threaded", + "http://www.securityfocus.com/bid/9302", + ], + }, + { + "VulnerabilityID": "CVE-2003-1580", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": 'The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.', + "Severity": "MEDIUM", + "References": ["http://www.securityfocus.com/archive/1/313867"], + }, + { + "VulnerabilityID": "CVE-2007-1743", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": 'suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root." In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.', + "Severity": "MEDIUM", + "References": + [ + "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511", + "http://marc.info/?l=apache-httpd-dev\u0026m=117511568709063\u0026w=2", + "http://marc.info/?l=apache-httpd-dev\u0026m=117511834512138\u0026w=2", + "http://www.securitytracker.com/id?1017904", + ], + }, + { + "VulnerabilityID": "CVE-2007-3303", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": "Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.", + "Severity": "MEDIUM", + "References": + [ + "http://osvdb.org/37050", + "http://security.psnc.pl/files/apache_report.pdf", + "http://securityreason.com/securityalert/2814", + "http://www.securityfocus.com/archive/1/469899/100/0/threaded", + "http://www.securityfocus.com/archive/1/471832/100/0/threaded", + "http://www.securityfocus.com/bid/24215", + ], + }, + { + "VulnerabilityID": "CVE-2008-0455", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "CVE-2012-2687 CVE-2008-0455 httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled", + "Description": 'Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.', + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2008-0455.html", + "http://linux.oracle.com/errata/ELSA-2013-0512.html", + "http://rhn.redhat.com/errata/RHSA-2012-1591.html", + "http://rhn.redhat.com/errata/RHSA-2012-1592.html", + "http://rhn.redhat.com/errata/RHSA-2012-1594.html", + "http://rhn.redhat.com/errata/RHSA-2013-0130.html", + "http://secunia.com/advisories/29348", + "http://secunia.com/advisories/51607", + "http://security.gentoo.org/glsa/glsa-200803-19.xml", + "http://securityreason.com/securityalert/3575", + "http://securitytracker.com/id?1019256", + "http://www.mindedsecurity.com/MSA01150108.html", + "http://www.securityfocus.com/archive/1/486847/100/0/threaded", + "http://www.securityfocus.com/bid/27409", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/39867", + ], + }, + { + "VulnerabilityID": "CVE-2020-1927", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "httpd: mod_rewrite configurations vulnerable to open redirect", + "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.", + "Severity": "MEDIUM", + "References": + [ + "http://www.openwall.com/lists/oss-security/2020/04/03/1", + "http://www.openwall.com/lists/oss-security/2020/04/04/1", + "https://httpd.apache.org/security/vulnerabilities_24.html", + "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E", + ], + }, + { + "VulnerabilityID": "CVE-2020-1934", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "httpd: mod_proxy_ftp use of uninitialized value", + "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.", + "Severity": "MEDIUM", + "References": + [ + "https://httpd.apache.org/security/vulnerabilities_24.html", + "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210@%3Ccvs.httpd.apache.org%3E", + "https://security.netapp.com/advisory/ntap-20200413-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2001-1534", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": "mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.", + "Severity": "LOW", + "References": + [ + "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html", + "http://www.iss.net/security_center/static/7494.php", + "http://www.securityfocus.com/bid/3521", + ], + }, + { + "VulnerabilityID": "CVE-2003-1581", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "httpd: Injection of arbitrary text into log files when DNS resolution is enabled", + "Description": 'The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue.', + "Severity": "LOW", + "References": ["http://www.securityfocus.com/archive/1/313867"], + }, + { + "VulnerabilityID": "CVE-2008-0456", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enabled", + "Description": 'CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.', + "Severity": "LOW", + "References": + [ + "http://linux.oracle.com/cve/CVE-2008-0456.html", + "http://linux.oracle.com/errata/ELSA-2013-0130.html", + "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", + "http://rhn.redhat.com/errata/RHSA-2013-0130.html", + "http://secunia.com/advisories/29348", + "http://secunia.com/advisories/35074", + "http://security.gentoo.org/glsa/glsa-200803-19.xml", + "http://securityreason.com/securityalert/3575", + "http://securitytracker.com/id?1019256", + "http://support.apple.com/kb/HT3549", + "http://www.mindedsecurity.com/MSA01150108.html", + "http://www.securityfocus.com/archive/1/486847/100/0/threaded", + "http://www.securityfocus.com/bid/27409", + "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", + "http://www.vupen.com/english/advisories/2009/1297", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/39893", + "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E", + ], + }, + { + "VulnerabilityID": "CVE-2007-0086", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": "** DISPUTED ** The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal.", + "Severity": "HIGH", + "References": + [ + "http://osvdb.org/33456", + "http://www.securityfocus.com/archive/1/455833/100/0/threaded", + "http://www.securityfocus.com/archive/1/455879/100/0/threaded", + "http://www.securityfocus.com/archive/1/455882/100/0/threaded", + "http://www.securityfocus.com/archive/1/455920/100/0/threaded", + ], + }, + { + "VulnerabilityID": "CVE-2003-1307", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": '** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server''s process group and use the server''s file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server''s TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP."', + "Severity": "MEDIUM", + "References": + [ + "http://bugs.php.net/38915", + "http://hackerdom.ru/~dimmo/phpexpl.c", + "http://www.securityfocus.com/archive/1/348368", + "http://www.securityfocus.com/archive/1/449234/100/0/threaded", + "http://www.securityfocus.com/archive/1/449298/100/0/threaded", + "http://www.securityfocus.com/bid/9302", + ], + }, + { + "VulnerabilityID": "CVE-2003-1580", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": 'The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.', + "Severity": "MEDIUM", + "References": ["http://www.securityfocus.com/archive/1/313867"], + }, + { + "VulnerabilityID": "CVE-2007-1743", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": 'suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root." In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.', + "Severity": "MEDIUM", + "References": + [ + "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511", + "http://marc.info/?l=apache-httpd-dev\u0026m=117511568709063\u0026w=2", + "http://marc.info/?l=apache-httpd-dev\u0026m=117511834512138\u0026w=2", + "http://www.securitytracker.com/id?1017904", + ], + }, + { + "VulnerabilityID": "CVE-2007-3303", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": "Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.", + "Severity": "MEDIUM", + "References": + [ + "http://osvdb.org/37050", + "http://security.psnc.pl/files/apache_report.pdf", + "http://securityreason.com/securityalert/2814", + "http://www.securityfocus.com/archive/1/469899/100/0/threaded", + "http://www.securityfocus.com/archive/1/471832/100/0/threaded", + "http://www.securityfocus.com/bid/24215", + ], + }, + { + "VulnerabilityID": "CVE-2008-0455", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "CVE-2012-2687 CVE-2008-0455 httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled", + "Description": 'Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.', + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2008-0455.html", + "http://linux.oracle.com/errata/ELSA-2013-0512.html", + "http://rhn.redhat.com/errata/RHSA-2012-1591.html", + "http://rhn.redhat.com/errata/RHSA-2012-1592.html", + "http://rhn.redhat.com/errata/RHSA-2012-1594.html", + "http://rhn.redhat.com/errata/RHSA-2013-0130.html", + "http://secunia.com/advisories/29348", + "http://secunia.com/advisories/51607", + "http://security.gentoo.org/glsa/glsa-200803-19.xml", + "http://securityreason.com/securityalert/3575", + "http://securitytracker.com/id?1019256", + "http://www.mindedsecurity.com/MSA01150108.html", + "http://www.securityfocus.com/archive/1/486847/100/0/threaded", + "http://www.securityfocus.com/bid/27409", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/39867", + ], + }, + { + "VulnerabilityID": "CVE-2020-1927", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "httpd: mod_rewrite configurations vulnerable to open redirect", + "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.", + "Severity": "MEDIUM", + "References": + [ + "http://www.openwall.com/lists/oss-security/2020/04/03/1", + "http://www.openwall.com/lists/oss-security/2020/04/04/1", + "https://httpd.apache.org/security/vulnerabilities_24.html", + "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E", + ], + }, + { + "VulnerabilityID": "CVE-2020-1934", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "httpd: mod_proxy_ftp use of uninitialized value", + "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.", + "Severity": "MEDIUM", + "References": + [ + "https://httpd.apache.org/security/vulnerabilities_24.html", + "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210@%3Ccvs.httpd.apache.org%3E", + "https://security.netapp.com/advisory/ntap-20200413-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2001-1534", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": "mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.", + "Severity": "LOW", + "References": + [ + "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html", + "http://www.iss.net/security_center/static/7494.php", + "http://www.securityfocus.com/bid/3521", + ], + }, + { + "VulnerabilityID": "CVE-2003-1581", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "httpd: Injection of arbitrary text into log files when DNS resolution is enabled", + "Description": 'The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue.', + "Severity": "LOW", + "References": ["http://www.securityfocus.com/archive/1/313867"], + }, + { + "VulnerabilityID": "CVE-2008-0456", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enabled", + "Description": 'CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.', + "Severity": "LOW", + "References": + [ + "http://linux.oracle.com/cve/CVE-2008-0456.html", + "http://linux.oracle.com/errata/ELSA-2013-0130.html", + "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", + "http://rhn.redhat.com/errata/RHSA-2013-0130.html", + "http://secunia.com/advisories/29348", + "http://secunia.com/advisories/35074", + "http://security.gentoo.org/glsa/glsa-200803-19.xml", + "http://securityreason.com/securityalert/3575", + "http://securitytracker.com/id?1019256", + "http://support.apple.com/kb/HT3549", + "http://www.mindedsecurity.com/MSA01150108.html", + "http://www.securityfocus.com/archive/1/486847/100/0/threaded", + "http://www.securityfocus.com/bid/27409", + "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", + "http://www.vupen.com/english/advisories/2009/1297", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/39893", + "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E", + ], + }, + { + "VulnerabilityID": "CVE-2007-0086", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": "** DISPUTED ** The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal.", + "Severity": "HIGH", + "References": + [ + "http://osvdb.org/33456", + "http://www.securityfocus.com/archive/1/455833/100/0/threaded", + "http://www.securityfocus.com/archive/1/455879/100/0/threaded", + "http://www.securityfocus.com/archive/1/455882/100/0/threaded", + "http://www.securityfocus.com/archive/1/455920/100/0/threaded", + ], + }, + { + "VulnerabilityID": "CVE-2003-1307", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": '** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server''s process group and use the server''s file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server''s TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP."', + "Severity": "MEDIUM", + "References": + [ + "http://bugs.php.net/38915", + "http://hackerdom.ru/~dimmo/phpexpl.c", + "http://www.securityfocus.com/archive/1/348368", + "http://www.securityfocus.com/archive/1/449234/100/0/threaded", + "http://www.securityfocus.com/archive/1/449298/100/0/threaded", + "http://www.securityfocus.com/bid/9302", + ], + }, + { + "VulnerabilityID": "CVE-2003-1580", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": 'The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.', + "Severity": "MEDIUM", + "References": ["http://www.securityfocus.com/archive/1/313867"], + }, + { + "VulnerabilityID": "CVE-2007-1743", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": 'suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root." In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.', + "Severity": "MEDIUM", + "References": + [ + "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511", + "http://marc.info/?l=apache-httpd-dev\u0026m=117511568709063\u0026w=2", + "http://marc.info/?l=apache-httpd-dev\u0026m=117511834512138\u0026w=2", + "http://www.securitytracker.com/id?1017904", + ], + }, + { + "VulnerabilityID": "CVE-2007-3303", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": "Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.", + "Severity": "MEDIUM", + "References": + [ + "http://osvdb.org/37050", + "http://security.psnc.pl/files/apache_report.pdf", + "http://securityreason.com/securityalert/2814", + "http://www.securityfocus.com/archive/1/469899/100/0/threaded", + "http://www.securityfocus.com/archive/1/471832/100/0/threaded", + "http://www.securityfocus.com/bid/24215", + ], + }, + { + "VulnerabilityID": "CVE-2008-0455", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "CVE-2012-2687 CVE-2008-0455 httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled", + "Description": 'Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.', + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2008-0455.html", + "http://linux.oracle.com/errata/ELSA-2013-0512.html", + "http://rhn.redhat.com/errata/RHSA-2012-1591.html", + "http://rhn.redhat.com/errata/RHSA-2012-1592.html", + "http://rhn.redhat.com/errata/RHSA-2012-1594.html", + "http://rhn.redhat.com/errata/RHSA-2013-0130.html", + "http://secunia.com/advisories/29348", + "http://secunia.com/advisories/51607", + "http://security.gentoo.org/glsa/glsa-200803-19.xml", + "http://securityreason.com/securityalert/3575", + "http://securitytracker.com/id?1019256", + "http://www.mindedsecurity.com/MSA01150108.html", + "http://www.securityfocus.com/archive/1/486847/100/0/threaded", + "http://www.securityfocus.com/bid/27409", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/39867", + ], + }, + { + "VulnerabilityID": "CVE-2020-1927", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "httpd: mod_rewrite configurations vulnerable to open redirect", + "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.", + "Severity": "MEDIUM", + "References": + [ + "http://www.openwall.com/lists/oss-security/2020/04/03/1", + "http://www.openwall.com/lists/oss-security/2020/04/04/1", + "https://httpd.apache.org/security/vulnerabilities_24.html", + "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E", + ], + }, + { + "VulnerabilityID": "CVE-2020-1934", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "httpd: mod_proxy_ftp use of uninitialized value", + "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.", + "Severity": "MEDIUM", + "References": + [ + "https://httpd.apache.org/security/vulnerabilities_24.html", + "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210@%3Ccvs.httpd.apache.org%3E", + "https://security.netapp.com/advisory/ntap-20200413-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2001-1534", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Description": "mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.", + "Severity": "LOW", + "References": + [ + "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html", + "http://www.iss.net/security_center/static/7494.php", + "http://www.securityfocus.com/bid/3521", + ], + }, + { + "VulnerabilityID": "CVE-2003-1581", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "httpd: Injection of arbitrary text into log files when DNS resolution is enabled", + "Description": 'The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue.', + "Severity": "LOW", + "References": ["http://www.securityfocus.com/archive/1/313867"], + }, + { + "VulnerabilityID": "CVE-2008-0456", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enabled", + "Description": 'CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.', + "Severity": "LOW", + "References": + [ + "http://linux.oracle.com/cve/CVE-2008-0456.html", + "http://linux.oracle.com/errata/ELSA-2013-0130.html", + "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", + "http://rhn.redhat.com/errata/RHSA-2013-0130.html", + "http://secunia.com/advisories/29348", + "http://secunia.com/advisories/35074", + "http://security.gentoo.org/glsa/glsa-200803-19.xml", + "http://securityreason.com/securityalert/3575", + "http://securitytracker.com/id?1019256", + "http://support.apple.com/kb/HT3549", + "http://www.mindedsecurity.com/MSA01150108.html", + "http://www.securityfocus.com/archive/1/486847/100/0/threaded", + "http://www.securityfocus.com/bid/27409", + "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", + "http://www.vupen.com/english/advisories/2009/1297", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/39893", + "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E", + ], + }, + { + "VulnerabilityID": "CVE-2011-3374", + "PkgName": "apt", + "InstalledVersion": "1.8.2", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "Severity": "MEDIUM", + "References": + [ + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + ], + }, + { + "VulnerabilityID": "CVE-2019-18276", + "PkgName": "bash", + "InstalledVersion": "5.0-4", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "bash: when effective UID is not equal to its real UID the saved UID is not dropped", + "Description": 'An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support "saved UID" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.', + "Severity": "HIGH", + "References": + [ + "http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html", + "https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff", + "https://www.youtube.com/watch?v=-wGtxJ8opa8", + ], + }, + { + "VulnerabilityID": "TEMP-0841856-B18BAF", + "PkgName": "bash", + "InstalledVersion": "5.0-4", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Severity": "LOW", + }, + { + "VulnerabilityID": "CVE-2017-13716", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Memory leak with the C++ symbol demangler routine in libiberty", + "Description": "The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).", + "Severity": "HIGH", + "References": + ["https://sourceware.org/bugzilla/show_bug.cgi?id=22009"], + }, + { + "VulnerabilityID": "CVE-2018-12699", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer overflow in finish_stab in stabs.c", + "Description": "finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.", + "Severity": "HIGH", + "References": + [ + "http://www.securityfocus.com/bid/104540", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057", + ], + }, + { + "VulnerabilityID": "CVE-2018-1000876", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: integer overflow leads to heap-based buffer overflow in objdump", + "Description": "binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2018-1000876.html", + "http://linux.oracle.com/errata/ELSA-2019-2075.html", + "http://www.securityfocus.com/bid/106304", + "https://access.redhat.com/errata/RHSA-2019:2075", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23994", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f", + ], + }, + { + "VulnerabilityID": "CVE-2018-12697", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c.", + "Description": "A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2018-12697.html", + "http://linux.oracle.com/errata/ELSA-2019-2075.html", + "http://www.securityfocus.com/bid/104538", + "https://access.redhat.com/errata/RHSA-2019:2075", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057", + ], + }, + { + "VulnerabilityID": "CVE-2018-12698", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: excessive memory consumption in demangle_template in cplus-dem.c", + "Description": 'demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump.', + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/104539", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057", + ], + }, + { + "VulnerabilityID": "CVE-2018-12700", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack Exhaustion in debug_write_type in debug.c", + "Description": "A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/104541", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057", + ], + }, + { + "VulnerabilityID": "CVE-2018-12934", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c", + "Description": "remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.", + "Severity": "MEDIUM", + "References": + [ + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23059", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-17358", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23686", + ], + }, + { + "VulnerabilityID": "CVE-2018-17359", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: invalid memory access in bfd_zalloc in opncls.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23686", + ], + }, + { + "VulnerabilityID": "CVE-2018-17360", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23685", + ], + }, + { + "VulnerabilityID": "CVE-2018-17794", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted input", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-17985", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack consumption problem caused by the cplus_demangle_type", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87335", + ], + }, + { + "VulnerabilityID": "CVE-2018-18309", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: invalid memory address dereference in read_reloc in reloc.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105692", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23770", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0930cb3021b8078b34cf216e79eb8608d017864f", + ], + }, + { + "VulnerabilityID": "CVE-2018-18483", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service", + "Description": "The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105689", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87602", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23767", + ], + }, + { + "VulnerabilityID": "CVE-2018-18484", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack exhaustion in cp-demangle.c allows for denial of service", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105693", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87636", + ], + }, + { + "VulnerabilityID": "CVE-2018-18605", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c", + "Description": "A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18605", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23804", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ab419ddbb2cdd17ca83618990f2cacf904ce1d61", + ], + }, + { + "VulnerabilityID": "CVE-2018-18606", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c", + "Description": "An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18606", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23806", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=45a0eaf77022963d639d6d19871dbab7b79703fc", + ], + }, + { + "VulnerabilityID": "CVE-2018-18607", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c", + "Description": "An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18607", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23805", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=102def4da826b3d9e169741421e5e67e8731909a", + ], + }, + { + "VulnerabilityID": "CVE-2018-18700", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demangle.c", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-18701", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-19931", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of service", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106144", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23942", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5f60af5d24d181371d67534fa273dd221df20c07", + ], + }, + { + "VulnerabilityID": "CVE-2018-19932", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106144", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23932", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=beab453223769279cc1cef68a1622ab8978641f7", + ], + }, + { + "VulnerabilityID": "CVE-2018-20002", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c", + "Description": "The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106142", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23952", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c2f5dc30afa34696f2da0081c4ac50b958ecb0e9", + "https://support.f5.com/csp/article/K62602089", + ], + }, + { + "VulnerabilityID": "CVE-2018-20623", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Use-after-free in the error function", + "Description": "In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/106370", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24049", + "https://support.f5.com/csp/article/K38336243", + ], + }, + { + "VulnerabilityID": "CVE-2018-20651", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of service", + "Description": "A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106440", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24041", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=54025d5812ff100f5f0654eb7e1ffd50f2e37f5f", + "https://support.f5.com/csp/article/K38336243", + ], + }, + { + "VulnerabilityID": "CVE-2018-20671", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Integer overflow in load_specific_debug_section function", + "Description": "load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/106457", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24005", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11fa9f134fd658075c6f74499c780df045d9e9ca", + ], + }, + { + "VulnerabilityID": "CVE-2018-20673", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "libiberty: Integer overflow in demangle_template() function", + "Description": 'The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.', + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106454", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24039", + ], + }, + { + "VulnerabilityID": "CVE-2018-20712", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "libiberty: heap-based buffer over-read in d_expression_1", + "Description": "A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106563", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24043", + "https://support.f5.com/csp/article/K38336243", + ], + }, + { + "VulnerabilityID": "CVE-2018-9138", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type.", + "Severity": "MEDIUM", + "References": + [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=23008", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-9996", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack-overflow in libiberty/cplus-dem.c causes crash", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/103733", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010180", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution", + "Description": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/109367", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23657", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010204", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service", + "Description": "GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190822-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23765", + ], + }, + { + "VulnerabilityID": "CVE-2019-12972", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\\0' character.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108903", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24689", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=890f750a3b053532a4b839a2dd6243076de12031", + ], + }, + { + "VulnerabilityID": "CVE-2019-14250", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/109354", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924", + "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html", + "https://security.netapp.com/advisory/ntap-20190822-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2019-14444", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: integer overflow in function apply_relocation in readelf.c", + "Description": "apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190822-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24829", + ], + }, + { + "VulnerabilityID": "CVE-2019-17450", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: denial of service via crafted ELF file", + "Description": "find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20191024-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25078", + ], + }, + { + "VulnerabilityID": "CVE-2019-17451", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20191024-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25070", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=336bfbeb1848f4b9558456fdcf283ee8a32d7fd1", + ], + }, + { + "VulnerabilityID": "CVE-2019-9070", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107147", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89395", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24229", + "https://support.f5.com/csp/article/K13534168", + ], + }, + { + "VulnerabilityID": "CVE-2019-9071", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107147", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24227", + "https://support.f5.com/csp/article/K02884135", + ], + }, + { + "VulnerabilityID": "CVE-2019-9073", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24233", + "https://support.f5.com/csp/article/K37121474", + ], + }, + { + "VulnerabilityID": "CVE-2019-9074", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: out-of-bound read in function bfd_getl32 in libbfd.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24235", + "https://support.f5.com/csp/article/K09092524", + ], + }, + { + "VulnerabilityID": "CVE-2019-9075", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24236", + "https://support.f5.com/csp/article/K42059040", + ], + }, + { + "VulnerabilityID": "CVE-2019-9077", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer overflow in function process_mips_specific in readelf.c", + "Description": "An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107139", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24243", + "https://support.f5.com/csp/article/K00056379", + ], + }, + { + "VulnerabilityID": "CVE-2017-13716", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Memory leak with the C++ symbol demangler routine in libiberty", + "Description": "The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).", + "Severity": "HIGH", + "References": + ["https://sourceware.org/bugzilla/show_bug.cgi?id=22009"], + }, + { + "VulnerabilityID": "CVE-2018-12699", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer overflow in finish_stab in stabs.c", + "Description": "finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.", + "Severity": "HIGH", + "References": + [ + "http://www.securityfocus.com/bid/104540", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057", + ], + }, + { + "VulnerabilityID": "CVE-2018-1000876", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: integer overflow leads to heap-based buffer overflow in objdump", + "Description": "binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2018-1000876.html", + "http://linux.oracle.com/errata/ELSA-2019-2075.html", + "http://www.securityfocus.com/bid/106304", + "https://access.redhat.com/errata/RHSA-2019:2075", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23994", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f", + ], + }, + { + "VulnerabilityID": "CVE-2018-12697", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c.", + "Description": "A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2018-12697.html", + "http://linux.oracle.com/errata/ELSA-2019-2075.html", + "http://www.securityfocus.com/bid/104538", + "https://access.redhat.com/errata/RHSA-2019:2075", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057", + ], + }, + { + "VulnerabilityID": "CVE-2018-12698", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: excessive memory consumption in demangle_template in cplus-dem.c", + "Description": 'demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump.', + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/104539", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057", + ], + }, + { + "VulnerabilityID": "CVE-2018-12700", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack Exhaustion in debug_write_type in debug.c", + "Description": "A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/104541", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057", + ], + }, + { + "VulnerabilityID": "CVE-2018-12934", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c", + "Description": "remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.", + "Severity": "MEDIUM", + "References": + [ + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23059", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-17358", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23686", + ], + }, + { + "VulnerabilityID": "CVE-2018-17359", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: invalid memory access in bfd_zalloc in opncls.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23686", + ], + }, + { + "VulnerabilityID": "CVE-2018-17360", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23685", + ], + }, + { + "VulnerabilityID": "CVE-2018-17794", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted input", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-17985", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack consumption problem caused by the cplus_demangle_type", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87335", + ], + }, + { + "VulnerabilityID": "CVE-2018-18309", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: invalid memory address dereference in read_reloc in reloc.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105692", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23770", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0930cb3021b8078b34cf216e79eb8608d017864f", + ], + }, + { + "VulnerabilityID": "CVE-2018-18483", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service", + "Description": "The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105689", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87602", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23767", + ], + }, + { + "VulnerabilityID": "CVE-2018-18484", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack exhaustion in cp-demangle.c allows for denial of service", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105693", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87636", + ], + }, + { + "VulnerabilityID": "CVE-2018-18605", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c", + "Description": "A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18605", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23804", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ab419ddbb2cdd17ca83618990f2cacf904ce1d61", + ], + }, + { + "VulnerabilityID": "CVE-2018-18606", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c", + "Description": "An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18606", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23806", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=45a0eaf77022963d639d6d19871dbab7b79703fc", + ], + }, + { + "VulnerabilityID": "CVE-2018-18607", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c", + "Description": "An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18607", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23805", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=102def4da826b3d9e169741421e5e67e8731909a", + ], + }, + { + "VulnerabilityID": "CVE-2018-18700", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demangle.c", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-18701", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-19931", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of service", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106144", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23942", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5f60af5d24d181371d67534fa273dd221df20c07", + ], + }, + { + "VulnerabilityID": "CVE-2018-19932", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106144", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23932", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=beab453223769279cc1cef68a1622ab8978641f7", + ], + }, + { + "VulnerabilityID": "CVE-2018-20002", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c", + "Description": "The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106142", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23952", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c2f5dc30afa34696f2da0081c4ac50b958ecb0e9", + "https://support.f5.com/csp/article/K62602089", + ], + }, + { + "VulnerabilityID": "CVE-2018-20623", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Use-after-free in the error function", + "Description": "In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/106370", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24049", + "https://support.f5.com/csp/article/K38336243", + ], + }, + { + "VulnerabilityID": "CVE-2018-20651", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of service", + "Description": "A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106440", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24041", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=54025d5812ff100f5f0654eb7e1ffd50f2e37f5f", + "https://support.f5.com/csp/article/K38336243", + ], + }, + { + "VulnerabilityID": "CVE-2018-20671", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Integer overflow in load_specific_debug_section function", + "Description": "load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/106457", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24005", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11fa9f134fd658075c6f74499c780df045d9e9ca", + ], + }, + { + "VulnerabilityID": "CVE-2018-20673", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "libiberty: Integer overflow in demangle_template() function", + "Description": 'The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.', + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106454", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24039", + ], + }, + { + "VulnerabilityID": "CVE-2018-20712", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "libiberty: heap-based buffer over-read in d_expression_1", + "Description": "A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106563", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24043", + "https://support.f5.com/csp/article/K38336243", + ], + }, + { + "VulnerabilityID": "CVE-2018-9138", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type.", + "Severity": "MEDIUM", + "References": + [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=23008", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-9996", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack-overflow in libiberty/cplus-dem.c causes crash", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/103733", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010180", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution", + "Description": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/109367", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23657", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010204", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service", + "Description": "GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190822-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23765", + ], + }, + { + "VulnerabilityID": "CVE-2019-12972", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\\0' character.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108903", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24689", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=890f750a3b053532a4b839a2dd6243076de12031", + ], + }, + { + "VulnerabilityID": "CVE-2019-14250", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/109354", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924", + "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html", + "https://security.netapp.com/advisory/ntap-20190822-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2019-14444", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: integer overflow in function apply_relocation in readelf.c", + "Description": "apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190822-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24829", + ], + }, + { + "VulnerabilityID": "CVE-2019-17450", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: denial of service via crafted ELF file", + "Description": "find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20191024-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25078", + ], + }, + { + "VulnerabilityID": "CVE-2019-17451", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20191024-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25070", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=336bfbeb1848f4b9558456fdcf283ee8a32d7fd1", + ], + }, + { + "VulnerabilityID": "CVE-2019-9070", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107147", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89395", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24229", + "https://support.f5.com/csp/article/K13534168", + ], + }, + { + "VulnerabilityID": "CVE-2019-9071", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107147", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24227", + "https://support.f5.com/csp/article/K02884135", + ], + }, + { + "VulnerabilityID": "CVE-2019-9073", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24233", + "https://support.f5.com/csp/article/K37121474", + ], + }, + { + "VulnerabilityID": "CVE-2019-9074", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: out-of-bound read in function bfd_getl32 in libbfd.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24235", + "https://support.f5.com/csp/article/K09092524", + ], + }, + { + "VulnerabilityID": "CVE-2019-9075", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24236", + "https://support.f5.com/csp/article/K42059040", + ], + }, + { + "VulnerabilityID": "CVE-2019-9077", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer overflow in function process_mips_specific in readelf.c", + "Description": "An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107139", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24243", + "https://support.f5.com/csp/article/K00056379", + ], + }, + { + "VulnerabilityID": "CVE-2017-13716", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Memory leak with the C++ symbol demangler routine in libiberty", + "Description": "The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).", + "Severity": "HIGH", + "References": + ["https://sourceware.org/bugzilla/show_bug.cgi?id=22009"], + }, + { + "VulnerabilityID": "CVE-2018-12699", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer overflow in finish_stab in stabs.c", + "Description": "finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.", + "Severity": "HIGH", + "References": + [ + "http://www.securityfocus.com/bid/104540", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057", + ], + }, + { + "VulnerabilityID": "CVE-2018-1000876", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: integer overflow leads to heap-based buffer overflow in objdump", + "Description": "binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2018-1000876.html", + "http://linux.oracle.com/errata/ELSA-2019-2075.html", + "http://www.securityfocus.com/bid/106304", + "https://access.redhat.com/errata/RHSA-2019:2075", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23994", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f", + ], + }, + { + "VulnerabilityID": "CVE-2018-12697", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c.", + "Description": "A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2018-12697.html", + "http://linux.oracle.com/errata/ELSA-2019-2075.html", + "http://www.securityfocus.com/bid/104538", + "https://access.redhat.com/errata/RHSA-2019:2075", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057", + ], + }, + { + "VulnerabilityID": "CVE-2018-12698", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: excessive memory consumption in demangle_template in cplus-dem.c", + "Description": 'demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump.', + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/104539", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057", + ], + }, + { + "VulnerabilityID": "CVE-2018-12700", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack Exhaustion in debug_write_type in debug.c", + "Description": "A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/104541", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057", + ], + }, + { + "VulnerabilityID": "CVE-2018-12934", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c", + "Description": "remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.", + "Severity": "MEDIUM", + "References": + [ + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23059", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-17358", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23686", + ], + }, + { + "VulnerabilityID": "CVE-2018-17359", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: invalid memory access in bfd_zalloc in opncls.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23686", + ], + }, + { + "VulnerabilityID": "CVE-2018-17360", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23685", + ], + }, + { + "VulnerabilityID": "CVE-2018-17794", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted input", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-17985", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack consumption problem caused by the cplus_demangle_type", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87335", + ], + }, + { + "VulnerabilityID": "CVE-2018-18309", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: invalid memory address dereference in read_reloc in reloc.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105692", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23770", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0930cb3021b8078b34cf216e79eb8608d017864f", + ], + }, + { + "VulnerabilityID": "CVE-2018-18483", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service", + "Description": "The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105689", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87602", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23767", + ], + }, + { + "VulnerabilityID": "CVE-2018-18484", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack exhaustion in cp-demangle.c allows for denial of service", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105693", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87636", + ], + }, + { + "VulnerabilityID": "CVE-2018-18605", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c", + "Description": "A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18605", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23804", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ab419ddbb2cdd17ca83618990f2cacf904ce1d61", + ], + }, + { + "VulnerabilityID": "CVE-2018-18606", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c", + "Description": "An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18606", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23806", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=45a0eaf77022963d639d6d19871dbab7b79703fc", + ], + }, + { + "VulnerabilityID": "CVE-2018-18607", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c", + "Description": "An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18607", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23805", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=102def4da826b3d9e169741421e5e67e8731909a", + ], + }, + { + "VulnerabilityID": "CVE-2018-18700", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demangle.c", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-18701", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-19931", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of service", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106144", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23942", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5f60af5d24d181371d67534fa273dd221df20c07", + ], + }, + { + "VulnerabilityID": "CVE-2018-19932", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106144", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23932", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=beab453223769279cc1cef68a1622ab8978641f7", + ], + }, + { + "VulnerabilityID": "CVE-2018-20002", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c", + "Description": "The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106142", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23952", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c2f5dc30afa34696f2da0081c4ac50b958ecb0e9", + "https://support.f5.com/csp/article/K62602089", + ], + }, + { + "VulnerabilityID": "CVE-2018-20623", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Use-after-free in the error function", + "Description": "In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/106370", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24049", + "https://support.f5.com/csp/article/K38336243", + ], + }, + { + "VulnerabilityID": "CVE-2018-20651", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of service", + "Description": "A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106440", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24041", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=54025d5812ff100f5f0654eb7e1ffd50f2e37f5f", + "https://support.f5.com/csp/article/K38336243", + ], + }, + { + "VulnerabilityID": "CVE-2018-20671", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Integer overflow in load_specific_debug_section function", + "Description": "load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/106457", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24005", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11fa9f134fd658075c6f74499c780df045d9e9ca", + ], + }, + { + "VulnerabilityID": "CVE-2018-20673", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "libiberty: Integer overflow in demangle_template() function", + "Description": 'The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.', + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106454", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24039", + ], + }, + { + "VulnerabilityID": "CVE-2018-20712", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "libiberty: heap-based buffer over-read in d_expression_1", + "Description": "A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106563", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24043", + "https://support.f5.com/csp/article/K38336243", + ], + }, + { + "VulnerabilityID": "CVE-2018-9138", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type.", + "Severity": "MEDIUM", + "References": + [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=23008", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-9996", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack-overflow in libiberty/cplus-dem.c causes crash", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/103733", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010180", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution", + "Description": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/109367", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23657", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010204", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service", + "Description": "GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190822-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23765", + ], + }, + { + "VulnerabilityID": "CVE-2019-12972", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\\0' character.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108903", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24689", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=890f750a3b053532a4b839a2dd6243076de12031", + ], + }, + { + "VulnerabilityID": "CVE-2019-14250", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/109354", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924", + "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html", + "https://security.netapp.com/advisory/ntap-20190822-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2019-14444", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: integer overflow in function apply_relocation in readelf.c", + "Description": "apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190822-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24829", + ], + }, + { + "VulnerabilityID": "CVE-2019-17450", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: denial of service via crafted ELF file", + "Description": "find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20191024-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25078", + ], + }, + { + "VulnerabilityID": "CVE-2019-17451", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20191024-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25070", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=336bfbeb1848f4b9558456fdcf283ee8a32d7fd1", + ], + }, + { + "VulnerabilityID": "CVE-2019-9070", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107147", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89395", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24229", + "https://support.f5.com/csp/article/K13534168", + ], + }, + { + "VulnerabilityID": "CVE-2019-9071", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107147", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24227", + "https://support.f5.com/csp/article/K02884135", + ], + }, + { + "VulnerabilityID": "CVE-2019-9073", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24233", + "https://support.f5.com/csp/article/K37121474", + ], + }, + { + "VulnerabilityID": "CVE-2019-9074", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: out-of-bound read in function bfd_getl32 in libbfd.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24235", + "https://support.f5.com/csp/article/K09092524", + ], + }, + { + "VulnerabilityID": "CVE-2019-9075", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24236", + "https://support.f5.com/csp/article/K42059040", + ], + }, + { + "VulnerabilityID": "CVE-2019-9077", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer overflow in function process_mips_specific in readelf.c", + "Description": "An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107139", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24243", + "https://support.f5.com/csp/article/K00056379", + ], + }, + { + "VulnerabilityID": "CVE-2016-2781", + "PkgName": "coreutils", + "InstalledVersion": "8.30-3", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "coreutils: Non-privileged session can escape to the parent session in chroot", + "Description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", + "Severity": "LOW", + "References": + [ + "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "http://www.openwall.com/lists/oss-security/2016/02/28/3", + ], + }, + { + "VulnerabilityID": "CVE-2017-18018", + "PkgName": "coreutils", + "InstalledVersion": "8.30-3", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "coreutils: race condition vulnerability in chown and chgrp", + "Description": 'In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.', + "Severity": "LOW", + "References": + [ + "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html", + ], + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "cpp-8", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "cpp-8", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": 'gcc: POWER9 "DARN" RNG intrinsic produces repeated output', + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + ], + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "g++-8", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "g++-8", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": 'gcc: POWER9 "DARN" RNG intrinsic produces repeated output', + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + ], + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "gcc-8", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "gcc-8", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": 'gcc: POWER9 "DARN" RNG intrinsic produces repeated output', + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + ], + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "gcc-8-base", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "gcc-8-base", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": 'gcc: POWER9 "DARN" RNG intrinsic produces repeated output', + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + ], + }, + { + "VulnerabilityID": "CVE-2018-1000021", + "PkgName": "git", + "InstalledVersion": "1:2.20.1-2+deb10u3", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands", + "Description": "GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).", + "Severity": "MEDIUM", + "References": + [ + "http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html", + ], + }, + { + "VulnerabilityID": "CVE-2018-1000021", + "PkgName": "git-man", + "InstalledVersion": "1:2.20.1-2+deb10u3", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands", + "Description": "GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).", + "Severity": "MEDIUM", + "References": + [ + "http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-14855", + "PkgName": "gpgv", + "InstalledVersion": "2.2.12-1+deb10u1", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "gnupg2: OpenPGP Key Certification Forgeries with SHA-1", + "Description": "A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.", + "Severity": "MEDIUM", + "References": + [ + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855", + "https://dev.gnupg.org/T4755", + "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html", + "https://rwc.iacr.org/2020/slides/Leurent.pdf", + ], + }, + { + "VulnerabilityID": "CVE-2018-15607", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: CPU Exhaustion via crafted input file", + "Description": "In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.", + "Severity": "HIGH", + "References": + [ + "http://linux.oracle.com/cve/CVE-2018-15607.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/105137", + "https://github.com/ImageMagick/ImageMagick/issues/1255", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-11470", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: denial of service in cineon parsing component", + "Description": "The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.", + "Severity": "HIGH", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11470.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", + "https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957", + "https://github.com/ImageMagick/ImageMagick/issues/1472", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19948", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.", + "Severity": "HIGH", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-19948.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", + "https://github.com/ImageMagick/ImageMagick/issues/1562", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html", + ], + }, + { + "VulnerabilityID": "CVE-2008-3134", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "GraphicsMagick/ImageMagick: multiple crash or DoS issues", + "Description": "Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html", + "http://secunia.com/advisories/30879", + "http://secunia.com/advisories/32151", + "http://sourceforge.net/forum/forum.php?forum_id=841176", + "http://sourceforge.net/project/shownotes.php?release_id=610253", + "http://www.securityfocus.com/bid/30055", + "http://www.securitytracker.com/id?1020413", + "http://www.vupen.com/english/advisories/2008/1984/references", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3134", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43511", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43513", + ], + }, + { + "VulnerabilityID": "CVE-2016-8678", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Heap-buffer overflow in IsPixelMonochrome", + "Description": 'The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says "This is a Q64 issue and we do not support Q64."', + "Severity": "MEDIUM", + "References": + [ + "http://www.openwall.com/lists/oss-security/2016/10/16/2", + "http://www.openwall.com/lists/oss-security/2016/12/08/18", + "http://www.securityfocus.com/bid/93599", + "https://bugzilla.redhat.com/show_bug.cgi?id=1385694", + "https://github.com/ImageMagick/ImageMagick/issues/272", + ], + }, + { + "VulnerabilityID": "CVE-2017-11754", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.", + "Severity": "MEDIUM", + "References": + ["https://github.com/ImageMagick/ImageMagick/issues/633"], + }, + { + "VulnerabilityID": "CVE-2017-11755", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.", + "Severity": "MEDIUM", + "References": + ["https://github.com/ImageMagick/ImageMagick/issues/634"], + }, + { + "VulnerabilityID": "CVE-2017-7275", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866)", + "Description": "The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/97166", + "https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/", + "https://github.com/ImageMagick/ImageMagick/issues/271", + ], + }, + { + "VulnerabilityID": "CVE-2019-10649", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in SVGKeyValuePairs of coders/svg.c that leads to denial of service via crafted image file", + "Description": "In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107645", + "https://github.com/ImageMagick/ImageMagick/issues/1533", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-11472", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component", + "Description": "ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11472.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://github.com/ImageMagick/ImageMagick/issues/1546", + "https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-11597", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11597.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", + "https://github.com/ImageMagick/ImageMagick/issues/1555", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-11598", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11598.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", + "https://github.com/ImageMagick/ImageMagick/issues/1540", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-12974", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service", + "Description": "A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12974.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", + "https://github.com/ImageMagick/ImageMagick/issues/1515", + ], + }, + { + "VulnerabilityID": "CVE-2019-12975", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12975.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1517", + ], + }, + { + "VulnerabilityID": "CVE-2019-12976", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12976.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1520", + ], + }, + { + "VulnerabilityID": "CVE-2019-12977", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: use of uninitialised value in function WriteJP2Image in coders/jp2.c", + "Description": 'ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c.', + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1518", + ], + }, + { + "VulnerabilityID": "CVE-2019-12978", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c", + "Description": 'ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c.', + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12978.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1519", + ], + }, + { + "VulnerabilityID": "CVE-2019-12979", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c", + "Description": 'ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.', + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12979.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1522", + ], + }, + { + "VulnerabilityID": "CVE-2019-13135", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": 'ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS', + "Description": 'ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.', + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13135.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", + "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d", + "https://github.com/ImageMagick/ImageMagick/issues/1599", + "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13137", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: a memory leak vulnerability in the function ReadPSImage in coders/ps.c", + "Description": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34", + "https://github.com/ImageMagick/ImageMagick/issues/1601", + "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b", + ], + }, + { + "VulnerabilityID": "CVE-2019-13295", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13295.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", + "https://github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc", + "https://github.com/ImageMagick/ImageMagick/issues/1608", + "https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13297", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13297.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", + "https://github.com/ImageMagick/ImageMagick/commit/604588fc35c7585abb7a9e71f69bb82e4389fefc", + "https://github.com/ImageMagick/ImageMagick/issues/1609", + "https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13300", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13300.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a", + "https://github.com/ImageMagick/ImageMagick/issues/1586", + "https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450", + ], + }, + { + "VulnerabilityID": "CVE-2019-13301", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks in AcquireMagickMemory", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13301.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025", + "https://github.com/ImageMagick/ImageMagick/issues/1585", + "https://github.com/ImageMagick/ImageMagick/issues/1589", + ], + }, + { + "VulnerabilityID": "CVE-2019-13304", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13304.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", + "https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e", + "https://github.com/ImageMagick/ImageMagick/issues/1614", + "https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13305", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13305.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", + "https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888", + "https://github.com/ImageMagick/ImageMagick/issues/1613", + "https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13306", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13306.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", + "https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd", + "https://github.com/ImageMagick/ImageMagick/issues/1612", + "https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13307", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13307.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48", + "https://github.com/ImageMagick/ImageMagick/issues/1615", + "https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe", + ], + }, + { + "VulnerabilityID": "CVE-2019-13308", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow in MagickCore/fourier.c in ComplexImage", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/61135001a625364e29bdce83832f043eebde7b5a", + "https://github.com/ImageMagick/ImageMagick/issues/1595", + "https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01", + ], + }, + { + "VulnerabilityID": "CVE-2019-13309", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13309.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51", + ], + }, + { + "VulnerabilityID": "CVE-2019-13310", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13310.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51", + ], + }, + { + "VulnerabilityID": "CVE-2019-13311", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13311.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/4a334bbf5584de37c6f5a47c380a531c8c4b140a", + "https://github.com/ImageMagick/ImageMagick/issues/1623", + "https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91", + ], + }, + { + "VulnerabilityID": "CVE-2019-13391", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in MagickCore/fourier.c", + "Description": "In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7", + "https://github.com/ImageMagick/ImageMagick/issues/1588", + "https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984", + ], + }, + { + "VulnerabilityID": "CVE-2019-13454", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c", + "Description": "ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13454.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "http://www.securityfocus.com/bid/109099", + "https://github.com/ImageMagick/ImageMagick/commit/1ddcf2e4f28029a888cadef2e757509ef5047ad8", + "https://github.com/ImageMagick/ImageMagick/issues/1629", + "https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4", + ], + }, + { + "VulnerabilityID": "CVE-2019-14981", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c", + "Description": "In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-14981.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", + "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc", + "https://github.com/ImageMagick/ImageMagick/issues/1552", + "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15139", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c", + "Description": "The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-15139.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", + "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7", + "https://github.com/ImageMagick/ImageMagick/issues/1553", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15140", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Use after free in ReadMATImage in coders/mat.c", + "Description": "coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-15140.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", + "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0", + "https://github.com/ImageMagick/ImageMagick/issues/1554", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-16708", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in magick/xwindow.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16708.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16709", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in coders/dps.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16709.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531", + ], + }, + { + "VulnerabilityID": "CVE-2019-16710", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16710.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1528", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16711", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c", + "Description": "ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16711.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1542", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16712", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16712.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1557", + ], + }, + { + "VulnerabilityID": "CVE-2019-16713", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16713.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1558", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19949", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-19949.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", + "https://github.com/ImageMagick/ImageMagick/issues/1561", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-7175", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: memory leak in function DecodeImage in coders/pcd.c", + "Description": "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-7175.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", + "https://github.com/ImageMagick/ImageMagick/issues/1450", + ], + }, + { + "VulnerabilityID": "CVE-2019-7395", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the WritePSDChannel function in coders/psd.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106850", + "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06", + "https://github.com/ImageMagick/ImageMagick/issues/1451", + ], + }, + { + "VulnerabilityID": "CVE-2019-7396", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the ReadSIXELImage function in coders/sixel.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://www.securityfocus.com/bid/106849", + "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce", + "https://github.com/ImageMagick/ImageMagick/issues/1452", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-7397", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c", + "Description": "In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.", + "Severity": "MEDIUM", + "References": + [ + "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1", + "http://linux.oracle.com/cve/CVE-2019-7397.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106847", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", + "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82", + "https://github.com/ImageMagick/ImageMagick/issues/1454", + ], + }, + { + "VulnerabilityID": "CVE-2019-7398", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-7398.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106848", + "https://github.com/ImageMagick/ImageMagick/issues/1453", + ], + }, + { + "VulnerabilityID": "CVE-2020-10251", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: out-of-bounds read in ReadHEICImageByID function in coders/heic.c", + "Description": "In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.", + "Severity": "MEDIUM", + "References": + ["https://github.com/ImageMagick/ImageMagick/issues/1859"], + }, + { + "VulnerabilityID": "CVE-2005-0406", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Description": "A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.", + "Severity": "LOW", + "References": + [ + "http://seclists.org/lists/fulldisclosure/2005/Feb/0343.html", + "http://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt", + ], + }, + { + "VulnerabilityID": "CVE-2018-15607", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: CPU Exhaustion via crafted input file", + "Description": "In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.", + "Severity": "HIGH", + "References": + [ + "http://linux.oracle.com/cve/CVE-2018-15607.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/105137", + "https://github.com/ImageMagick/ImageMagick/issues/1255", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-11470", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: denial of service in cineon parsing component", + "Description": "The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.", + "Severity": "HIGH", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11470.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", + "https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957", + "https://github.com/ImageMagick/ImageMagick/issues/1472", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19948", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.", + "Severity": "HIGH", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-19948.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", + "https://github.com/ImageMagick/ImageMagick/issues/1562", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html", + ], + }, + { + "VulnerabilityID": "CVE-2008-3134", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "GraphicsMagick/ImageMagick: multiple crash or DoS issues", + "Description": "Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html", + "http://secunia.com/advisories/30879", + "http://secunia.com/advisories/32151", + "http://sourceforge.net/forum/forum.php?forum_id=841176", + "http://sourceforge.net/project/shownotes.php?release_id=610253", + "http://www.securityfocus.com/bid/30055", + "http://www.securitytracker.com/id?1020413", + "http://www.vupen.com/english/advisories/2008/1984/references", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3134", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43511", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43513", + ], + }, + { + "VulnerabilityID": "CVE-2016-8678", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Heap-buffer overflow in IsPixelMonochrome", + "Description": 'The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says "This is a Q64 issue and we do not support Q64."', + "Severity": "MEDIUM", + "References": + [ + "http://www.openwall.com/lists/oss-security/2016/10/16/2", + "http://www.openwall.com/lists/oss-security/2016/12/08/18", + "http://www.securityfocus.com/bid/93599", + "https://bugzilla.redhat.com/show_bug.cgi?id=1385694", + "https://github.com/ImageMagick/ImageMagick/issues/272", + ], + }, + { + "VulnerabilityID": "CVE-2017-11754", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.", + "Severity": "MEDIUM", + "References": + ["https://github.com/ImageMagick/ImageMagick/issues/633"], + }, + { + "VulnerabilityID": "CVE-2017-11755", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.", + "Severity": "MEDIUM", + "References": + ["https://github.com/ImageMagick/ImageMagick/issues/634"], + }, + { + "VulnerabilityID": "CVE-2017-7275", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866)", + "Description": "The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/97166", + "https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/", + "https://github.com/ImageMagick/ImageMagick/issues/271", + ], + }, + { + "VulnerabilityID": "CVE-2019-10649", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in SVGKeyValuePairs of coders/svg.c that leads to denial of service via crafted image file", + "Description": "In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107645", + "https://github.com/ImageMagick/ImageMagick/issues/1533", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-11472", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component", + "Description": "ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11472.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://github.com/ImageMagick/ImageMagick/issues/1546", + "https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-11597", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11597.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", + "https://github.com/ImageMagick/ImageMagick/issues/1555", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-11598", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11598.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", + "https://github.com/ImageMagick/ImageMagick/issues/1540", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-12974", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service", + "Description": "A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12974.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", + "https://github.com/ImageMagick/ImageMagick/issues/1515", + ], + }, + { + "VulnerabilityID": "CVE-2019-12975", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12975.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1517", + ], + }, + { + "VulnerabilityID": "CVE-2019-12976", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12976.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1520", + ], + }, + { + "VulnerabilityID": "CVE-2019-12977", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: use of uninitialised value in function WriteJP2Image in coders/jp2.c", + "Description": 'ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c.', + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1518", + ], + }, + { + "VulnerabilityID": "CVE-2019-12978", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c", + "Description": 'ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c.', + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12978.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1519", + ], + }, + { + "VulnerabilityID": "CVE-2019-12979", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c", + "Description": 'ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.', + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12979.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1522", + ], + }, + { + "VulnerabilityID": "CVE-2019-13135", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": 'ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS', + "Description": 'ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.', + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13135.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", + "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d", + "https://github.com/ImageMagick/ImageMagick/issues/1599", + "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13137", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: a memory leak vulnerability in the function ReadPSImage in coders/ps.c", + "Description": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34", + "https://github.com/ImageMagick/ImageMagick/issues/1601", + "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b", + ], + }, + { + "VulnerabilityID": "CVE-2019-13295", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13295.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", + "https://github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc", + "https://github.com/ImageMagick/ImageMagick/issues/1608", + "https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13297", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13297.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", + "https://github.com/ImageMagick/ImageMagick/commit/604588fc35c7585abb7a9e71f69bb82e4389fefc", + "https://github.com/ImageMagick/ImageMagick/issues/1609", + "https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13300", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13300.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a", + "https://github.com/ImageMagick/ImageMagick/issues/1586", + "https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450", + ], + }, + { + "VulnerabilityID": "CVE-2019-13301", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks in AcquireMagickMemory", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13301.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025", + "https://github.com/ImageMagick/ImageMagick/issues/1585", + "https://github.com/ImageMagick/ImageMagick/issues/1589", + ], + }, + { + "VulnerabilityID": "CVE-2019-13304", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13304.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", + "https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e", + "https://github.com/ImageMagick/ImageMagick/issues/1614", + "https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13305", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13305.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", + "https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888", + "https://github.com/ImageMagick/ImageMagick/issues/1613", + "https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13306", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13306.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", + "https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd", + "https://github.com/ImageMagick/ImageMagick/issues/1612", + "https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13307", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13307.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48", + "https://github.com/ImageMagick/ImageMagick/issues/1615", + "https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe", + ], + }, + { + "VulnerabilityID": "CVE-2019-13308", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow in MagickCore/fourier.c in ComplexImage", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/61135001a625364e29bdce83832f043eebde7b5a", + "https://github.com/ImageMagick/ImageMagick/issues/1595", + "https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01", + ], + }, + { + "VulnerabilityID": "CVE-2019-13309", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13309.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51", + ], + }, + { + "VulnerabilityID": "CVE-2019-13310", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13310.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51", + ], + }, + { + "VulnerabilityID": "CVE-2019-13311", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13311.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/4a334bbf5584de37c6f5a47c380a531c8c4b140a", + "https://github.com/ImageMagick/ImageMagick/issues/1623", + "https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91", + ], + }, + { + "VulnerabilityID": "CVE-2019-13391", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in MagickCore/fourier.c", + "Description": "In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7", + "https://github.com/ImageMagick/ImageMagick/issues/1588", + "https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984", + ], + }, + { + "VulnerabilityID": "CVE-2019-13454", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c", + "Description": "ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13454.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "http://www.securityfocus.com/bid/109099", + "https://github.com/ImageMagick/ImageMagick/commit/1ddcf2e4f28029a888cadef2e757509ef5047ad8", + "https://github.com/ImageMagick/ImageMagick/issues/1629", + "https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4", + ], + }, + { + "VulnerabilityID": "CVE-2019-14981", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c", + "Description": "In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-14981.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", + "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc", + "https://github.com/ImageMagick/ImageMagick/issues/1552", + "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15139", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c", + "Description": "The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-15139.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", + "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7", + "https://github.com/ImageMagick/ImageMagick/issues/1553", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15140", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Use after free in ReadMATImage in coders/mat.c", + "Description": "coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-15140.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", + "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0", + "https://github.com/ImageMagick/ImageMagick/issues/1554", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-16708", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in magick/xwindow.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16708.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16709", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in coders/dps.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16709.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531", + ], + }, + { + "VulnerabilityID": "CVE-2019-16710", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16710.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1528", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16711", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c", + "Description": "ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16711.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1542", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16712", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16712.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1557", + ], + }, + { + "VulnerabilityID": "CVE-2019-16713", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16713.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1558", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19949", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-19949.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", + "https://github.com/ImageMagick/ImageMagick/issues/1561", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-7175", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: memory leak in function DecodeImage in coders/pcd.c", + "Description": "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-7175.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", + "https://github.com/ImageMagick/ImageMagick/issues/1450", + ], + }, + { + "VulnerabilityID": "CVE-2019-7395", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the WritePSDChannel function in coders/psd.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106850", + "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06", + "https://github.com/ImageMagick/ImageMagick/issues/1451", + ], + }, + { + "VulnerabilityID": "CVE-2019-7396", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the ReadSIXELImage function in coders/sixel.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://www.securityfocus.com/bid/106849", + "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce", + "https://github.com/ImageMagick/ImageMagick/issues/1452", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-7397", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c", + "Description": "In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.", + "Severity": "MEDIUM", + "References": + [ + "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1", + "http://linux.oracle.com/cve/CVE-2019-7397.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106847", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", + "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82", + "https://github.com/ImageMagick/ImageMagick/issues/1454", + ], + }, + { + "VulnerabilityID": "CVE-2019-7398", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-7398.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106848", + "https://github.com/ImageMagick/ImageMagick/issues/1453", + ], + }, + { + "VulnerabilityID": "CVE-2020-10251", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: out-of-bounds read in ReadHEICImageByID function in coders/heic.c", + "Description": "In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.", + "Severity": "MEDIUM", + "References": + ["https://github.com/ImageMagick/ImageMagick/issues/1859"], + }, + { + "VulnerabilityID": "CVE-2005-0406", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Description": "A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.", + "Severity": "LOW", + "References": + [ + "http://seclists.org/lists/fulldisclosure/2005/Feb/0343.html", + "http://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt", + ], + }, + { + "VulnerabilityID": "CVE-2018-15607", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: CPU Exhaustion via crafted input file", + "Description": "In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.", + "Severity": "HIGH", + "References": + [ + "http://linux.oracle.com/cve/CVE-2018-15607.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/105137", + "https://github.com/ImageMagick/ImageMagick/issues/1255", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-11470", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: denial of service in cineon parsing component", + "Description": "The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.", + "Severity": "HIGH", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11470.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", + "https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957", + "https://github.com/ImageMagick/ImageMagick/issues/1472", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19948", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.", + "Severity": "HIGH", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-19948.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", + "https://github.com/ImageMagick/ImageMagick/issues/1562", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html", + ], + }, + { + "VulnerabilityID": "CVE-2008-3134", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "GraphicsMagick/ImageMagick: multiple crash or DoS issues", + "Description": "Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html", + "http://secunia.com/advisories/30879", + "http://secunia.com/advisories/32151", + "http://sourceforge.net/forum/forum.php?forum_id=841176", + "http://sourceforge.net/project/shownotes.php?release_id=610253", + "http://www.securityfocus.com/bid/30055", + "http://www.securitytracker.com/id?1020413", + "http://www.vupen.com/english/advisories/2008/1984/references", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3134", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43511", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43513", + ], + }, + { + "VulnerabilityID": "CVE-2016-8678", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Heap-buffer overflow in IsPixelMonochrome", + "Description": 'The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says "This is a Q64 issue and we do not support Q64."', + "Severity": "MEDIUM", + "References": + [ + "http://www.openwall.com/lists/oss-security/2016/10/16/2", + "http://www.openwall.com/lists/oss-security/2016/12/08/18", + "http://www.securityfocus.com/bid/93599", + "https://bugzilla.redhat.com/show_bug.cgi?id=1385694", + "https://github.com/ImageMagick/ImageMagick/issues/272", + ], + }, + { + "VulnerabilityID": "CVE-2017-11754", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.", + "Severity": "MEDIUM", + "References": + ["https://github.com/ImageMagick/ImageMagick/issues/633"], + }, + { + "VulnerabilityID": "CVE-2017-11755", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.", + "Severity": "MEDIUM", + "References": + ["https://github.com/ImageMagick/ImageMagick/issues/634"], + }, + { + "VulnerabilityID": "CVE-2017-7275", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866)", + "Description": "The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/97166", + "https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/", + "https://github.com/ImageMagick/ImageMagick/issues/271", + ], + }, + { + "VulnerabilityID": "CVE-2019-10649", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in SVGKeyValuePairs of coders/svg.c that leads to denial of service via crafted image file", + "Description": "In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107645", + "https://github.com/ImageMagick/ImageMagick/issues/1533", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-11472", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component", + "Description": "ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11472.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://github.com/ImageMagick/ImageMagick/issues/1546", + "https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-11597", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11597.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", + "https://github.com/ImageMagick/ImageMagick/issues/1555", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-11598", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11598.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", + "https://github.com/ImageMagick/ImageMagick/issues/1540", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-12974", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service", + "Description": "A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12974.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", + "https://github.com/ImageMagick/ImageMagick/issues/1515", + ], + }, + { + "VulnerabilityID": "CVE-2019-12975", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12975.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1517", + ], + }, + { + "VulnerabilityID": "CVE-2019-12976", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12976.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1520", + ], + }, + { + "VulnerabilityID": "CVE-2019-12977", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: use of uninitialised value in function WriteJP2Image in coders/jp2.c", + "Description": 'ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c.', + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1518", + ], + }, + { + "VulnerabilityID": "CVE-2019-12978", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c", + "Description": 'ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c.', + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12978.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1519", + ], + }, + { + "VulnerabilityID": "CVE-2019-12979", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c", + "Description": 'ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.', + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12979.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1522", + ], + }, + { + "VulnerabilityID": "CVE-2019-13135", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": 'ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS', + "Description": 'ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.', + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13135.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", + "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d", + "https://github.com/ImageMagick/ImageMagick/issues/1599", + "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13137", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: a memory leak vulnerability in the function ReadPSImage in coders/ps.c", + "Description": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34", + "https://github.com/ImageMagick/ImageMagick/issues/1601", + "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b", + ], + }, + { + "VulnerabilityID": "CVE-2019-13295", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13295.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", + "https://github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc", + "https://github.com/ImageMagick/ImageMagick/issues/1608", + "https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13297", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13297.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", + "https://github.com/ImageMagick/ImageMagick/commit/604588fc35c7585abb7a9e71f69bb82e4389fefc", + "https://github.com/ImageMagick/ImageMagick/issues/1609", + "https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13300", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13300.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a", + "https://github.com/ImageMagick/ImageMagick/issues/1586", + "https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450", + ], + }, + { + "VulnerabilityID": "CVE-2019-13301", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks in AcquireMagickMemory", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13301.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025", + "https://github.com/ImageMagick/ImageMagick/issues/1585", + "https://github.com/ImageMagick/ImageMagick/issues/1589", + ], + }, + { + "VulnerabilityID": "CVE-2019-13304", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13304.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", + "https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e", + "https://github.com/ImageMagick/ImageMagick/issues/1614", + "https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13305", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13305.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", + "https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888", + "https://github.com/ImageMagick/ImageMagick/issues/1613", + "https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13306", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13306.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", + "https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd", + "https://github.com/ImageMagick/ImageMagick/issues/1612", + "https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13307", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13307.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48", + "https://github.com/ImageMagick/ImageMagick/issues/1615", + "https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe", + ], + }, + { + "VulnerabilityID": "CVE-2019-13308", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow in MagickCore/fourier.c in ComplexImage", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/61135001a625364e29bdce83832f043eebde7b5a", + "https://github.com/ImageMagick/ImageMagick/issues/1595", + "https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01", + ], + }, + { + "VulnerabilityID": "CVE-2019-13309", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13309.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51", + ], + }, + { + "VulnerabilityID": "CVE-2019-13310", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13310.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51", + ], + }, + { + "VulnerabilityID": "CVE-2019-13311", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13311.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/4a334bbf5584de37c6f5a47c380a531c8c4b140a", + "https://github.com/ImageMagick/ImageMagick/issues/1623", + "https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91", + ], + }, + { + "VulnerabilityID": "CVE-2019-13391", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in MagickCore/fourier.c", + "Description": "In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7", + "https://github.com/ImageMagick/ImageMagick/issues/1588", + "https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984", + ], + }, + { + "VulnerabilityID": "CVE-2019-13454", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c", + "Description": "ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13454.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "http://www.securityfocus.com/bid/109099", + "https://github.com/ImageMagick/ImageMagick/commit/1ddcf2e4f28029a888cadef2e757509ef5047ad8", + "https://github.com/ImageMagick/ImageMagick/issues/1629", + "https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4", + ], + }, + { + "VulnerabilityID": "CVE-2019-14981", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c", + "Description": "In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-14981.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", + "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc", + "https://github.com/ImageMagick/ImageMagick/issues/1552", + "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15139", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c", + "Description": "The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-15139.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", + "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7", + "https://github.com/ImageMagick/ImageMagick/issues/1553", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15140", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Use after free in ReadMATImage in coders/mat.c", + "Description": "coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-15140.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", + "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0", + "https://github.com/ImageMagick/ImageMagick/issues/1554", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-16708", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in magick/xwindow.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16708.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16709", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in coders/dps.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16709.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531", + ], + }, + { + "VulnerabilityID": "CVE-2019-16710", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16710.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1528", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16711", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c", + "Description": "ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16711.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1542", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16712", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16712.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1557", + ], + }, + { + "VulnerabilityID": "CVE-2019-16713", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16713.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1558", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19949", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-19949.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", + "https://github.com/ImageMagick/ImageMagick/issues/1561", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-7175", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: memory leak in function DecodeImage in coders/pcd.c", + "Description": "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-7175.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", + "https://github.com/ImageMagick/ImageMagick/issues/1450", + ], + }, + { + "VulnerabilityID": "CVE-2019-7395", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the WritePSDChannel function in coders/psd.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106850", + "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06", + "https://github.com/ImageMagick/ImageMagick/issues/1451", + ], + }, + { + "VulnerabilityID": "CVE-2019-7396", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the ReadSIXELImage function in coders/sixel.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://www.securityfocus.com/bid/106849", + "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce", + "https://github.com/ImageMagick/ImageMagick/issues/1452", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-7397", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c", + "Description": "In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.", + "Severity": "MEDIUM", + "References": + [ + "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1", + "http://linux.oracle.com/cve/CVE-2019-7397.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106847", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", + "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82", + "https://github.com/ImageMagick/ImageMagick/issues/1454", + ], + }, + { + "VulnerabilityID": "CVE-2019-7398", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-7398.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106848", + "https://github.com/ImageMagick/ImageMagick/issues/1453", + ], + }, + { + "VulnerabilityID": "CVE-2020-10251", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: out-of-bounds read in ReadHEICImageByID function in coders/heic.c", + "Description": "In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.", + "Severity": "MEDIUM", + "References": + ["https://github.com/ImageMagick/ImageMagick/issues/1859"], + }, + { + "VulnerabilityID": "CVE-2005-0406", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Description": "A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.", + "Severity": "LOW", + "References": + [ + "http://seclists.org/lists/fulldisclosure/2005/Feb/0343.html", + "http://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt", + ], + }, + { + "VulnerabilityID": "CVE-2016-1585", + "PkgName": "libapparmor1", + "InstalledVersion": "2.13.2-10", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Description": "In all versions of AppArmor mount rules are accidentally widened when compiled.", + "Severity": "HIGH", + "References": ["https://bugs.launchpad.net/apparmor/+bug/1597017"], + }, + { + "VulnerabilityID": "CVE-2011-3374", + "PkgName": "libapt-pkg5.0", + "InstalledVersion": "1.8.2", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "Severity": "MEDIUM", + "References": + [ + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518", + ], + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libasan5", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libasan5", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": 'gcc: POWER9 "DARN" RNG intrinsic produces repeated output', + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + ], + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libatomic1", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libatomic1", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": 'gcc: POWER9 "DARN" RNG intrinsic produces repeated output', + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + ], + }, + { + "VulnerabilityID": "CVE-2017-6519", + "PkgName": "libavahi-client3", + "InstalledVersion": "0.7-4", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "avahi: Multicast DNS responds to unicast queries outside of local network", + "Description": "avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2017-6519.html", + "http://linux.oracle.com/errata/ELSA-2020-1176.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=1426712", + "https://github.com/lathiat/avahi/issues/203", + "https://github.com/lathiat/avahi/issues/203#issuecomment-449536790", + "https://usn.ubuntu.com/3876-1/", + "https://usn.ubuntu.com/3876-2/", + "https://www.kb.cert.org/vuls/id/550620", + "https://www.secfu.net/advisories", + ], + }, + { + "VulnerabilityID": "CVE-2017-6519", + "PkgName": "libavahi-common-data", + "InstalledVersion": "0.7-4", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "avahi: Multicast DNS responds to unicast queries outside of local network", + "Description": "avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2017-6519.html", + "http://linux.oracle.com/errata/ELSA-2020-1176.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=1426712", + "https://github.com/lathiat/avahi/issues/203", + "https://github.com/lathiat/avahi/issues/203#issuecomment-449536790", + "https://usn.ubuntu.com/3876-1/", + "https://usn.ubuntu.com/3876-2/", + "https://www.kb.cert.org/vuls/id/550620", + "https://www.secfu.net/advisories", + ], + }, + { + "VulnerabilityID": "CVE-2017-6519", + "PkgName": "libavahi-common3", + "InstalledVersion": "0.7-4", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "avahi: Multicast DNS responds to unicast queries outside of local network", + "Description": "avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2017-6519.html", + "http://linux.oracle.com/errata/ELSA-2020-1176.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=1426712", + "https://github.com/lathiat/avahi/issues/203", + "https://github.com/lathiat/avahi/issues/203#issuecomment-449536790", + "https://usn.ubuntu.com/3876-1/", + "https://usn.ubuntu.com/3876-2/", + "https://www.kb.cert.org/vuls/id/550620", + "https://www.secfu.net/advisories", + ], + }, + { + "VulnerabilityID": "CVE-2017-13716", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Memory leak with the C++ symbol demangler routine in libiberty", + "Description": "The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).", + "Severity": "HIGH", + "References": + ["https://sourceware.org/bugzilla/show_bug.cgi?id=22009"], + }, + { + "VulnerabilityID": "CVE-2018-12699", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer overflow in finish_stab in stabs.c", + "Description": "finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.", + "Severity": "HIGH", + "References": + [ + "http://www.securityfocus.com/bid/104540", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057", + ], + }, + { + "VulnerabilityID": "CVE-2018-1000876", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: integer overflow leads to heap-based buffer overflow in objdump", + "Description": "binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2018-1000876.html", + "http://linux.oracle.com/errata/ELSA-2019-2075.html", + "http://www.securityfocus.com/bid/106304", + "https://access.redhat.com/errata/RHSA-2019:2075", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23994", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f", + ], + }, + { + "VulnerabilityID": "CVE-2018-12697", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c.", + "Description": "A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2018-12697.html", + "http://linux.oracle.com/errata/ELSA-2019-2075.html", + "http://www.securityfocus.com/bid/104538", + "https://access.redhat.com/errata/RHSA-2019:2075", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057", + ], + }, + { + "VulnerabilityID": "CVE-2018-12698", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: excessive memory consumption in demangle_template in cplus-dem.c", + "Description": 'demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump.', + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/104539", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057", + ], + }, + { + "VulnerabilityID": "CVE-2018-12700", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack Exhaustion in debug_write_type in debug.c", + "Description": "A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/104541", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057", + ], + }, + { + "VulnerabilityID": "CVE-2018-12934", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c", + "Description": "remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.", + "Severity": "MEDIUM", + "References": + [ + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23059", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-17358", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23686", + ], + }, + { + "VulnerabilityID": "CVE-2018-17359", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: invalid memory access in bfd_zalloc in opncls.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23686", + ], + }, + { + "VulnerabilityID": "CVE-2018-17360", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23685", + ], + }, + { + "VulnerabilityID": "CVE-2018-17794", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted input", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-17985", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack consumption problem caused by the cplus_demangle_type", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87335", + ], + }, + { + "VulnerabilityID": "CVE-2018-18309", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: invalid memory address dereference in read_reloc in reloc.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105692", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23770", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0930cb3021b8078b34cf216e79eb8608d017864f", + ], + }, + { + "VulnerabilityID": "CVE-2018-18483", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service", + "Description": "The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105689", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87602", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23767", + ], + }, + { + "VulnerabilityID": "CVE-2018-18484", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack exhaustion in cp-demangle.c allows for denial of service", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105693", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87636", + ], + }, + { + "VulnerabilityID": "CVE-2018-18605", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c", + "Description": "A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18605", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23804", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ab419ddbb2cdd17ca83618990f2cacf904ce1d61", + ], + }, + { + "VulnerabilityID": "CVE-2018-18606", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c", + "Description": "An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18606", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23806", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=45a0eaf77022963d639d6d19871dbab7b79703fc", + ], + }, + { + "VulnerabilityID": "CVE-2018-18607", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c", + "Description": "An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18607", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23805", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=102def4da826b3d9e169741421e5e67e8731909a", + ], + }, + { + "VulnerabilityID": "CVE-2018-18700", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demangle.c", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-18701", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-19931", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of service", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106144", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23942", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5f60af5d24d181371d67534fa273dd221df20c07", + ], + }, + { + "VulnerabilityID": "CVE-2018-19932", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106144", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23932", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=beab453223769279cc1cef68a1622ab8978641f7", + ], + }, + { + "VulnerabilityID": "CVE-2018-20002", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c", + "Description": "The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106142", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23952", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c2f5dc30afa34696f2da0081c4ac50b958ecb0e9", + "https://support.f5.com/csp/article/K62602089", + ], + }, + { + "VulnerabilityID": "CVE-2018-20623", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Use-after-free in the error function", + "Description": "In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/106370", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24049", + "https://support.f5.com/csp/article/K38336243", + ], + }, + { + "VulnerabilityID": "CVE-2018-20651", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of service", + "Description": "A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106440", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24041", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=54025d5812ff100f5f0654eb7e1ffd50f2e37f5f", + "https://support.f5.com/csp/article/K38336243", + ], + }, + { + "VulnerabilityID": "CVE-2018-20671", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Integer overflow in load_specific_debug_section function", + "Description": "load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/106457", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24005", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11fa9f134fd658075c6f74499c780df045d9e9ca", + ], + }, + { + "VulnerabilityID": "CVE-2018-20673", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "libiberty: Integer overflow in demangle_template() function", + "Description": 'The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.', + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106454", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24039", + ], + }, + { + "VulnerabilityID": "CVE-2018-20712", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "libiberty: heap-based buffer over-read in d_expression_1", + "Description": "A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106563", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24043", + "https://support.f5.com/csp/article/K38336243", + ], + }, + { + "VulnerabilityID": "CVE-2018-9138", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type.", + "Severity": "MEDIUM", + "References": + [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=23008", + "https://usn.ubuntu.com/4326-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-9996", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Stack-overflow in libiberty/cplus-dem.c causes crash", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/103733", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010180", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution", + "Description": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/109367", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23657", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010204", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service", + "Description": "GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190822-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23765", + ], + }, + { + "VulnerabilityID": "CVE-2019-12972", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\\0' character.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108903", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24689", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=890f750a3b053532a4b839a2dd6243076de12031", + ], + }, + { + "VulnerabilityID": "CVE-2019-14250", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/109354", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924", + "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html", + "https://security.netapp.com/advisory/ntap-20190822-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2019-14444", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: integer overflow in function apply_relocation in readelf.c", + "Description": "apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190822-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24829", + ], + }, + { + "VulnerabilityID": "CVE-2019-17450", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: denial of service via crafted ELF file", + "Description": "find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20191024-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25078", + ], + }, + { + "VulnerabilityID": "CVE-2019-17451", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20191024-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25070", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=336bfbeb1848f4b9558456fdcf283ee8a32d7fd1", + ], + }, + { + "VulnerabilityID": "CVE-2019-9070", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107147", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89395", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24229", + "https://support.f5.com/csp/article/K13534168", + ], + }, + { + "VulnerabilityID": "CVE-2019-9071", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107147", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24227", + "https://support.f5.com/csp/article/K02884135", + ], + }, + { + "VulnerabilityID": "CVE-2019-9073", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24233", + "https://support.f5.com/csp/article/K37121474", + ], + }, + { + "VulnerabilityID": "CVE-2019-9074", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: out-of-bound read in function bfd_getl32 in libbfd.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24235", + "https://support.f5.com/csp/article/K09092524", + ], + }, + { + "VulnerabilityID": "CVE-2019-9075", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24236", + "https://support.f5.com/csp/article/K42059040", + ], + }, + { + "VulnerabilityID": "CVE-2019-9077", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "binutils: heap-based buffer overflow in function process_mips_specific in readelf.c", + "Description": "An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107139", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24243", + "https://support.f5.com/csp/article/K00056379", + ], + }, + { + "VulnerabilityID": "CVE-2019-20367", + "PkgName": "libbsd0", + "InstalledVersion": "0.9.1-2", + "Layer": + { + "Digest": "sha256:dcf4d822b25e881858974ef05d5237438ea75e79629228030993e01d8685cf3a", + "DiffID": "sha256:aabbe8e7814eee19746f5888f3909b5bf6961801bede1448d41519cd1344b78a", + }, + "Description": "nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab).", + "Severity": "MEDIUM", + "References": + [ + "https://gitlab.freedesktop.org/libbsd/libbsd/commit/9d917aad37778a9f4a96ba358415f077f3f36f3b", + "https://lists.freedesktop.org/archives/libbsd/2019-August/000229.html", + "https://usn.ubuntu.com/4243-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010022", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: stack guard protection bypass", + "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard.", + "Severity": "HIGH", + "References": + ["https://sourceware.org/bugzilla/show_bug.cgi?id=22850"], + }, + { + "VulnerabilityID": "CVE-2020-1752", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: use-after-free in glob() function when expanding ~user", + "Description": "A use-after-free vulnerability was found in glibc in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution.", + "Severity": "HIGH", + }, + { + "VulnerabilityID": "CVE-2010-4051", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "CVE-2010-4052 glibc: De-recursivise regular expression engine", + "Description": 'The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a "RE_DUP_MAX overflow."', + "Severity": "MEDIUM", + "References": + [ + "http://cxib.net/stuff/proftpd.gnu.c", + "http://seclists.org/fulldisclosure/2011/Jan/78", + "http://secunia.com/advisories/42547", + "http://securityreason.com/achievement_securityalert/93", + "http://securityreason.com/securityalert/8003", + "http://securitytracker.com/id?1024832", + "http://www.exploit-db.com/exploits/15935", + "http://www.kb.cert.org/vuls/id/912279", + "http://www.securityfocus.com/archive/1/515589/100/0/threaded", + "http://www.securityfocus.com/bid/45233", + "https://bugzilla.redhat.com/show_bug.cgi?id=645859", + ], + }, + { + "VulnerabilityID": "CVE-2010-4052", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "CVE-2010-4051 CVE-2010-4052 glibc: De-recursivise regular expression engine", + "Description": "Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.", + "Severity": "MEDIUM", + "References": + [ + "http://cxib.net/stuff/proftpd.gnu.c", + "http://seclists.org/fulldisclosure/2011/Jan/78", + "http://secunia.com/advisories/42547", + "http://securityreason.com/achievement_securityalert/93", + "http://securityreason.com/securityalert/8003", + "http://securitytracker.com/id?1024832", + "http://www.exploit-db.com/exploits/15935", + "http://www.kb.cert.org/vuls/id/912279", + "http://www.securityfocus.com/archive/1/515589/100/0/threaded", + "http://www.securityfocus.com/bid/45233", + "https://bugzilla.redhat.com/show_bug.cgi?id=645859", + ], + }, + { + "VulnerabilityID": "CVE-2010-4756", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "Description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "Severity": "MEDIUM", + "References": + [ + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + ], + }, + { + "VulnerabilityID": "CVE-2016-10228", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: iconv program can hang when invoked with the -c option", + "Description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and earlier, when invoked with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", + "Severity": "MEDIUM", + "References": + [ + "http://openwall.com/lists/oss-security/2017/03/01/10", + "http://www.securityfocus.com/bid/96525", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + ], + }, + { + "VulnerabilityID": "CVE-2018-20796", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "Description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107160", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010023", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "Description": "GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/109167", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support\u0026amp;utm_medium=RSS", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010024", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: ASLR bypass using cache of thread stack and heap", + "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/109162", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010025", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: information disclosure of heap addresses of pthread_created thread", + "Description": '** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor''s position is "ASLR bypass itself is not a vulnerability."', + "Severity": "MEDIUM", + "References": + ["https://sourceware.org/bugzilla/show_bug.cgi?id=22853"], + }, + { + "VulnerabilityID": "CVE-2019-9192", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "Description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "Severity": "MEDIUM", + "References": + [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS", + ], + }, + { + "VulnerabilityID": "CVE-2020-1751", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: array overflow in backtrace functions for powerpc", + "Description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "Severity": "MEDIUM", + "References": + [ + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + ], + }, + { + "VulnerabilityID": "CVE-2020-6096", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "Description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", + "Severity": "MEDIUM", + "References": + [ + "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + ], + }, + { + "VulnerabilityID": "CVE-2019-19126", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", + "Description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", + "Severity": "LOW", + "References": + [ + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", + ], + }, + { + "VulnerabilityID": "CVE-2020-10029", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", + "Description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", + "Severity": "LOW", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "https://security.netapp.com/advisory/ntap-20200327-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010022", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: stack guard protection bypass", + "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard.", + "Severity": "HIGH", + "References": + ["https://sourceware.org/bugzilla/show_bug.cgi?id=22850"], + }, + { + "VulnerabilityID": "CVE-2020-1752", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: use-after-free in glob() function when expanding ~user", + "Description": "A use-after-free vulnerability was found in glibc in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution.", + "Severity": "HIGH", + }, + { + "VulnerabilityID": "CVE-2010-4051", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "CVE-2010-4052 glibc: De-recursivise regular expression engine", + "Description": 'The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a "RE_DUP_MAX overflow."', + "Severity": "MEDIUM", + "References": + [ + "http://cxib.net/stuff/proftpd.gnu.c", + "http://seclists.org/fulldisclosure/2011/Jan/78", + "http://secunia.com/advisories/42547", + "http://securityreason.com/achievement_securityalert/93", + "http://securityreason.com/securityalert/8003", + "http://securitytracker.com/id?1024832", + "http://www.exploit-db.com/exploits/15935", + "http://www.kb.cert.org/vuls/id/912279", + "http://www.securityfocus.com/archive/1/515589/100/0/threaded", + "http://www.securityfocus.com/bid/45233", + "https://bugzilla.redhat.com/show_bug.cgi?id=645859", + ], + }, + { + "VulnerabilityID": "CVE-2010-4052", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "CVE-2010-4051 CVE-2010-4052 glibc: De-recursivise regular expression engine", + "Description": "Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.", + "Severity": "MEDIUM", + "References": + [ + "http://cxib.net/stuff/proftpd.gnu.c", + "http://seclists.org/fulldisclosure/2011/Jan/78", + "http://secunia.com/advisories/42547", + "http://securityreason.com/achievement_securityalert/93", + "http://securityreason.com/securityalert/8003", + "http://securitytracker.com/id?1024832", + "http://www.exploit-db.com/exploits/15935", + "http://www.kb.cert.org/vuls/id/912279", + "http://www.securityfocus.com/archive/1/515589/100/0/threaded", + "http://www.securityfocus.com/bid/45233", + "https://bugzilla.redhat.com/show_bug.cgi?id=645859", + ], + }, + { + "VulnerabilityID": "CVE-2010-4756", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "Description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "Severity": "MEDIUM", + "References": + [ + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + ], + }, + { + "VulnerabilityID": "CVE-2016-10228", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: iconv program can hang when invoked with the -c option", + "Description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and earlier, when invoked with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", + "Severity": "MEDIUM", + "References": + [ + "http://openwall.com/lists/oss-security/2017/03/01/10", + "http://www.securityfocus.com/bid/96525", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + ], + }, + { + "VulnerabilityID": "CVE-2018-20796", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "Description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107160", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010023", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "Description": "GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/109167", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support\u0026amp;utm_medium=RSS", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010024", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: ASLR bypass using cache of thread stack and heap", + "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/109162", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010025", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: information disclosure of heap addresses of pthread_created thread", + "Description": '** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor''s position is "ASLR bypass itself is not a vulnerability."', + "Severity": "MEDIUM", + "References": + ["https://sourceware.org/bugzilla/show_bug.cgi?id=22853"], + }, + { + "VulnerabilityID": "CVE-2019-9192", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "Description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "Severity": "MEDIUM", + "References": + [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS", + ], + }, + { + "VulnerabilityID": "CVE-2020-1751", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: array overflow in backtrace functions for powerpc", + "Description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "Severity": "MEDIUM", + "References": + [ + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + ], + }, + { + "VulnerabilityID": "CVE-2020-6096", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "Description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", + "Severity": "MEDIUM", + "References": + [ + "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + ], + }, + { + "VulnerabilityID": "CVE-2019-19126", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", + "Description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", + "Severity": "LOW", + "References": + [ + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", + ], + }, + { + "VulnerabilityID": "CVE-2020-10029", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", + "Description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", + "Severity": "LOW", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "https://security.netapp.com/advisory/ntap-20200327-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010022", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: stack guard protection bypass", + "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard.", + "Severity": "HIGH", + "References": + ["https://sourceware.org/bugzilla/show_bug.cgi?id=22850"], + }, + { + "VulnerabilityID": "CVE-2020-1752", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: use-after-free in glob() function when expanding ~user", + "Description": "A use-after-free vulnerability was found in glibc in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution.", + "Severity": "HIGH", + }, + { + "VulnerabilityID": "CVE-2010-4051", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "CVE-2010-4052 glibc: De-recursivise regular expression engine", + "Description": 'The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a "RE_DUP_MAX overflow."', + "Severity": "MEDIUM", + "References": + [ + "http://cxib.net/stuff/proftpd.gnu.c", + "http://seclists.org/fulldisclosure/2011/Jan/78", + "http://secunia.com/advisories/42547", + "http://securityreason.com/achievement_securityalert/93", + "http://securityreason.com/securityalert/8003", + "http://securitytracker.com/id?1024832", + "http://www.exploit-db.com/exploits/15935", + "http://www.kb.cert.org/vuls/id/912279", + "http://www.securityfocus.com/archive/1/515589/100/0/threaded", + "http://www.securityfocus.com/bid/45233", + "https://bugzilla.redhat.com/show_bug.cgi?id=645859", + ], + }, + { + "VulnerabilityID": "CVE-2010-4052", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "CVE-2010-4051 CVE-2010-4052 glibc: De-recursivise regular expression engine", + "Description": "Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.", + "Severity": "MEDIUM", + "References": + [ + "http://cxib.net/stuff/proftpd.gnu.c", + "http://seclists.org/fulldisclosure/2011/Jan/78", + "http://secunia.com/advisories/42547", + "http://securityreason.com/achievement_securityalert/93", + "http://securityreason.com/securityalert/8003", + "http://securitytracker.com/id?1024832", + "http://www.exploit-db.com/exploits/15935", + "http://www.kb.cert.org/vuls/id/912279", + "http://www.securityfocus.com/archive/1/515589/100/0/threaded", + "http://www.securityfocus.com/bid/45233", + "https://bugzilla.redhat.com/show_bug.cgi?id=645859", + ], + }, + { + "VulnerabilityID": "CVE-2010-4756", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "Description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "Severity": "MEDIUM", + "References": + [ + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + ], + }, + { + "VulnerabilityID": "CVE-2016-10228", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: iconv program can hang when invoked with the -c option", + "Description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and earlier, when invoked with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", + "Severity": "MEDIUM", + "References": + [ + "http://openwall.com/lists/oss-security/2017/03/01/10", + "http://www.securityfocus.com/bid/96525", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + ], + }, + { + "VulnerabilityID": "CVE-2018-20796", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "Description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107160", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010023", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "Description": "GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/109167", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support\u0026amp;utm_medium=RSS", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010024", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: ASLR bypass using cache of thread stack and heap", + "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/109162", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010025", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: information disclosure of heap addresses of pthread_created thread", + "Description": '** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor''s position is "ASLR bypass itself is not a vulnerability."', + "Severity": "MEDIUM", + "References": + ["https://sourceware.org/bugzilla/show_bug.cgi?id=22853"], + }, + { + "VulnerabilityID": "CVE-2019-9192", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "Description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "Severity": "MEDIUM", + "References": + [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS", + ], + }, + { + "VulnerabilityID": "CVE-2020-1751", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: array overflow in backtrace functions for powerpc", + "Description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "Severity": "MEDIUM", + "References": + [ + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + ], + }, + { + "VulnerabilityID": "CVE-2020-6096", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "Description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", + "Severity": "MEDIUM", + "References": + [ + "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + ], + }, + { + "VulnerabilityID": "CVE-2019-19126", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", + "Description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", + "Severity": "LOW", + "References": + [ + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", + ], + }, + { + "VulnerabilityID": "CVE-2020-10029", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", + "Description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", + "Severity": "LOW", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "https://security.netapp.com/advisory/ntap-20200327-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010022", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: stack guard protection bypass", + "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard.", + "Severity": "HIGH", + "References": + ["https://sourceware.org/bugzilla/show_bug.cgi?id=22850"], + }, + { + "VulnerabilityID": "CVE-2020-1752", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: use-after-free in glob() function when expanding ~user", + "Description": "A use-after-free vulnerability was found in glibc in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution.", + "Severity": "HIGH", + }, + { + "VulnerabilityID": "CVE-2010-4051", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "CVE-2010-4052 glibc: De-recursivise regular expression engine", + "Description": 'The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a "RE_DUP_MAX overflow."', + "Severity": "MEDIUM", + "References": + [ + "http://cxib.net/stuff/proftpd.gnu.c", + "http://seclists.org/fulldisclosure/2011/Jan/78", + "http://secunia.com/advisories/42547", + "http://securityreason.com/achievement_securityalert/93", + "http://securityreason.com/securityalert/8003", + "http://securitytracker.com/id?1024832", + "http://www.exploit-db.com/exploits/15935", + "http://www.kb.cert.org/vuls/id/912279", + "http://www.securityfocus.com/archive/1/515589/100/0/threaded", + "http://www.securityfocus.com/bid/45233", + "https://bugzilla.redhat.com/show_bug.cgi?id=645859", + ], + }, + { + "VulnerabilityID": "CVE-2010-4052", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "CVE-2010-4051 CVE-2010-4052 glibc: De-recursivise regular expression engine", + "Description": "Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.", + "Severity": "MEDIUM", + "References": + [ + "http://cxib.net/stuff/proftpd.gnu.c", + "http://seclists.org/fulldisclosure/2011/Jan/78", + "http://secunia.com/advisories/42547", + "http://securityreason.com/achievement_securityalert/93", + "http://securityreason.com/securityalert/8003", + "http://securitytracker.com/id?1024832", + "http://www.exploit-db.com/exploits/15935", + "http://www.kb.cert.org/vuls/id/912279", + "http://www.securityfocus.com/archive/1/515589/100/0/threaded", + "http://www.securityfocus.com/bid/45233", + "https://bugzilla.redhat.com/show_bug.cgi?id=645859", + ], + }, + { + "VulnerabilityID": "CVE-2010-4756", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "Description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "Severity": "MEDIUM", + "References": + [ + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223", + ], + }, + { + "VulnerabilityID": "CVE-2016-10228", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: iconv program can hang when invoked with the -c option", + "Description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and earlier, when invoked with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", + "Severity": "MEDIUM", + "References": + [ + "http://openwall.com/lists/oss-security/2017/03/01/10", + "http://www.securityfocus.com/bid/96525", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519", + ], + }, + { + "VulnerabilityID": "CVE-2018-20796", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "Description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107160", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010023", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "Description": "GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/109167", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support\u0026amp;utm_medium=RSS", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010024", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: ASLR bypass using cache of thread stack and heap", + "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/109162", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097", + ], + }, + { + "VulnerabilityID": "CVE-2019-1010025", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: information disclosure of heap addresses of pthread_created thread", + "Description": '** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor''s position is "ASLR bypass itself is not a vulnerability."', + "Severity": "MEDIUM", + "References": + ["https://sourceware.org/bugzilla/show_bug.cgi?id=22853"], + }, + { + "VulnerabilityID": "CVE-2019-9192", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "Description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "Severity": "MEDIUM", + "References": + [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS", + ], + }, + { + "VulnerabilityID": "CVE-2020-1751", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: array overflow in backtrace functions for powerpc", + "Description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "Severity": "MEDIUM", + "References": + [ + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25423", + ], + }, + { + "VulnerabilityID": "CVE-2020-6096", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "Description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", + "Severity": "MEDIUM", + "References": + [ + "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", + ], + }, + { + "VulnerabilityID": "CVE-2019-19126", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", + "Description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", + "Severity": "LOW", + "References": + [ + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", + ], + }, + { + "VulnerabilityID": "CVE-2020-10029", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", + "Description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", + "Severity": "LOW", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "https://security.netapp.com/advisory/ntap-20200327-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f", + ], + }, + { + "VulnerabilityID": "CVE-2017-7475", + "PkgName": "libcairo-gobject2", + "InstalledVersion": "1.16.0-4", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "cairo: NULL pointer dereference with a crafted font file", + "Description": "Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.", + "Severity": "MEDIUM", + "References": + [ + "http://seclists.org/oss-sec/2017/q2/151", + "https://bugs.freedesktop.org/show_bug.cgi?id=100763", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475", + ], + }, + { + "VulnerabilityID": "CVE-2017-9814", + "PkgName": "libcairo-gobject2", + "InstalledVersion": "1.16.0-4", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "cairo: Out-of-bounds read due to mishandling of unexpected malloc(0) call", + "Description": "cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call.", + "Severity": "MEDIUM", + "References": + [ + "https://bugs.freedesktop.org/show_bug.cgi?id=101547", + "https://security.gentoo.org/glsa/201904-01", + ], + }, + { + "VulnerabilityID": "CVE-2018-18064", + "PkgName": "libcairo-gobject2", + "InstalledVersion": "1.16.0-4", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document", + "Description": "cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).", + "Severity": "MEDIUM", + "References": + ["https://gitlab.freedesktop.org/cairo/cairo/issues/341"], + }, + { + "VulnerabilityID": "CVE-2019-6461", + "PkgName": "libcairo-gobject2", + "InstalledVersion": "1.16.0-4", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "cairo: assertion problem in _cairo_arc_in_direction in cairo-arc.c", + "Description": "An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/TeamSeri0us/pocs/tree/master/gerbv", + "https://gitlab.freedesktop.org/cairo/cairo/issues/352", + ], + }, + { + "VulnerabilityID": "CVE-2019-6462", + "PkgName": "libcairo-gobject2", + "InstalledVersion": "1.16.0-4", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "cairo: infinite loop in the function _arc_error_normalized in the file cairo-arc.c", + "Description": "An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max_angle_for_tolerance_normalized.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/TeamSeri0us/pocs/tree/master/gerbv", + "https://gitlab.freedesktop.org/cairo/cairo/issues/353", + ], + }, + { + "VulnerabilityID": "CVE-2017-7475", + "PkgName": "libcairo2", + "InstalledVersion": "1.16.0-4", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "cairo: NULL pointer dereference with a crafted font file", + "Description": "Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.", + "Severity": "MEDIUM", + "References": + [ + "http://seclists.org/oss-sec/2017/q2/151", + "https://bugs.freedesktop.org/show_bug.cgi?id=100763", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475", + ], + }, + { + "VulnerabilityID": "CVE-2017-9814", + "PkgName": "libcairo2", + "InstalledVersion": "1.16.0-4", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "cairo: Out-of-bounds read due to mishandling of unexpected malloc(0) call", + "Description": "cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call.", + "Severity": "MEDIUM", + "References": + [ + "https://bugs.freedesktop.org/show_bug.cgi?id=101547", + "https://security.gentoo.org/glsa/201904-01", + ], + }, + { + "VulnerabilityID": "CVE-2018-18064", + "PkgName": "libcairo2", + "InstalledVersion": "1.16.0-4", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document", + "Description": "cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).", + "Severity": "MEDIUM", + "References": + ["https://gitlab.freedesktop.org/cairo/cairo/issues/341"], + }, + { + "VulnerabilityID": "CVE-2019-6461", + "PkgName": "libcairo2", + "InstalledVersion": "1.16.0-4", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "cairo: assertion problem in _cairo_arc_in_direction in cairo-arc.c", + "Description": "An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/TeamSeri0us/pocs/tree/master/gerbv", + "https://gitlab.freedesktop.org/cairo/cairo/issues/352", + ], + }, + { + "VulnerabilityID": "CVE-2019-6462", + "PkgName": "libcairo2", + "InstalledVersion": "1.16.0-4", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "cairo: infinite loop in the function _arc_error_normalized in the file cairo-arc.c", + "Description": "An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max_angle_for_tolerance_normalized.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/TeamSeri0us/pocs/tree/master/gerbv", + "https://gitlab.freedesktop.org/cairo/cairo/issues/353", + ], + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libcc1-0", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libcc1-0", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": 'gcc: POWER9 "DARN" RNG intrinsic produces repeated output', + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + ], + }, + { + "VulnerabilityID": "CVE-2017-8871", + "PkgName": "libcroco3", + "InstalledVersion": "0.6.12-3", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "libcroco: Infinite loop in the cr_parser_parse_selector_core function", + "Description": "The cr_parser_parse_selector_core function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted CSS file.", + "Severity": "HIGH", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00043.html", + "https://bugzilla.gnome.org/show_bug.cgi?id=782649", + "https://www.exploit-db.com/exploits/42147/", + ], + }, + { + "VulnerabilityID": "CVE-2017-8834", + "PkgName": "libcroco3", + "InstalledVersion": "0.6.12-3", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "libcroco: Memory allocation failure in the cr_tknzr_parse_comment function", + "Description": "The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (memory allocation error) via a crafted CSS file.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00043.html", + "https://bugzilla.gnome.org/show_bug.cgi?id=782647", + "https://www.exploit-db.com/exploits/42147/", + ], + }, + { + "VulnerabilityID": "CVE-2014-8166", + "PkgName": "libcups2", + "InstalledVersion": "2.2.10-6+deb10u2", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "cups: code execution via unescape ANSI escape sequences", + "Description": "The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name.", + "Severity": "MEDIUM", + "References": + [ + "http://www.openwall.com/lists/oss-security/2015/03/24/15", + "http://www.openwall.com/lists/oss-security/2015/03/24/2", + "http://www.securityfocus.com/bid/73300", + "https://bugzilla.redhat.com/show_bug.cgi?id=1084577", + ], + }, + { + "VulnerabilityID": "CVE-2020-3898", + "PkgName": "libcups2", + "InstalledVersion": "2.2.10-6+deb10u2", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "cups: heap based buffer overflow in libcups's ppdFindOption() in ppd-mark.c", + "Description": "No description is available for this CVE.", + "Severity": "MEDIUM", + }, + { + "VulnerabilityID": "CVE-2019-8842", + "PkgName": "libcups2", + "InstalledVersion": "2.2.10-6+deb10u2", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Severity": "UNKNOWN", + }, + { + "VulnerabilityID": "CVE-2013-0340", + "PkgName": "libexpat1", + "InstalledVersion": "2.2.6-2+deb10u1", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "expat: internal entity expansion", + "Description": "expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.", + "Severity": "MEDIUM", + "References": + [ + "http://openwall.com/lists/oss-security/2013/02/22/3", + "http://securitytracker.com/id?1028213", + "http://www.openwall.com/lists/oss-security/2013/04/12/6", + "http://www.osvdb.org/90634", + "http://www.securityfocus.com/bid/58233", + "https://security.gentoo.org/glsa/201701-21", + ], + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libgcc-8-dev", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libgcc-8-dev", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": 'gcc: POWER9 "DARN" RNG intrinsic produces repeated output', + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + ], + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libgcc1", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libgcc1", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": 'gcc: POWER9 "DARN" RNG intrinsic produces repeated output', + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + ], + }, + { + "VulnerabilityID": "CVE-2018-6829", + "PkgName": "libgcrypt20", + "InstalledVersion": "1.8.4-5", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information", + "Description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", + "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", + "https://www.oracle.com/security-alerts/cpujan2020.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-12904", + "PkgName": "libgcrypt20", + "InstalledVersion": "1.8.4-5", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "Libgcrypt: physical addresses being available to other processes leads to a flush-and-reload side-channel attack", + "Description": "In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.)", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00049.html", + "https://dev.gnupg.org/T4541", + "https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020", + "https://github.com/gpg/libgcrypt/commit/daedbbb5541cd8ecda1459d3b843ea4d92788762", + "https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-12904.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13627", + "PkgName": "libgcrypt20", + "InstalledVersion": "1.8.4-5", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "libgcrypt: ECDSA timing attack in the libgcrypt20 cryptographic library", + "Description": "It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.", + "Severity": "LOW", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html", + "http://www.openwall.com/lists/oss-security/2019/10/02/2", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627", + "https://dev.gnupg.org/T4683", + "https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5", + "https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html", + "https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html", + "https://minerva.crocs.fi.muni.cz/", + "https://security-tracker.debian.org/tracker/CVE-2019-13627", + "https://security.gentoo.org/glsa/202003-32", + "https://usn.ubuntu.com/4236-1/", + "https://usn.ubuntu.com/4236-2/", + "https://usn.ubuntu.com/4236-3/", + ], + }, + { + "VulnerabilityID": "CVE-2012-0039", + "PkgName": "libglib2.0-0", + "InstalledVersion": "2.58.3-2+deb10u2", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "glib2: hash table collisions CPU usage DoS", + "Description": "** DISPUTED ** GLib 2.31.8 and earlier, when the g_str_hash function is used, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. NOTE: this issue may be disputed by the vendor; the existence of the g_str_hash function is not a vulnerability in the library, because callers of g_hash_table_new and g_hash_table_new_full can specify an arbitrary hash function that is appropriate for the application.", + "Severity": "MEDIUM", + "References": + [ + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655044", + "http://mail.gnome.org/archives/gtk-devel-list/2003-May/msg00111.html", + "http://openwall.com/lists/oss-security/2012/01/10/12", + "https://bugzilla.redhat.com/show_bug.cgi?id=772720", + ], + }, + { + "VulnerabilityID": "CVE-2011-3389", + "PkgName": "libgnutls30", + "InstalledVersion": "3.6.7-4+deb10u3", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)", + "Description": 'The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.', + "Severity": "MEDIUM", + "References": + [ + "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", + "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", + "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", + "http://curl.haxx.se/docs/adv_20120124B.html", + "http://downloads.asterisk.org/pub/security/AST-2016-001.html", + "http://ekoparty.org/2011/juliano-rizzo.php", + "http://eprint.iacr.org/2004/111", + "http://eprint.iacr.org/2006/136", + "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", + "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", + "http://linux.oracle.com/cve/CVE-2011-3389.html", + "http://linux.oracle.com/errata/ELSA-2011-1380.html", + "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", + "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", + "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", + "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", + "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", + "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", + "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", + "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2", + "http://marc.info/?l=bugtraq\u0026m=132872385320240\u0026w=2", + "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2", + "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2", + "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2", + "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2", + "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", + "http://osvdb.org/74829", + "http://rhn.redhat.com/errata/RHSA-2012-0508.html", + "http://rhn.redhat.com/errata/RHSA-2013-1455.html", + "http://secunia.com/advisories/45791", + "http://secunia.com/advisories/47998", + "http://secunia.com/advisories/48256", + "http://secunia.com/advisories/48692", + "http://secunia.com/advisories/48915", + "http://secunia.com/advisories/48948", + "http://secunia.com/advisories/49198", + "http://secunia.com/advisories/55322", + "http://secunia.com/advisories/55350", + "http://secunia.com/advisories/55351", + "http://security.gentoo.org/glsa/glsa-201203-02.xml", + "http://security.gentoo.org/glsa/glsa-201406-32.xml", + "http://support.apple.com/kb/HT4999", + "http://support.apple.com/kb/HT5001", + "http://support.apple.com/kb/HT5130", + "http://support.apple.com/kb/HT5281", + "http://support.apple.com/kb/HT5501", + "http://support.apple.com/kb/HT6150", + "http://technet.microsoft.com/security/advisory/2588513", + "http://vnhacker.blogspot.com/2011/09/beast.html", + "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", + "http://www.debian.org/security/2012/dsa-2398", + "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", + "http://www.ibm.com/developerworks/java/jdk/alerts/", + "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", + "http://www.insecure.cl/Beast-SSL.rar", + "http://www.kb.cert.org/vuls/id/864643", + "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", + "http://www.opera.com/docs/changelogs/mac/1151/", + "http://www.opera.com/docs/changelogs/mac/1160/", + "http://www.opera.com/docs/changelogs/unix/1151/", + "http://www.opera.com/docs/changelogs/unix/1160/", + "http://www.opera.com/docs/changelogs/windows/1151/", + "http://www.opera.com/docs/changelogs/windows/1160/", + "http://www.opera.com/support/kb/view/1004/", + "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", + "http://www.redhat.com/support/errata/RHSA-2011-1384.html", + "http://www.redhat.com/support/errata/RHSA-2012-0006.html", + "http://www.securityfocus.com/bid/49388", + "http://www.securityfocus.com/bid/49778", + "http://www.securitytracker.com/id/1029190", + "http://www.securitytracker.com/id?1025997", + "http://www.securitytracker.com/id?1026103", + "http://www.securitytracker.com/id?1026704", + "http://www.ubuntu.com/usn/USN-1263-1", + "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", + "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", + "https://bugzilla.novell.com/show_bug.cgi?id=719047", + "https://bugzilla.redhat.com/show_bug.cgi?id=737506", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", + "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", + "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", + "https://hermes.opensuse.org/messages/13154861", + "https://hermes.opensuse.org/messages/13155432", + "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752", + ], + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libgomp1", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libgomp1", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": 'gcc: POWER9 "DARN" RNG intrinsic produces repeated output', + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + ], + }, + { + "VulnerabilityID": "CVE-2018-5709", + "PkgName": "libgssapi-krb5-2", + "InstalledVersion": "1.17-3", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "krb5: integer overflow in dbentry-\u003en_key_data in kadmin/dbutil/dump.c", + "Description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable \"dbentry-\u003en_key_data\" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a \"u4\" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + ], + }, + { + "VulnerabilityID": "CVE-2004-0971", + "PkgName": "libgssapi-krb5-2", + "InstalledVersion": "1.17-3", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "security flaw", + "Description": "The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.", + "Severity": "LOW", + "References": + [ + "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304", + "http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml", + "http://www.redhat.com/support/errata/RHSA-2005-012.html", + "http://www.securityfocus.com/bid/11289", + "http://www.trustix.org/errata/2004/0050", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497", + ], + }, + { + "VulnerabilityID": "CVE-2019-12290", + "PkgName": "libidn2-0", + "InstalledVersion": "2.0.5-1+deb10u1", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Description": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.", + "Severity": "MEDIUM", + "References": + [ + "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5", + "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de", + "https://gitlab.com/libidn/libidn2/merge_requests/71", + "https://usn.ubuntu.com/4168-1/", + ], + }, + { + "VulnerabilityID": "CVE-2012-2663", + "PkgName": "libip4tc0", + "InstalledVersion": "1.8.2-4", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "iptables: --syn flag bypass", + "Description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "Severity": "HIGH", + "References": + [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702", + ], + }, + { + "VulnerabilityID": "CVE-2019-11360", + "PkgName": "libip4tc0", + "InstalledVersion": "1.8.2-4", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", + "Severity": "MEDIUM", + "References": + [ + "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", + ], + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libitm1", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libitm1", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": 'gcc: POWER9 "DARN" RNG intrinsic produces repeated output', + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + ], + }, + { + "VulnerabilityID": "CVE-2017-9937", + "PkgName": "libjbig0", + "InstalledVersion": "2.1-3.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "libtiff: memory malloc failure in tif_jbig.c could cause DOS.", + "Description": "In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack.", + "Severity": "MEDIUM", + "References": + [ + "http://bugzilla.maptools.org/show_bug.cgi?id=2707", + "http://www.securityfocus.com/bid/99304", + ], + }, + { + "VulnerabilityID": "CVE-2019-2201", + "PkgName": "libjpeg62-turbo", + "InstalledVersion": "1:1.5.2-2", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "libjpeg-turbo: several integer overflows and subsequent segfaults when attempting to compress/decompress gigapixel images", + "Description": "In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-120551338", + "Severity": "CRITICAL", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00047.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00048.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y4QPASQPZO644STRFTLOD35RIRGWWRNI/", + "https://source.android.com/security/bulletin/2019-11-01", + "https://usn.ubuntu.com/4190-1/", + ], + }, + { + "VulnerabilityID": "CVE-2017-15232", + "PkgName": "libjpeg62-turbo", + "InstalledVersion": "1:1.5.2-2", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "libjpeg-turbo: NULL pointer dereference in jdpostct.c and jquant1.c", + "Description": "libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182", + "https://github.com/mozilla/mozjpeg/issues/268", + "https://usn.ubuntu.com/3706-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-1152", + "PkgName": "libjpeg62-turbo", + "InstalledVersion": "1:1.5.2-2", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "libjpeg-turbo: Divide by zero allows for denial of service via crafted BMP image", + "Description": "libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html", + "http://www.securityfocus.com/bid/104543", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1152", + "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6", + "https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html", + "https://usn.ubuntu.com/3706-1/", + "https://usn.ubuntu.com/3706-2/", + "https://www.tenable.com/security/research/tra-2018-17", + ], + }, + { + "VulnerabilityID": "CVE-2018-14498", + "PkgName": "libjpeg62-turbo", + "InstalledVersion": "1:1.5.2-2", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "libjpeg-turbo: heap-based buffer over-read via crafted 8-bit BMP in get_8bit_row in rdbmp.c leads to denial of service", + "Description": "get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2018-14498.html", + "http://linux.oracle.com/errata/ELSA-2019-3705.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14498", + "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9c78a04df4e44ef6487eee99c4258397f4fdca55", + "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/258", + "https://github.com/mozilla/mozjpeg/issues/299", + "https://lists.debian.org/debian-lts-announce/2019/03/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7YP4QUEYGHI4Q7GIAVFVKWQ7DJMBYLU/", + ], + }, + { + "VulnerabilityID": "TEMP-0772585-D41D8C", + "PkgName": "libjson-glib-1.0-0", + "InstalledVersion": "1.4.4-2", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Severity": "LOW", + }, + { + "VulnerabilityID": "TEMP-0772585-D41D8C", + "PkgName": "libjson-glib-1.0-common", + "InstalledVersion": "1.4.4-2", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Severity": "LOW", + }, + { + "VulnerabilityID": "CVE-2018-5709", + "PkgName": "libk5crypto3", + "InstalledVersion": "1.17-3", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "krb5: integer overflow in dbentry-\u003en_key_data in kadmin/dbutil/dump.c", + "Description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable \"dbentry-\u003en_key_data\" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a \"u4\" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + ], + }, + { + "VulnerabilityID": "CVE-2004-0971", + "PkgName": "libk5crypto3", + "InstalledVersion": "1.17-3", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "security flaw", + "Description": "The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.", + "Severity": "LOW", + "References": + [ + "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304", + "http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml", + "http://www.redhat.com/support/errata/RHSA-2005-012.html", + "http://www.securityfocus.com/bid/11289", + "http://www.trustix.org/errata/2004/0050", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497", + ], + }, + { + "VulnerabilityID": "CVE-2018-5709", + "PkgName": "libkrb5-3", + "InstalledVersion": "1.17-3", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "krb5: integer overflow in dbentry-\u003en_key_data in kadmin/dbutil/dump.c", + "Description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable \"dbentry-\u003en_key_data\" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a \"u4\" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + ], + }, + { + "VulnerabilityID": "CVE-2004-0971", + "PkgName": "libkrb5-3", + "InstalledVersion": "1.17-3", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "security flaw", + "Description": "The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.", + "Severity": "LOW", + "References": + [ + "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304", + "http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml", + "http://www.redhat.com/support/errata/RHSA-2005-012.html", + "http://www.securityfocus.com/bid/11289", + "http://www.trustix.org/errata/2004/0050", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497", + ], + }, + { + "VulnerabilityID": "CVE-2018-5709", + "PkgName": "libkrb5support0", + "InstalledVersion": "1.17-3", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "krb5: integer overflow in dbentry-\u003en_key_data in kadmin/dbutil/dump.c", + "Description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable \"dbentry-\u003en_key_data\" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a \"u4\" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", + ], + }, + { + "VulnerabilityID": "CVE-2004-0971", + "PkgName": "libkrb5support0", + "InstalledVersion": "1.17-3", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "security flaw", + "Description": "The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.", + "Severity": "LOW", + "References": + [ + "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304", + "http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml", + "http://www.redhat.com/support/errata/RHSA-2005-012.html", + "http://www.securityfocus.com/bid/11289", + "http://www.trustix.org/errata/2004/0050", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497", + ], + }, + { + "VulnerabilityID": "CVE-2015-3276", + "PkgName": "libldap-2.4-2", + "InstalledVersion": "2.4.47+dfsg-3+deb10u1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "openldap: incorrect multi-keyword mode cipherstring parsing", + "Description": "The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2015-3276.html", + "http://linux.oracle.com/errata/ELSA-2015-2131.html", + "http://rhn.redhat.com/errata/RHSA-2015-2131.html", + "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "http://www.securitytracker.com/id/1034221", + "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", + ], + }, + { + "VulnerabilityID": "CVE-2017-17740", + "PkgName": "libldap-2.4-2", + "InstalledVersion": "2.4.47+dfsg-3+deb10u1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers to cause a denial of service", + "Description": "contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", + "http://www.openldap.org/its/index.cgi/Incoming?id=8759", + ], + }, + { + "VulnerabilityID": "CVE-2017-14159", + "PkgName": "libldap-2.4-2", + "InstalledVersion": "2.4.47+dfsg-3+deb10u1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "openldap: Privilege escalation via PID file manipulation", + "Description": 'slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command, as demonstrated by openldap-initscript.', + "Severity": "LOW", + "References": ["http://www.openldap.org/its/index.cgi?findid=8703"], + }, + { + "VulnerabilityID": "CVE-2015-3276", + "PkgName": "libldap-common", + "InstalledVersion": "2.4.47+dfsg-3+deb10u1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "openldap: incorrect multi-keyword mode cipherstring parsing", + "Description": "The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2015-3276.html", + "http://linux.oracle.com/errata/ELSA-2015-2131.html", + "http://rhn.redhat.com/errata/RHSA-2015-2131.html", + "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "http://www.securitytracker.com/id/1034221", + "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", + ], + }, + { + "VulnerabilityID": "CVE-2017-17740", + "PkgName": "libldap-common", + "InstalledVersion": "2.4.47+dfsg-3+deb10u1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers to cause a denial of service", + "Description": "contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", + "http://www.openldap.org/its/index.cgi/Incoming?id=8759", + ], + }, + { + "VulnerabilityID": "CVE-2017-14159", + "PkgName": "libldap-common", + "InstalledVersion": "2.4.47+dfsg-3+deb10u1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "openldap: Privilege escalation via PID file manipulation", + "Description": 'slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command, as demonstrated by openldap-initscript.', + "Severity": "LOW", + "References": ["http://www.openldap.org/its/index.cgi?findid=8703"], + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "liblsan0", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "liblsan0", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": 'gcc: POWER9 "DARN" RNG intrinsic produces repeated output', + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + ], + }, + { + "VulnerabilityID": "CVE-2019-17543", + "PkgName": "liblz4-1", + "InstalledVersion": "1.8.3-1", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "lz4: heap-based buffer overflow in LZ4_write32", + "Description": 'LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."', + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", + "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", + "https://github.com/lz4/lz4/issues/801", + "https://github.com/lz4/lz4/pull/756", + "https://github.com/lz4/lz4/pull/760", + "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E", + ], + }, + { + "VulnerabilityID": "CVE-2018-15607", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: CPU Exhaustion via crafted input file", + "Description": "In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.", + "Severity": "HIGH", + "References": + [ + "http://linux.oracle.com/cve/CVE-2018-15607.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/105137", + "https://github.com/ImageMagick/ImageMagick/issues/1255", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-11470", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: denial of service in cineon parsing component", + "Description": "The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.", + "Severity": "HIGH", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11470.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", + "https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957", + "https://github.com/ImageMagick/ImageMagick/issues/1472", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19948", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.", + "Severity": "HIGH", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-19948.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", + "https://github.com/ImageMagick/ImageMagick/issues/1562", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html", + ], + }, + { + "VulnerabilityID": "CVE-2008-3134", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "GraphicsMagick/ImageMagick: multiple crash or DoS issues", + "Description": "Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html", + "http://secunia.com/advisories/30879", + "http://secunia.com/advisories/32151", + "http://sourceforge.net/forum/forum.php?forum_id=841176", + "http://sourceforge.net/project/shownotes.php?release_id=610253", + "http://www.securityfocus.com/bid/30055", + "http://www.securitytracker.com/id?1020413", + "http://www.vupen.com/english/advisories/2008/1984/references", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3134", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43511", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43513", + ], + }, + { + "VulnerabilityID": "CVE-2016-8678", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Heap-buffer overflow in IsPixelMonochrome", + "Description": 'The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says "This is a Q64 issue and we do not support Q64."', + "Severity": "MEDIUM", + "References": + [ + "http://www.openwall.com/lists/oss-security/2016/10/16/2", + "http://www.openwall.com/lists/oss-security/2016/12/08/18", + "http://www.securityfocus.com/bid/93599", + "https://bugzilla.redhat.com/show_bug.cgi?id=1385694", + "https://github.com/ImageMagick/ImageMagick/issues/272", + ], + }, + { + "VulnerabilityID": "CVE-2017-11754", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.", + "Severity": "MEDIUM", + "References": + ["https://github.com/ImageMagick/ImageMagick/issues/633"], + }, + { + "VulnerabilityID": "CVE-2017-11755", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.", + "Severity": "MEDIUM", + "References": + ["https://github.com/ImageMagick/ImageMagick/issues/634"], + }, + { + "VulnerabilityID": "CVE-2017-7275", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866)", + "Description": "The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/97166", + "https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/", + "https://github.com/ImageMagick/ImageMagick/issues/271", + ], + }, + { + "VulnerabilityID": "CVE-2019-10649", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in SVGKeyValuePairs of coders/svg.c that leads to denial of service via crafted image file", + "Description": "In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107645", + "https://github.com/ImageMagick/ImageMagick/issues/1533", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-11472", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component", + "Description": "ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11472.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://github.com/ImageMagick/ImageMagick/issues/1546", + "https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-11597", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11597.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", + "https://github.com/ImageMagick/ImageMagick/issues/1555", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-11598", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11598.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", + "https://github.com/ImageMagick/ImageMagick/issues/1540", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-12974", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service", + "Description": "A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12974.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", + "https://github.com/ImageMagick/ImageMagick/issues/1515", + ], + }, + { + "VulnerabilityID": "CVE-2019-12975", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12975.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1517", + ], + }, + { + "VulnerabilityID": "CVE-2019-12976", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12976.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1520", + ], + }, + { + "VulnerabilityID": "CVE-2019-12977", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: use of uninitialised value in function WriteJP2Image in coders/jp2.c", + "Description": 'ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c.', + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1518", + ], + }, + { + "VulnerabilityID": "CVE-2019-12978", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c", + "Description": 'ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c.', + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12978.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1519", + ], + }, + { + "VulnerabilityID": "CVE-2019-12979", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c", + "Description": 'ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.', + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12979.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1522", + ], + }, + { + "VulnerabilityID": "CVE-2019-13135", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": 'ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS', + "Description": 'ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.', + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13135.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", + "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d", + "https://github.com/ImageMagick/ImageMagick/issues/1599", + "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13137", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: a memory leak vulnerability in the function ReadPSImage in coders/ps.c", + "Description": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34", + "https://github.com/ImageMagick/ImageMagick/issues/1601", + "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b", + ], + }, + { + "VulnerabilityID": "CVE-2019-13295", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13295.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", + "https://github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc", + "https://github.com/ImageMagick/ImageMagick/issues/1608", + "https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13297", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13297.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", + "https://github.com/ImageMagick/ImageMagick/commit/604588fc35c7585abb7a9e71f69bb82e4389fefc", + "https://github.com/ImageMagick/ImageMagick/issues/1609", + "https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13300", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13300.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a", + "https://github.com/ImageMagick/ImageMagick/issues/1586", + "https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450", + ], + }, + { + "VulnerabilityID": "CVE-2019-13301", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks in AcquireMagickMemory", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13301.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025", + "https://github.com/ImageMagick/ImageMagick/issues/1585", + "https://github.com/ImageMagick/ImageMagick/issues/1589", + ], + }, + { + "VulnerabilityID": "CVE-2019-13304", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13304.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", + "https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e", + "https://github.com/ImageMagick/ImageMagick/issues/1614", + "https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13305", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13305.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", + "https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888", + "https://github.com/ImageMagick/ImageMagick/issues/1613", + "https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13306", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13306.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", + "https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd", + "https://github.com/ImageMagick/ImageMagick/issues/1612", + "https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13307", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13307.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48", + "https://github.com/ImageMagick/ImageMagick/issues/1615", + "https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe", + ], + }, + { + "VulnerabilityID": "CVE-2019-13308", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow in MagickCore/fourier.c in ComplexImage", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/61135001a625364e29bdce83832f043eebde7b5a", + "https://github.com/ImageMagick/ImageMagick/issues/1595", + "https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01", + ], + }, + { + "VulnerabilityID": "CVE-2019-13309", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13309.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51", + ], + }, + { + "VulnerabilityID": "CVE-2019-13310", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13310.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51", + ], + }, + { + "VulnerabilityID": "CVE-2019-13311", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13311.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/4a334bbf5584de37c6f5a47c380a531c8c4b140a", + "https://github.com/ImageMagick/ImageMagick/issues/1623", + "https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91", + ], + }, + { + "VulnerabilityID": "CVE-2019-13391", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in MagickCore/fourier.c", + "Description": "In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7", + "https://github.com/ImageMagick/ImageMagick/issues/1588", + "https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984", + ], + }, + { + "VulnerabilityID": "CVE-2019-13454", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c", + "Description": "ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13454.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "http://www.securityfocus.com/bid/109099", + "https://github.com/ImageMagick/ImageMagick/commit/1ddcf2e4f28029a888cadef2e757509ef5047ad8", + "https://github.com/ImageMagick/ImageMagick/issues/1629", + "https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4", + ], + }, + { + "VulnerabilityID": "CVE-2019-14981", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c", + "Description": "In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-14981.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", + "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc", + "https://github.com/ImageMagick/ImageMagick/issues/1552", + "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15139", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c", + "Description": "The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-15139.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", + "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7", + "https://github.com/ImageMagick/ImageMagick/issues/1553", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15140", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Use after free in ReadMATImage in coders/mat.c", + "Description": "coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-15140.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", + "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0", + "https://github.com/ImageMagick/ImageMagick/issues/1554", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-16708", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in magick/xwindow.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16708.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16709", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in coders/dps.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16709.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531", + ], + }, + { + "VulnerabilityID": "CVE-2019-16710", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16710.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1528", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16711", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c", + "Description": "ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16711.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1542", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16712", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16712.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1557", + ], + }, + { + "VulnerabilityID": "CVE-2019-16713", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16713.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1558", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19949", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-19949.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", + "https://github.com/ImageMagick/ImageMagick/issues/1561", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-7175", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: memory leak in function DecodeImage in coders/pcd.c", + "Description": "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-7175.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", + "https://github.com/ImageMagick/ImageMagick/issues/1450", + ], + }, + { + "VulnerabilityID": "CVE-2019-7395", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the WritePSDChannel function in coders/psd.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106850", + "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06", + "https://github.com/ImageMagick/ImageMagick/issues/1451", + ], + }, + { + "VulnerabilityID": "CVE-2019-7396", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the ReadSIXELImage function in coders/sixel.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://www.securityfocus.com/bid/106849", + "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce", + "https://github.com/ImageMagick/ImageMagick/issues/1452", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-7397", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c", + "Description": "In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.", + "Severity": "MEDIUM", + "References": + [ + "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1", + "http://linux.oracle.com/cve/CVE-2019-7397.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106847", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", + "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82", + "https://github.com/ImageMagick/ImageMagick/issues/1454", + ], + }, + { + "VulnerabilityID": "CVE-2019-7398", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-7398.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106848", + "https://github.com/ImageMagick/ImageMagick/issues/1453", + ], + }, + { + "VulnerabilityID": "CVE-2020-10251", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: out-of-bounds read in ReadHEICImageByID function in coders/heic.c", + "Description": "In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.", + "Severity": "MEDIUM", + "References": + ["https://github.com/ImageMagick/ImageMagick/issues/1859"], + }, + { + "VulnerabilityID": "CVE-2005-0406", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Description": "A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.", + "Severity": "LOW", + "References": + [ + "http://seclists.org/lists/fulldisclosure/2005/Feb/0343.html", + "http://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt", + ], + }, + { + "VulnerabilityID": "CVE-2018-15607", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: CPU Exhaustion via crafted input file", + "Description": "In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.", + "Severity": "HIGH", + "References": + [ + "http://linux.oracle.com/cve/CVE-2018-15607.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/105137", + "https://github.com/ImageMagick/ImageMagick/issues/1255", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-11470", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: denial of service in cineon parsing component", + "Description": "The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.", + "Severity": "HIGH", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11470.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", + "https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957", + "https://github.com/ImageMagick/ImageMagick/issues/1472", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19948", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.", + "Severity": "HIGH", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-19948.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", + "https://github.com/ImageMagick/ImageMagick/issues/1562", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html", + ], + }, + { + "VulnerabilityID": "CVE-2008-3134", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "GraphicsMagick/ImageMagick: multiple crash or DoS issues", + "Description": "Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html", + "http://secunia.com/advisories/30879", + "http://secunia.com/advisories/32151", + "http://sourceforge.net/forum/forum.php?forum_id=841176", + "http://sourceforge.net/project/shownotes.php?release_id=610253", + "http://www.securityfocus.com/bid/30055", + "http://www.securitytracker.com/id?1020413", + "http://www.vupen.com/english/advisories/2008/1984/references", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3134", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43511", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43513", + ], + }, + { + "VulnerabilityID": "CVE-2016-8678", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Heap-buffer overflow in IsPixelMonochrome", + "Description": 'The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says "This is a Q64 issue and we do not support Q64."', + "Severity": "MEDIUM", + "References": + [ + "http://www.openwall.com/lists/oss-security/2016/10/16/2", + "http://www.openwall.com/lists/oss-security/2016/12/08/18", + "http://www.securityfocus.com/bid/93599", + "https://bugzilla.redhat.com/show_bug.cgi?id=1385694", + "https://github.com/ImageMagick/ImageMagick/issues/272", + ], + }, + { + "VulnerabilityID": "CVE-2017-11754", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.", + "Severity": "MEDIUM", + "References": + ["https://github.com/ImageMagick/ImageMagick/issues/633"], + }, + { + "VulnerabilityID": "CVE-2017-11755", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.", + "Severity": "MEDIUM", + "References": + ["https://github.com/ImageMagick/ImageMagick/issues/634"], + }, + { + "VulnerabilityID": "CVE-2017-7275", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866)", + "Description": "The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/97166", + "https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/", + "https://github.com/ImageMagick/ImageMagick/issues/271", + ], + }, + { + "VulnerabilityID": "CVE-2019-10649", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in SVGKeyValuePairs of coders/svg.c that leads to denial of service via crafted image file", + "Description": "In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/107645", + "https://github.com/ImageMagick/ImageMagick/issues/1533", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-11472", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component", + "Description": "ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11472.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://github.com/ImageMagick/ImageMagick/issues/1546", + "https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-11597", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11597.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", + "https://github.com/ImageMagick/ImageMagick/issues/1555", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-11598", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-11598.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", + "https://github.com/ImageMagick/ImageMagick/issues/1540", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-12974", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service", + "Description": "A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12974.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", + "https://github.com/ImageMagick/ImageMagick/issues/1515", + ], + }, + { + "VulnerabilityID": "CVE-2019-12975", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12975.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1517", + ], + }, + { + "VulnerabilityID": "CVE-2019-12976", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12976.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1520", + ], + }, + { + "VulnerabilityID": "CVE-2019-12977", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: use of uninitialised value in function WriteJP2Image in coders/jp2.c", + "Description": 'ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c.', + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1518", + ], + }, + { + "VulnerabilityID": "CVE-2019-12978", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c", + "Description": 'ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c.', + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12978.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1519", + ], + }, + { + "VulnerabilityID": "CVE-2019-12979", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c", + "Description": 'ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.', + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12979.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1522", + ], + }, + { + "VulnerabilityID": "CVE-2019-13135", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": 'ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS', + "Description": 'ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.', + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13135.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", + "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d", + "https://github.com/ImageMagick/ImageMagick/issues/1599", + "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13137", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: a memory leak vulnerability in the function ReadPSImage in coders/ps.c", + "Description": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34", + "https://github.com/ImageMagick/ImageMagick/issues/1601", + "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b", + ], + }, + { + "VulnerabilityID": "CVE-2019-13295", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13295.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", + "https://github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc", + "https://github.com/ImageMagick/ImageMagick/issues/1608", + "https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13297", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13297.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", + "https://github.com/ImageMagick/ImageMagick/commit/604588fc35c7585abb7a9e71f69bb82e4389fefc", + "https://github.com/ImageMagick/ImageMagick/issues/1609", + "https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13300", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13300.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a", + "https://github.com/ImageMagick/ImageMagick/issues/1586", + "https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450", + ], + }, + { + "VulnerabilityID": "CVE-2019-13301", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks in AcquireMagickMemory", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13301.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025", + "https://github.com/ImageMagick/ImageMagick/issues/1585", + "https://github.com/ImageMagick/ImageMagick/issues/1589", + ], + }, + { + "VulnerabilityID": "CVE-2019-13304", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13304.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", + "https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e", + "https://github.com/ImageMagick/ImageMagick/issues/1614", + "https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13305", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13305.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", + "https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888", + "https://github.com/ImageMagick/ImageMagick/issues/1613", + "https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13306", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13306.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", + "https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd", + "https://github.com/ImageMagick/ImageMagick/issues/1612", + "https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-13307", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13307.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48", + "https://github.com/ImageMagick/ImageMagick/issues/1615", + "https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe", + ], + }, + { + "VulnerabilityID": "CVE-2019-13308", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer overflow in MagickCore/fourier.c in ComplexImage", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/61135001a625364e29bdce83832f043eebde7b5a", + "https://github.com/ImageMagick/ImageMagick/issues/1595", + "https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01", + ], + }, + { + "VulnerabilityID": "CVE-2019-13309", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13309.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51", + ], + }, + { + "VulnerabilityID": "CVE-2019-13310", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13310.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51", + ], + }, + { + "VulnerabilityID": "CVE-2019-13311", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13311.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/4a334bbf5584de37c6f5a47c380a531c8c4b140a", + "https://github.com/ImageMagick/ImageMagick/issues/1623", + "https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91", + ], + }, + { + "VulnerabilityID": "CVE-2019-13391", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in MagickCore/fourier.c", + "Description": "In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7", + "https://github.com/ImageMagick/ImageMagick/issues/1588", + "https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984", + ], + }, + { + "VulnerabilityID": "CVE-2019-13454", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c", + "Description": "ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-13454.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "http://www.securityfocus.com/bid/109099", + "https://github.com/ImageMagick/ImageMagick/commit/1ddcf2e4f28029a888cadef2e757509ef5047ad8", + "https://github.com/ImageMagick/ImageMagick/issues/1629", + "https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4", + ], + }, + { + "VulnerabilityID": "CVE-2019-14981", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c", + "Description": "In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-14981.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", + "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc", + "https://github.com/ImageMagick/ImageMagick/issues/1552", + "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15139", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c", + "Description": "The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-15139.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", + "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7", + "https://github.com/ImageMagick/ImageMagick/issues/1553", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15140", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Use after free in ReadMATImage in coders/mat.c", + "Description": "coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-15140.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", + "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0", + "https://github.com/ImageMagick/ImageMagick/issues/1554", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-16708", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in magick/xwindow.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16708.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16709", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in coders/dps.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16709.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531", + ], + }, + { + "VulnerabilityID": "CVE-2019-16710", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16710.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1528", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16711", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c", + "Description": "ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16711.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1542", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16712", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16712.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1557", + ], + }, + { + "VulnerabilityID": "CVE-2019-16713", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16713.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1558", + "https://usn.ubuntu.com/4192-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19949", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-19949.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", + "https://github.com/ImageMagick/ImageMagick/issues/1561", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-7175", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "imagemagick: memory leak in function DecodeImage in coders/pcd.c", + "Description": "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-7175.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", + "https://github.com/ImageMagick/ImageMagick/issues/1450", + ], + }, + { + "VulnerabilityID": "CVE-2019-7395", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the WritePSDChannel function in coders/psd.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106850", + "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06", + "https://github.com/ImageMagick/ImageMagick/issues/1451", + ], + }, + { + "VulnerabilityID": "CVE-2019-7396", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the ReadSIXELImage function in coders/sixel.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://www.securityfocus.com/bid/106849", + "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce", + "https://github.com/ImageMagick/ImageMagick/issues/1452", + "https://usn.ubuntu.com/4034-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-7397", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c", + "Description": "In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.", + "Severity": "MEDIUM", + "References": + [ + "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1", + "http://linux.oracle.com/cve/CVE-2019-7397.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106847", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", + "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82", + "https://github.com/ImageMagick/ImageMagick/issues/1454", + ], + }, + { + "VulnerabilityID": "CVE-2019-7398", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-7398.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106848", + "https://github.com/ImageMagick/ImageMagick/issues/1453", + ], + }, + { + "VulnerabilityID": "CVE-2020-10251", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "ImageMagick: out-of-bounds read in ReadHEICImageByID function in coders/heic.c", + "Description": "In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.", + "Severity": "MEDIUM", + "References": + ["https://github.com/ImageMagick/ImageMagick/issues/1859"], + }, + { + "VulnerabilityID": "CVE-2005-0406", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Description": "A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.", + "Severity": "LOW", + "References": + [ + "http://seclists.org/lists/fulldisclosure/2005/Feb/0343.html", + "http://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt", + ], + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libmpx2", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libmpx2", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": 'gcc: POWER9 "DARN" RNG intrinsic produces repeated output', + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + ], + }, + { + "VulnerabilityID": "TEMP-0000000-A4EF31", + "PkgName": "libnghttp2-14", + "InstalledVersion": "1.36.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Severity": "LOW", + }, + { + "VulnerabilityID": "CVE-2017-17479", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "openjpeg: Stack-buffer overflow in the pgxtoimage function", + "Description": "In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtoimage function in jpwl/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.", + "Severity": "HIGH", + "References": ["https://github.com/uclouvain/openjpeg/issues/1044"], + }, + { + "VulnerabilityID": "CVE-2018-7648", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Description": "An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line.", + "Severity": "HIGH", + "References": + [ + "https://github.com/kbabioch/openjpeg/commit/6d8c0c06ee32dc03ba80acd48334e98728e56cf5", + "https://github.com/uclouvain/openjpeg/issues/1088", + ], + }, + { + "VulnerabilityID": "CVE-2016-10505", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "openjpeg: NULL pointer dereference in imagetopnm function in convert.c", + "Description": "NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/uclouvain/openjpeg/issues/776", + "https://github.com/uclouvain/openjpeg/issues/784", + "https://github.com/uclouvain/openjpeg/issues/785", + "https://github.com/uclouvain/openjpeg/issues/792", + "https://security.gentoo.org/glsa/201710-26", + ], + }, + { + "VulnerabilityID": "CVE-2016-10506", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "openjpeg: Division by zero in functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c", + "Description": "Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/100573", + "https://github.com/uclouvain/openjpeg/commit/d27ccf01c68a31ad62b33d2dc1ba2bb1eeaafe7b", + "https://github.com/uclouvain/openjpeg/issues/731", + "https://github.com/uclouvain/openjpeg/issues/732", + "https://github.com/uclouvain/openjpeg/issues/777", + "https://github.com/uclouvain/openjpeg/issues/778", + "https://github.com/uclouvain/openjpeg/issues/779", + "https://github.com/uclouvain/openjpeg/issues/780", + "https://security.gentoo.org/glsa/201710-26", + ], + }, + { + "VulnerabilityID": "CVE-2016-9113", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues", + "Description": "There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image-\u003ecomps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/93980", + "https://github.com/uclouvain/openjpeg/issues/856", + "https://security.gentoo.org/glsa/201710-26", + ], + }, + { + "VulnerabilityID": "CVE-2016-9114", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues", + "Description": "There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image-\u003ecomps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/93979", + "https://github.com/uclouvain/openjpeg/issues/857", + "https://security.gentoo.org/glsa/201710-26", + ], + }, + { + "VulnerabilityID": "CVE-2016-9115", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues", + "Description": "Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/93977", + "https://github.com/uclouvain/openjpeg/issues/858", + "https://security.gentoo.org/glsa/201710-26", + ], + }, + { + "VulnerabilityID": "CVE-2016-9116", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues", + "Description": "NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/93975", + "https://github.com/uclouvain/openjpeg/issues/859", + "https://security.gentoo.org/glsa/201710-26", + ], + }, + { + "VulnerabilityID": "CVE-2016-9117", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues", + "Description": "NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/93783", + "https://github.com/uclouvain/openjpeg/issues/860", + "https://security.gentoo.org/glsa/201710-26", + ], + }, + { + "VulnerabilityID": "CVE-2016-9580", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "openjpeg2: Integer overflow in tiftoimage causes heap buffer overflow", + "Description": "An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/94822", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9580", + "https://github.com/szukw000/openjpeg/commit/cadff5fb6e73398de26a92e96d3d7cac893af255", + "https://github.com/uclouvain/openjpeg/issues/871", + "https://security.gentoo.org/glsa/201710-26", + ], + }, + { + "VulnerabilityID": "CVE-2016-9581", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "openjpeg2: Infinite loop in tiftoimage resulting into heap buffer overflow in convert_32s_C1P1", + "Description": "An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/94822", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9581", + "https://github.com/szukw000/openjpeg/commit/cadff5fb6e73398de26a92e96d3d7cac893af255", + "https://github.com/uclouvain/openjpeg/issues/872", + "https://security.gentoo.org/glsa/201710-26", + ], + }, + { + "VulnerabilityID": "CVE-2018-16375", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "openjpeg: Heap-based buffer overflow in pnmtoimage function in bin/jpwl/convert.c", + "Description": "An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/105266", + "https://github.com/uclouvain/openjpeg/issues/1126", + ], + }, + { + "VulnerabilityID": "CVE-2018-16376", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "openjpeg: Heap-based buffer overflow in function t2_encode_packet in src/lib/openmj2/t2.c", + "Description": "An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/105262", + "https://github.com/uclouvain/openjpeg/issues/1127", + ], + }, + { + "VulnerabilityID": "CVE-2018-20845", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "openjpeg: division-by-zero in function pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c", + "Description": "Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108921", + "https://github.com/uclouvain/openjpeg/pull/1168/commits/c5bd64ea146162967c29bd2af0cbb845ba3eaaaf", + ], + }, + { + "VulnerabilityID": "CVE-2018-20846", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "openjpeg: out-of-bounds read in functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c leads to denial of service", + "Description": "Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108921", + "https://github.com/uclouvain/openjpeg/pull/1168/commits/c277159986c80142180fbe5efb256bbf3bdf3edc", + ], + }, + { + "VulnerabilityID": "CVE-2018-5727", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "openjpeg: integer overflow in opj_t1_encode_cblks in src/lib/openjp2/t1.c", + "Description": "In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.", + "Severity": "MEDIUM", + "References": ["https://github.com/uclouvain/openjpeg/issues/1053"], + }, + { + "VulnerabilityID": "CVE-2019-12973", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "openjpeg: denial of service in function opj_t1_encode_cblks in openjp2/t1.c", + "Description": "In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00088.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00090.html", + "http://www.securityfocus.com/bid/108900", + "https://github.com/uclouvain/openjpeg/commit/8ee335227bbcaf1614124046aa25e53d67b11ec3", + "https://github.com/uclouvain/openjpeg/pull/1185/commits/cbe7384016083eac16078b359acd7a842253d503", + ], + }, + { + "VulnerabilityID": "CVE-2019-6988", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "openjpeg: DoS via memory exhaustion in opj_decompress", + "Description": "An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c, as demonstrated by the 64-bit opj_decompress.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/106785", + "https://github.com/uclouvain/openjpeg/issues/1178", + ], + }, + { + "VulnerabilityID": "CVE-2020-6851", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor()", + "Description": "OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2020-6851.html", + "http://linux.oracle.com/errata/ELSA-2020-0274.html", + "https://access.redhat.com/errata/RHSA-2020:0262", + "https://access.redhat.com/errata/RHSA-2020:0274", + "https://access.redhat.com/errata/RHSA-2020:0296", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851", + "https://github.com/uclouvain/openjpeg/issues/1228", + "https://lists.debian.org/debian-lts-announce/2020/01/msg00025.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LACIIDDCKZJEPKTTFILSOSBQL7L3FC6V/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBRMI2D3XPVWKE3V52KRBW7BJVLS5LD3/", + ], + }, + { + "VulnerabilityID": "CVE-2020-8112", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "openjpeg: heap-based buffer overflow in pj_t1_clbl_decode_processor in openjp2/t1.c", + "Description": "opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2020-8112.html", + "http://linux.oracle.com/errata/ELSA-2020-0570.html", + "https://access.redhat.com/errata/RHSA-2020:0550", + "https://access.redhat.com/errata/RHSA-2020:0569", + "https://access.redhat.com/errata/RHSA-2020:0570", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112", + "https://github.com/uclouvain/openjpeg/issues/1231", + "https://lists.debian.org/debian-lts-announce/2020/01/msg00035.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFEVEKETJV7GOXD5RDWL35ESEDHC663E/", + ], + }, + { + "VulnerabilityID": "CVE-2019-3843", + "PkgName": "libpam-systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "systemd: services with DynamicUser can create SUID/SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108116", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2019-3844", + "PkgName": "libpam-systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108096", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2020-1712", + "PkgName": "libpam-systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "systemd: use-after-free when asynchronous polkit queries are performed", + "Description": "A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2020-1712.html", + "http://linux.oracle.com/errata/ELSA-2020-0575.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712", + "https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54", + "https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb", + "https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d", + "https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2", + "https://www.openwall.com/lists/oss-security/2020/02/05/1", + ], + }, + { + "VulnerabilityID": "CVE-2013-4392", + "PkgName": "libpam-systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "systemd: TOCTOU race condition when updating file permissions and SELinux security contexts", + "Description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "Severity": "LOW", + "References": + [ + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + ], + }, + { + "VulnerabilityID": "CVE-2019-20386", + "PkgName": "libpam-systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "systemd: a memory leak was discovered in button_open in login/logind-button.c when udev events are received", + "Description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", + "Severity": "LOW", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "https://security.netapp.com/advisory/ntap-20200210-0002/", + "https://usn.ubuntu.com/4269-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-20454", + "PkgName": "libpcre2-8-0", + "InstalledVersion": "10.32-5", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "pcre: out-of-bounds read in JIT mode when \\X is used in non-UTF mode", + "Description": "An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \\X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. The flaw occurs in do_extuni_no_utf in pcre2_jit_compile.c.", + "Severity": "MEDIUM", + "References": + [ + "https://bugs.exim.org/show_bug.cgi?id=2421", + "https://bugs.php.net/bug.php?id=78338", + "https://bugzilla.redhat.com/show_bug.cgi?id=1735494", + "https://vcs.pcre.org/pcre2?view=revision\u0026revision=1092", + ], + }, + { + "VulnerabilityID": "CVE-2017-11164", + "PkgName": "libpcre3", + "InstalledVersion": "2:8.39-12", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", + "Description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", + "Severity": "HIGH", + "References": + [ + "http://openwall.com/lists/oss-security/2017/07/11/3", + "http://www.securityfocus.com/bid/99575", + ], + }, + { + "VulnerabilityID": "CVE-2017-7245", + "PkgName": "libpcre3", + "InstalledVersion": "2:8.39-12", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "Description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://security.gentoo.org/glsa/201710-25", + ], + }, + { + "VulnerabilityID": "CVE-2017-7246", + "PkgName": "libpcre3", + "InstalledVersion": "2:8.39-12", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "Description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://security.gentoo.org/glsa/201710-25", + ], + }, + { + "VulnerabilityID": "CVE-2017-16231", + "PkgName": "libpcre3", + "InstalledVersion": "2:8.39-12", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", + "Description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", + "Severity": "LOW", + "References": + [ + "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", + "http://seclists.org/fulldisclosure/2018/Dec/33", + "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "http://www.securityfocus.com/bid/101688", + "https://bugs.exim.org/show_bug.cgi?id=2047", + ], + }, + { + "VulnerabilityID": "CVE-2011-4116", + "PkgName": "libperl5.28", + "InstalledVersion": "5.28.1-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "perl: File::Temp insecure temporary file handling", + "Description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", + "Severity": "MEDIUM", + "References": + [ + "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "https://seclists.org/oss-sec/2011/q4/238", + ], + }, + { + "VulnerabilityID": "CVE-2018-14048", + "PkgName": "libpng16-16", + "InstalledVersion": "1.6.36-6", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "libpng: Segmentation fault in png.c:png_free_data function causing denial of service", + "Description": "An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.", + "Severity": "MEDIUM", + "References": + [ + "http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html", + "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", + "https://github.com/fouzhe/security/tree/master/libpng", + "https://github.com/glennrp/libpng/issues/238", + "https://seclists.org/bugtraq/2019/Apr/30", + "https://security.gentoo.org/glsa/201908-02", + ], + }, + { + "VulnerabilityID": "CVE-2018-14550", + "PkgName": "libpng16-16", + "InstalledVersion": "1.6.36-6", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "libpng: Stack-based buffer overflow in contrib/pngminus/pnm2png.c:get_token() potentially leading to arbitrary code execution", + "Description": "An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/fouzhe/security/tree/master/libpng#stack-buffer-overflow-in-png2pnm-in-function-get_token", + "https://github.com/glennrp/libpng/issues/246", + "https://security.gentoo.org/glsa/201908-02", + ], + }, + { + "VulnerabilityID": "CVE-2019-6129", + "PkgName": "libpng16-16", + "InstalledVersion": "1.6.36-6", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "libpng: memory leak of png_info struct in pngcp.c", + "Description": '** DISPUTED ** png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don''t think it is libpng''s job to free this buffer."', + "Severity": "MEDIUM", + "References": + [ + "https://github.com/glennrp/libpng/issues/269", + "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", + ], + }, + { + "VulnerabilityID": "CVE-2020-8492", + "PkgName": "libpython3.7-minimal", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS", + "Description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.", + "Severity": "HIGH", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", + "https://bugs.python.org/issue39503", + "https://github.com/python/cpython/pull/18284", + "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html", + "https://security.netapp.com/advisory/ntap-20200221-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2017-17522", + "PkgName": "libpython3.7-minimal", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "python: Command injection in Lib/webbrowser.py", + "Description": "** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/102207", + "https://bugs.python.org/issue32367", + "https://security-tracker.debian.org/tracker/CVE-2017-17522", + ], + }, + { + "VulnerabilityID": "CVE-2019-18348", + "PkgName": "libpython3.7-minimal", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "python: CRLF injection via the host part of the url passed to urlopen()", + "Description": "An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.)", + "Severity": "MEDIUM", + "References": + [ + "https://bugs.python.org/issue30458#msg347282", + "https://bugzilla.redhat.com/show_bug.cgi?id=1727276", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/", + "https://security.netapp.com/advisory/ntap-20191107-0004/", + ], + }, + { + "VulnerabilityID": "CVE-2019-9674", + "PkgName": "libpython3.7-minimal", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "python: Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py", + "Description": "Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", + "https://bugs.python.org/issue36260", + "https://bugs.python.org/issue36462", + "https://github.com/python/cpython/blob/master/Lib/zipfile.py", + "https://python-security.readthedocs.io/security.html#archives-and-zip-bomb", + "https://security.netapp.com/advisory/ntap-20200221-0003/", + "https://www.python.org/news/security/", + ], + }, + { + "VulnerabilityID": "CVE-2020-8492", + "PkgName": "libpython3.7-stdlib", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS", + "Description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.", + "Severity": "HIGH", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", + "https://bugs.python.org/issue39503", + "https://github.com/python/cpython/pull/18284", + "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html", + "https://security.netapp.com/advisory/ntap-20200221-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2017-17522", + "PkgName": "libpython3.7-stdlib", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "python: Command injection in Lib/webbrowser.py", + "Description": "** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/102207", + "https://bugs.python.org/issue32367", + "https://security-tracker.debian.org/tracker/CVE-2017-17522", + ], + }, + { + "VulnerabilityID": "CVE-2019-18348", + "PkgName": "libpython3.7-stdlib", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "python: CRLF injection via the host part of the url passed to urlopen()", + "Description": "An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.)", + "Severity": "MEDIUM", + "References": + [ + "https://bugs.python.org/issue30458#msg347282", + "https://bugzilla.redhat.com/show_bug.cgi?id=1727276", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/", + "https://security.netapp.com/advisory/ntap-20191107-0004/", + ], + }, + { + "VulnerabilityID": "CVE-2019-9674", + "PkgName": "libpython3.7-stdlib", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "python: Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py", + "Description": "Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", + "https://bugs.python.org/issue36260", + "https://bugs.python.org/issue36462", + "https://github.com/python/cpython/blob/master/Lib/zipfile.py", + "https://python-security.readthedocs.io/security.html#archives-and-zip-bomb", + "https://security.netapp.com/advisory/ntap-20200221-0003/", + "https://www.python.org/news/security/", + ], + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libquadmath0", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libquadmath0", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": 'gcc: POWER9 "DARN" RNG intrinsic produces repeated output', + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + ], + }, + { + "VulnerabilityID": "CVE-2019-20446", + "PkgName": "librsvg2-2", + "InstalledVersion": "2.44.10-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "librsvg: Resource exhaustion via crafted SVG file with nested patterns", + "Description": "In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00024.html", + "https://gitlab.gnome.org/GNOME/librsvg/issues/515", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/", + ], + }, + { + "VulnerabilityID": "CVE-2019-20446", + "PkgName": "librsvg2-bin", + "InstalledVersion": "2.44.10-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "librsvg: Resource exhaustion via crafted SVG file with nested patterns", + "Description": "In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00024.html", + "https://gitlab.gnome.org/GNOME/librsvg/issues/515", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/", + ], + }, + { + "VulnerabilityID": "CVE-2019-20446", + "PkgName": "librsvg2-common", + "InstalledVersion": "2.44.10-2.1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "librsvg: Resource exhaustion via crafted SVG file with nested patterns", + "Description": "In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00024.html", + "https://gitlab.gnome.org/GNOME/librsvg/issues/515", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/", + ], + }, + { + "VulnerabilityID": "CVE-2019-9893", + "PkgName": "libseccomp2", + "InstalledVersion": "2.3.3-4", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "libseccomp: incorrect generation of syscall filters in libseccomp", + "Description": "libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.", + "Severity": "HIGH", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-9893.html", + "http://linux.oracle.com/errata/ELSA-2019-3624.html", + "https://github.com/seccomp/libseccomp/issues/139", + "https://seclists.org/oss-sec/2019/q1/179", + "https://security.gentoo.org/glsa/201904-18", + "https://usn.ubuntu.com/4001-1/", + "https://usn.ubuntu.com/4001-2/", + ], + }, + { + "VulnerabilityID": "CVE-2020-11656", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "sqlite: use-after-free in the ALTER TABLE implementation", + "Description": "In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.", + "Severity": "HIGH", + "References": + [ + "https://security.netapp.com/advisory/ntap-20200416-0001/", + "https://www.sqlite.org/src/info/d09f8c3621d5f7f8", + "https://www3.sqlite.org/cgi/src/info/b64674919f673602", + ], + }, + { + "VulnerabilityID": "CVE-2019-16168", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "sqlite: division by zero in whereLoopAddBtreeIndex in sqlite3.c", + "Description": 'In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."', + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00032.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00033.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XZARJHJJDBHI7CE5PZEBXS5HKK6HXKW2/", + "https://security.netapp.com/advisory/ntap-20190926-0003/", + "https://security.netapp.com/advisory/ntap-20200122-0003/", + "https://usn.ubuntu.com/4205-1/", + "https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg116312.html", + "https://www.oracle.com/security-alerts/cpujan2020.html", + "https://www.sqlite.org/src/info/e4598ecbdd18bd82945f6029013296690e719a62", + "https://www.sqlite.org/src/timeline?c=98357d8c1263920b", + ], + }, + { + "VulnerabilityID": "CVE-2019-19242", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "sqlite: SQL injection in sqlite3ExprCodeTarget in expr.c", + "Description": "SQLite 3.30.1 mishandles pExpr-\u003ey.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/sqlite/sqlite/commit/57f7ece78410a8aae86aa4625fb7556897db384c", + "https://usn.ubuntu.com/4205-1/", + "https://www.oracle.com/security-alerts/cpuapr2020.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-19244", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "sqlite: allows a crash if a sub-select uses both DISTINCT and window functions and also has certain ORDER BY usage", + "Description": "sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/sqlite/sqlite/commit/e59c562b3f6894f84c715772c4b116d7b5c01348", + "https://usn.ubuntu.com/4205-1/", + "https://www.oracle.com/security-alerts/cpuapr2020.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-19603", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "sqlite: mishandles certain SELECT statements with a nonexistent VIEW, leading to DoS", + "Description": "SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/sqlite/sqlite/commit/527cbd4a104cb93bf3994b3dd3619a6299a78b13", + "https://security.netapp.com/advisory/ntap-20191223-0001/", + "https://www.oracle.com/security-alerts/cpuapr2020.html", + "https://www.sqlite.org/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19923", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "sqlite: mishandling of certain uses of SELECT DISTINCT involving a LEFT JOIN in flattenSubquery in select.c leads to a NULL pointer dereference", + "Description": "flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).", + "Severity": "MEDIUM", + "References": + [ + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19923", + "https://github.com/sqlite/sqlite/commit/396afe6f6aa90a31303c183e11b2b2d4b7956b35", + "https://security.netapp.com/advisory/ntap-20200114-0003/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19924", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rewriting", + "Description": "SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/sqlite/sqlite/commit/8654186b0236d556aa85528c2573ee0b6ab71be3", + "https://security.netapp.com/advisory/ntap-20200114-0003/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19925", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "sqlite: zipfileUpdate in ext/misc/zipfile.c mishandles a NULL pathname during an update of a ZIP archive", + "Description": "zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.", + "Severity": "MEDIUM", + "References": + [ + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19925", + "https://github.com/sqlite/sqlite/commit/54d501092d88c0cf89bec4279951f548fb0b8618", + "https://security.netapp.com/advisory/ntap-20200114-0003/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19959", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "sqlite: mishandles certain uses of INSERT INTO in situations involving embedded '\\0' characters in filenames", + "Description": "ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/sqlite/sqlite/commit/1e490c4ca6b43a9cf8637d695907888349f69bec", + "https://github.com/sqlite/sqlite/commit/d8f2d46cbc9925e034a68aaaf60aad788d9373c1", + "https://security.netapp.com/advisory/ntap-20200204-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-20218", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "sqlite: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error", + "Description": "selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/sqlite/sqlite/commit/a6c1a71cde082e09750465d5675699062922e387", + "https://usn.ubuntu.com/4298-1/", + ], + }, + { + "VulnerabilityID": "CVE-2020-11655", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "sqlite: malformed window-function query leads to DoS", + "Description": "SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.", + "Severity": "MEDIUM", + "References": + [ + "https://security.netapp.com/advisory/ntap-20200416-0001/", + "https://www3.sqlite.org/cgi/src/info/4a302b42c7bf5e11", + "https://www3.sqlite.org/cgi/src/tktview?name=af4556bb5c", + ], + }, + { + "VulnerabilityID": "CVE-2020-9327", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "sqlite: NULL pointer dereference and segmentation fault because of generated column optimizations", + "Description": "In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.", + "Severity": "MEDIUM", + "References": + [ + "https://security.gentoo.org/glsa/202003-16", + "https://security.netapp.com/advisory/ntap-20200313-0002/", + "https://usn.ubuntu.com/4298-1/", + "https://www.sqlite.org/cgi/src/info/4374860b29383380", + "https://www.sqlite.org/cgi/src/info/9d0d4ab95dc0c56e", + "https://www.sqlite.org/cgi/src/info/abc473fb8fb99900", + ], + }, + { + "VulnerabilityID": "CVE-2019-19645", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "sqlite: infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements", + "Description": "alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.", + "Severity": "LOW", + "References": + [ + "https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06", + "https://security.netapp.com/advisory/ntap-20191223-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-13115", + "PkgName": "libssh2-1", + "InstalledVersion": "1.8.0-2.1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "libssh2: integer overflow in kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c leads to out-of-bounds write", + "Description": "In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.", + "Severity": "MEDIUM", + "References": + [ + "https://blog.semmle.com/libssh2-integer-overflow/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13115", + "https://github.com/libssh2/libssh2/compare/02ecf17...42d37aa", + "https://github.com/libssh2/libssh2/pull/350", + "https://libssh2.org/changes.html", + "https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-17498", + "PkgName": "libssh2-1", + "InstalledVersion": "1.8.0-2.1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "libssh2: integer overflow in SSH_MSG_DISCONNECT logic in packet.c", + "Description": "In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html", + "https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17498", + "https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498", + "https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480", + "https://github.com/libssh2/libssh2/pull/402/commits/1c6fa92b77e34d089493fe6d3e2c6c8775858b94", + "https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/", + ], + }, + { + "VulnerabilityID": "CVE-2007-6755", + "PkgName": "libssl1.1", + "InstalledVersion": "1.1.1d-0+deb10u3", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "Dual_EC_DRBG: weak pseudo random number generator", + "Description": 'The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.', + "Severity": "MEDIUM", + "References": + [ + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + ], + }, + { + "VulnerabilityID": "CVE-2010-0928", + "PkgName": "libssl1.1", + "InstalledVersion": "1.1.1d-0+deb10u3", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "openssl: RSA authentication weakness", + "Description": 'OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."', + "Severity": "MEDIUM", + "References": + [ + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + ], + }, + { + "VulnerabilityID": "CVE-2019-1551", + "PkgName": "libssl1.1", + "InstalledVersion": "1.1.1d-0+deb10u3", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", + "Description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html", + "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98", + "https://github.com/openssl/openssl/pull/10575", + "https://seclists.org/bugtraq/2019/Dec/39", + "https://seclists.org/bugtraq/2019/Dec/46", + "https://security.netapp.com/advisory/ntap-20191210-0001/", + "https://www.debian.org/security/2019/dsa-4594", + "https://www.openssl.org/news/secadv/20191206.txt", + "https://www.tenable.com/security/tns-2019-09", + ], + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libstdc++-8-dev", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libstdc++-8-dev", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": 'gcc: POWER9 "DARN" RNG intrinsic produces repeated output', + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + ], + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libstdc++6", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libstdc++6", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": 'gcc: POWER9 "DARN" RNG intrinsic produces repeated output', + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + ], + }, + { + "VulnerabilityID": "CVE-2019-3843", + "PkgName": "libsystemd0", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "systemd: services with DynamicUser can create SUID/SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108116", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2019-3844", + "PkgName": "libsystemd0", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108096", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2020-1712", + "PkgName": "libsystemd0", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "systemd: use-after-free when asynchronous polkit queries are performed", + "Description": "A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2020-1712.html", + "http://linux.oracle.com/errata/ELSA-2020-0575.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712", + "https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54", + "https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb", + "https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d", + "https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2", + "https://www.openwall.com/lists/oss-security/2020/02/05/1", + ], + }, + { + "VulnerabilityID": "CVE-2013-4392", + "PkgName": "libsystemd0", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "systemd: TOCTOU race condition when updating file permissions and SELinux security contexts", + "Description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "Severity": "LOW", + "References": + [ + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + ], + }, + { + "VulnerabilityID": "CVE-2019-20386", + "PkgName": "libsystemd0", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "systemd: a memory leak was discovered in button_open in login/logind-button.c when udev events are received", + "Description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", + "Severity": "LOW", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "https://security.netapp.com/advisory/ntap-20200210-0002/", + "https://usn.ubuntu.com/4269-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-1000654", + "PkgName": "libtasn1-6", + "InstalledVersion": "4.13-3", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion", + "Description": "GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file.", + "Severity": "HIGH", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html", + "http://www.securityfocus.com/bid/105151", + "https://gitlab.com/gnutls/libtasn1/issues/4", + ], + }, + { + "VulnerabilityID": "CVE-2017-9117", + "PkgName": "libtiff5", + "InstalledVersion": "4.1.0+git191117-2~deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "libtiff: Heap-based buffer over-read in bmp2tiff", + "Description": "In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, leading to a heap-based buffer over-read in bmp2tiff.", + "Severity": "HIGH", + "References": + [ + "http://bugzilla.maptools.org/show_bug.cgi?id=2690", + "http://www.securityfocus.com/bid/98581", + "https://usn.ubuntu.com/3606-1/", + ], + }, + { + "VulnerabilityID": "CVE-2014-8130", + "PkgName": "libtiff5", + "InstalledVersion": "4.1.0+git191117-2~deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "libtiff: divide by zero in the tiffdither tool", + "Description": "The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.", + "Severity": "MEDIUM", + "References": + [ + "http://bugzilla.maptools.org/show_bug.cgi?id=2483", + "http://linux.oracle.com/cve/CVE-2014-8130.html", + "http://linux.oracle.com/errata/ELSA-2016-1547.html", + "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html", + "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html", + "http://openwall.com/lists/oss-security/2015/01/24/15", + "http://rhn.redhat.com/errata/RHSA-2016-1546.html", + "http://rhn.redhat.com/errata/RHSA-2016-1547.html", + "http://support.apple.com/kb/HT204941", + "http://support.apple.com/kb/HT204942", + "http://www.conostix.com/pub/adv/CVE-2014-8130-LibTIFF-Division_By_Zero.txt", + "http://www.securityfocus.com/bid/72353", + "http://www.securitytracker.com/id/1032760", + "https://bugzilla.redhat.com/show_bug.cgi?id=1185817", + "https://github.com/vadz/libtiff/commit/3c5eb8b1be544e41d2c336191bc4936300ad7543", + "https://security.gentoo.org/glsa/201701-16", + ], + }, + { + "VulnerabilityID": "CVE-2017-16232", + "PkgName": "libtiff5", + "InstalledVersion": "4.1.0+git191117-2~deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "libtiff: Memory leaks in tif_open.c, tif_lzw.c, and tif_aux.c", + "Description": "** DISPUTED ** LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00036.html", + "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00041.html", + "http://packetstormsecurity.com/files/150896/LibTIFF-4.0.8-Memory-Leak.html", + "http://seclists.org/fulldisclosure/2018/Dec/32", + "http://seclists.org/fulldisclosure/2018/Dec/47", + "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "http://www.securityfocus.com/bid/101696", + ], + }, + { + "VulnerabilityID": "CVE-2017-17973", + "PkgName": "libtiff5", + "InstalledVersion": "4.1.0+git191117-2~deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "libtiff: heap-based use after free in tiff2pdf.c:t2p_writeproc", + "Description": "** DISPUTED ** In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue.", + "Severity": "MEDIUM", + "References": + [ + "http://bugzilla.maptools.org/show_bug.cgi?id=2769", + "http://www.securityfocus.com/bid/102331", + "https://bugzilla.novell.com/show_bug.cgi?id=1074318", + "https://bugzilla.redhat.com/show_bug.cgi?id=1530912", + ], + }, + { + "VulnerabilityID": "CVE-2017-5563", + "PkgName": "libtiff5", + "InstalledVersion": "4.1.0+git191117-2~deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "libtiff: Heap-buffer overflow in LZWEncode tif_lzw.c", + "Description": "LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.", + "Severity": "MEDIUM", + "References": + [ + "http://bugzilla.maptools.org/show_bug.cgi?id=2664", + "http://www.securityfocus.com/bid/95705", + "https://security.gentoo.org/glsa/201709-27", + "https://usn.ubuntu.com/3606-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-10126", + "PkgName": "libtiff5", + "InstalledVersion": "4.1.0+git191117-2~deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "libtiff: NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c", + "Description": "LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c.", + "Severity": "MEDIUM", + "References": ["http://bugzilla.maptools.org/show_bug.cgi?id=2786"], + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libtsan0", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libtsan0", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": 'gcc: POWER9 "DARN" RNG intrinsic produces repeated output', + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + ], + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libubsan1", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": + [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libubsan1", + "InstalledVersion": "8.3.0-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": 'gcc: POWER9 "DARN" RNG intrinsic produces repeated output', + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481", + ], + }, + { + "VulnerabilityID": "CVE-2019-3843", + "PkgName": "libudev1", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "systemd: services with DynamicUser can create SUID/SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108116", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2019-3844", + "PkgName": "libudev1", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108096", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2020-1712", + "PkgName": "libudev1", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "systemd: use-after-free when asynchronous polkit queries are performed", + "Description": "A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2020-1712.html", + "http://linux.oracle.com/errata/ELSA-2020-0575.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712", + "https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54", + "https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb", + "https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d", + "https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2", + "https://www.openwall.com/lists/oss-security/2020/02/05/1", + ], + }, + { + "VulnerabilityID": "CVE-2013-4392", + "PkgName": "libudev1", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "systemd: TOCTOU race condition when updating file permissions and SELinux security contexts", + "Description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "Severity": "LOW", + "References": + [ + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + ], + }, + { + "VulnerabilityID": "CVE-2019-20386", + "PkgName": "libudev1", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "systemd: a memory leak was discovered in button_open in login/logind-button.c when udev events are received", + "Description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", + "Severity": "LOW", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "https://security.netapp.com/advisory/ntap-20200210-0002/", + "https://usn.ubuntu.com/4269-1/", + ], + }, + { + "VulnerabilityID": "CVE-2016-9085", + "PkgName": "libwebp6", + "InstalledVersion": "0.6.1-2", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "libwebp: Several integer overflows", + "Description": "Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors.", + "Severity": "HIGH", + "References": + [ + "http://www.openwall.com/lists/oss-security/2016/10/27/3", + "http://www.securityfocus.com/bid/93928", + "https://bugzilla.redhat.com/show_bug.cgi?id=1389338", + "https://chromium.googlesource.com/webm/libwebp/+/e2affacc35f1df6cc3b1a9fa0ceff5ce2d0cce83", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LG5Q42J7EJDKQKWTTHCO4YZMOMP74YPQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTR2ZW67TMT7KC24RBENIF25KWUJ7VPD/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SH6X3MWD5AHZC5JT4625PGFHAYLR7YW7/", + "https://security.gentoo.org/glsa/201701-61", + ], + }, + { + "VulnerabilityID": "CVE-2016-9085", + "PkgName": "libwebpmux3", + "InstalledVersion": "0.6.1-2", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "libwebp: Several integer overflows", + "Description": "Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors.", + "Severity": "HIGH", + "References": + [ + "http://www.openwall.com/lists/oss-security/2016/10/27/3", + "http://www.securityfocus.com/bid/93928", + "https://bugzilla.redhat.com/show_bug.cgi?id=1389338", + "https://chromium.googlesource.com/webm/libwebp/+/e2affacc35f1df6cc3b1a9fa0ceff5ce2d0cce83", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LG5Q42J7EJDKQKWTTHCO4YZMOMP74YPQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTR2ZW67TMT7KC24RBENIF25KWUJ7VPD/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SH6X3MWD5AHZC5JT4625PGFHAYLR7YW7/", + "https://security.gentoo.org/glsa/201701-61", + ], + }, + { + "VulnerabilityID": "CVE-2016-9318", + "PkgName": "libxml2", + "InstalledVersion": "2.9.4+dfsg1-7", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "libxml2: XML External Entity vulnerability", + "Description": "libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/94347", + "https://bugzilla.gnome.org/show_bug.cgi?id=772726", + "https://github.com/lsh123/xmlsec/issues/43", + "https://security.gentoo.org/glsa/201711-01", + "https://usn.ubuntu.com/3739-1/", + "https://usn.ubuntu.com/3739-2/", + ], + }, + { + "VulnerabilityID": "CVE-2017-16932", + "PkgName": "libxml2", + "InstalledVersion": "2.9.4+dfsg1-7", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "libxml2: Infinite recursion in parameter entities", + "Description": "parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.", + "Severity": "MEDIUM", + "References": + [ + "http://xmlsoft.org/news.html", + "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html", + "https://bugzilla.gnome.org/show_bug.cgi?id=759579", + "https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961", + "https://github.com/sparklemotion/nokogiri/issues/1714", + "https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html", + "https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-16932.html", + "https://usn.ubuntu.com/3739-1/", + "https://usn.ubuntu.com/usn/usn-3504-1/", + ], + }, + { + "VulnerabilityID": "CVE-2017-18258", + "PkgName": "libxml2", + "InstalledVersion": "2.9.4+dfsg1-7", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", + "Description": "The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2017-18258.html", + "http://linux.oracle.com/errata/ELSA-2020-1190.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18258", + "https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb", + "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10284", + "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html", + "https://security.netapp.com/advisory/ntap-20190719-0001/", + "https://usn.ubuntu.com/3739-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-14404", + "PkgName": "libxml2", + "InstalledVersion": "2.9.4+dfsg1-7", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", + "Description": "A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2018-14404.html", + "http://linux.oracle.com/errata/ELSA-2020-1190.html", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817", + "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14404", + "https://github.com/sparklemotion/nokogiri/issues/1785", + "https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74", + "https://gitlab.gnome.org/GNOME/libxml2/commit/a436374994c47b12d5de1b8b1d191a098fa23594", + "https://gitlab.gnome.org/GNOME/libxml2/issues/10", + "https://groups.google.com/forum/#!msg/ruby-security-ann/uVrmO2HjqQw/Fw3ocLI0BQAJ", + "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html", + "https://usn.ubuntu.com/3739-1/", + "https://usn.ubuntu.com/3739-2/", + ], + }, + { + "VulnerabilityID": "CVE-2018-14567", + "PkgName": "libxml2", + "InstalledVersion": "2.9.4+dfsg1-7", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", + "Description": "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2018-14567.html", + "http://linux.oracle.com/errata/ELSA-2020-1190.html", + "http://www.securityfocus.com/bid/105198", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14567", + "https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74", + "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html", + "https://usn.ubuntu.com/3739-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19956", + "PkgName": "libxml2", + "InstalledVersion": "2.9.4+dfsg1-7", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "libxml2: There's a memory leak in xmlParseBalancedChunkMemoryRecover in parser.c that could result in a crash", + "Description": "xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc-\u003eoldNs.", + "Severity": "MEDIUM", + "References": + [ + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19956", + "https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00032.html", + "https://security.netapp.com/advisory/ntap-20200114-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2019-20388", + "PkgName": "libxml2", + "InstalledVersion": "2.9.4+dfsg1-7", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c", + "Description": "xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.", + "Severity": "MEDIUM", + "References": + [ + "https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/", + ], + }, + { + "VulnerabilityID": "CVE-2020-7595", + "PkgName": "libxml2", + "InstalledVersion": "2.9.4+dfsg1-7", + "Layer": + { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6", + }, + "Title": "libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations", + "Description": "xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/sparklemotion/nokogiri/issues/1992", + "https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/", + "https://usn.ubuntu.com/4274-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19814", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: out-of-bounds write in __remove_dirty_segment in fs/f2fs/segment.c", + "Description": "In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.", + "Severity": "CRITICAL", + "References": + [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19814", + "https://security.netapp.com/advisory/ntap-20200103-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19816", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: out-of-bounds write in __btrfs_map_block in fs/btrfs/volumes.c", + "Description": "In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandled.", + "Severity": "CRITICAL", + "References": + [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19816", + "https://security.netapp.com/advisory/ntap-20200103-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2008-4609", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: TCP protocol vulnerabilities from Outpost24", + "Description": "The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.", + "Severity": "HIGH", + "References": + [ + "http://blog.robertlee.name/2008/10/conjecture-speculation.html", + "http://insecure.org/stf/tcp-dos-attack-explained.html", + "http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html", + "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2", + "http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked", + "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml", + "http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html", + "http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf", + "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", + "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html", + "http://www.outpost24.com/news/news-2008-10-02.html", + "http://www.us-cert.gov/cas/techalerts/TA09-251A.html", + "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6340", + "https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html", + ], + }, + { + "VulnerabilityID": "CVE-2013-7445", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: memory exhaustion via crafted Graphics Execution Manager (GEM) objects", + "Description": "The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.", + "Severity": "HIGH", + "References": ["https://bugzilla.kernel.org/show_bug.cgi?id=60533"], + }, + { + "VulnerabilityID": "CVE-2018-20669", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: missing access_ok() checks in i915_gem_execbuffer2_ioctl() results in privilege escalation", + "Description": "An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.", + "Severity": "HIGH", + "References": + [ + "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c", + "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html", + "http://www.openwall.com/lists/oss-security/2019/01/23/6", + "http://www.securityfocus.com/bid/106748", + "https://access.redhat.com/security/cve/cve-2018-20669", + "https://security.netapp.com/advisory/ntap-20190404-0002/", + "https://support.f5.com/csp/article/K32059550", + ], + }, + { + "VulnerabilityID": "CVE-2019-12456", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: double fetch in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c", + "Description": '** DISPUTED ** An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a "double fetch" vulnerability. NOTE: a third party reports that this is unexploitable because the doubly fetched value is not used.', + "Severity": "HIGH", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=1717182", + "https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=5.3/scsi-queue\u0026id=86e5aca7fa2927060839f3e3b40c8bd65a7e8d1e", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDURACJVGIBIYBSGDZJTRDPX46H5WPZW/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBJHGQXA4PQ5EOGCOXEH3KFDNVZ2I4X7/", + "https://lkml.org/lkml/2019/5/29/1164", + ], + }, + { + "VulnerabilityID": "CVE-2019-12615", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: null pointer dereference in get_vdev_port_node_info in arch /sparc/kernel/mdesc.c", + "Description": "An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup_const of node_info-\u003evdev_port.name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).", + "Severity": "HIGH", + "References": + [ + "http://www.securityfocus.com/bid/108549", + "https://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc.git/commit/?id=80caf43549e7e41a695c6d1e11066286538b336f", + "https://security.netapp.com/advisory/ntap-20190710-0002/", + "https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg2014901.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-16229", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: null pointer dereference in drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c", + "Description": "** DISPUTED ** drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: The security community disputes this issues as not being serious enough to be deserving a CVE id.", + "Severity": "HIGH", + "References": + [ + "https://bugzilla.suse.com/show_bug.cgi?id=1150469#c3", + "https://lkml.org/lkml/2019/9/9/487", + "https://security.netapp.com/advisory/ntap-20191004-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16230", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: null pointer dereference in drivers/gpu/drm/radeon/radeon_display.c", + "Description": "** DISPUTED ** drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: A third-party software maintainer states that the work queue allocation is happening during device initialization, which for a graphics card occurs during boot. It is not attacker controllable and OOM at that time is highly unlikely.", + "Severity": "HIGH", + "References": + [ + "https://bugzilla.suse.com/show_bug.cgi?id=1150468", + "https://lkml.org/lkml/2019/9/9/487", + "https://security.netapp.com/advisory/ntap-20191004-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16231", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c", + "Description": "drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.", + "Severity": "HIGH", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16231.html", + "http://linux.oracle.com/errata/ELSA-2020-5533.html", + "https://lkml.org/lkml/2019/9/9/487", + "https://security.netapp.com/advisory/ntap-20191004-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16232", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: null-pointer dereference in drivers/net/wireless/marvell/libertas/if_sdio.c", + "Description": "drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.", + "Severity": "HIGH", + "References": + [ + "https://lkml.org/lkml/2019/9/9/487", + "https://security.netapp.com/advisory/ntap-20191004-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16233", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: null pointer dereference in drivers/scsi/qla2xxx/qla_os.c", + "Description": "drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.", + "Severity": "HIGH", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-16233.html", + "http://linux.oracle.com/errata/ELSA-2020-5508.html", + "https://lkml.org/lkml/2019/9/9/487", + "https://security.netapp.com/advisory/ntap-20191004-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-16234", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: null pointer dereference in drivers/net/wireless/intel/iwlwifi/pcie/trans.c", + "Description": "drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.", + "Severity": "HIGH", + "References": + [ + "https://lkml.org/lkml/2019/9/9/487", + "https://security.netapp.com/advisory/ntap-20191004-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-18814", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: use-after-free in aa_audit_rule_init() in security/apparmor/audit.c", + "Description": "An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_audit_rule_init() in security/apparmor/audit.c.", + "Severity": "HIGH", + "References": + [ + "https://lore.kernel.org/patchwork/patch/1142523/", + "https://support.f5.com/csp/article/K21561554?utm_source=f5support\u0026amp;utm_medium=RSS", + ], + }, + { + "VulnerabilityID": "CVE-2019-19054", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c allows attackers to cause a DoS", + "Description": "A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.", + "Severity": "HIGH", + "References": + [ + "https://github.com/torvalds/linux/commit/a7b2df76b42bdd026e3106cf2ba97db41345a177", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19061", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c allows for a DoS", + "Description": "A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3.", + "Severity": "HIGH", + "References": + [ + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9", + "https://github.com/torvalds/linux/commit/9c0530e898f384c5d279bfcebd8bb17af1105873", + "https://security.netapp.com/advisory/ntap-20191205-0001/", + "https://usn.ubuntu.com/4208-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19064", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c allows for a DoS", + "Description": "** DISPUTED ** A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering pm_runtime_get_sync() failures, aka CID-057b8945f78f. NOTE: third parties dispute the relevance of this because an attacker cannot realistically control these failures at probe time.", + "Severity": "HIGH", + "References": + [ + "https://bugzilla.suse.com/show_bug.cgi?id=1157300", + "https://github.com/torvalds/linux/commit/057b8945f78f76d0b04eeb5c27cd9225e5e7ad86", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19067", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c allow for a DoS", + "Description": "** DISPUTED ** Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures, aka CID-57be09c6e874. NOTE: third parties dispute the relevance of this because the attacker must already have privileges for module loading.", + "Severity": "HIGH", + "References": + [ + "https://bugzilla.suse.com/show_bug.cgi?id=1157180", + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8", + "https://github.com/torvalds/linux/commit/57be09c6e8747bf48704136d9e3f92bfb93f5725", + ], + }, + { + "VulnerabilityID": "CVE-2019-19070", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c allows for a DoS", + "Description": "** DISPUTED ** A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering devm_add_action_or_reset() failures, aka CID-d3b0ffa1d75d. NOTE: third parties dispute the relevance of this because the system must have already been out of memory before the probe began.", + "Severity": "HIGH", + "References": + [ + "https://bugzilla.suse.com/show_bug.cgi?id=1157294", + "https://github.com/torvalds/linux/commit/d3b0ffa1d75d5305ebe34735598993afbb8a869d", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19072", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c allows for a DoS", + "Description": "A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6.", + "Severity": "HIGH", + "References": + [ + "https://github.com/torvalds/linux/commit/96c5c6e6a5b6db592acae039fed54b5c8844cd35", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19074", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: a memory leak in the ath9k management function in allows local DoS", + "Description": "A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.", + "Severity": "HIGH", + "References": + [ + "https://github.com/torvalds/linux/commit/728c1e2a05e4b5fc52fab3421dce772a806612a2", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19813", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: use-after-free in __mutex_lock in kernel/locking/mutex.c", + "Description": "In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_meta in fs/btrfs/qgroup.c, and btrfs_insert_delayed_items in fs/btrfs/delayed-inode.c.", + "Severity": "HIGH", + "References": + [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19813", + "https://security.netapp.com/advisory/ntap-20200103-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19815", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: NULL pointer dereference in f2fs_recover_fsync_data in fs/f2fs/recovery.c", + "Description": "In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause a NULL pointer dereference in f2fs_recover_fsync_data in fs/f2fs/recovery.c. This is related to F2FS_P_SB in fs/f2fs/f2fs.h.", + "Severity": "HIGH", + "References": + [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19815", + "https://github.com/torvalds/linux/commit/4969c06a0d83c9c3dc50b8efcdc8eeedfce896f6#diff-41a7fa4590d2af87e82101f2b4dadb56", + "https://security.netapp.com/advisory/ntap-20200103-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2020-1749", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: some ipv6 protocols not encrypted over ipsec tunnel.", + "Description": "A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data unencrypted. This would allow anyone in between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.", + "Severity": "HIGH", + }, + { + "VulnerabilityID": "CVE-2004-0230", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Description": "TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.", + "Severity": "MEDIUM", + "References": + [ + "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc", + "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt", + "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt", + "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt", + "ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc", + "http://kb.juniper.net/JSA10638", + "http://marc.info/?l=bugtraq\u0026m=108302060014745\u0026w=2", + "http://marc.info/?l=bugtraq\u0026m=108506952116653\u0026w=2", + "http://secunia.com/advisories/11440", + "http://secunia.com/advisories/11458", + "http://secunia.com/advisories/22341", + "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml", + "http://www.kb.cert.org/vuls/id/415294", + "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "http://www.osvdb.org/4030", + "http://www.securityfocus.com/archive/1/449179/100/0/threaded", + "http://www.securityfocus.com/bid/10183", + "http://www.uniras.gov.uk/vuls/2004/236929/index.htm", + "http://www.us-cert.gov/cas/techalerts/TA04-111A.html", + "http://www.vupen.com/english/advisories/2006/3983", + "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019", + "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/15886", + "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10053", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711", + ], + }, + { + "VulnerabilityID": "CVE-2005-3660", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Description": "Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service (memory exhaustion and panic) by creating a large number of connected file descriptors or socketpairs and setting a large data transfer buffer, then preventing Linux from being able to finish the transfer by causing the process to become a zombie, or closing the file descriptor without closing an associated reference.", + "Severity": "MEDIUM", + "References": + [ + "http://secunia.com/advisories/18205", + "http://securityreason.com/securityalert/291", + "http://securitytracker.com/id?1015402", + "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=362", + "http://www.securityfocus.com/bid/16041", + "http://www.vupen.com/english/advisories/2005/3076", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/23835", + ], + }, + { + "VulnerabilityID": "CVE-2008-2544", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: mounting proc readonly on a different mount point silently mounts it rw if the /proc mount is rw", + "Description": "No description is available for this CVE.", + "Severity": "MEDIUM", + }, + { + "VulnerabilityID": "CVE-2010-4563", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: ipv6: sniffer detection", + "Description": "The Linux kernel, when using IPv6, allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent, as demonstrated by thcping.", + "Severity": "MEDIUM", + "References": + [ + "http://seclists.org/dailydave/2011/q2/25", + "http://seclists.org/fulldisclosure/2011/Apr/254", + ], + }, + { + "VulnerabilityID": "CVE-2010-5321", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: v4l: videobuf: hotfix a bug on multiple calls to mmap()", + "Description": "Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service (memory consumption) by leveraging /dev/video access for a series of mmap calls that require new allocations, a different vulnerability than CVE-2007-6761. NOTE: as of 2016-06-18, this affects only 11 drivers that have not been updated to use videobuf2 instead of videobuf.", + "Severity": "MEDIUM", + "References": + [ + "http://linuxtv.org/irc/v4l/index.php?date=2010-07-29", + "http://www.openwall.com/lists/oss-security/2015/02/08/4", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827340", + "https://bugzilla.kernel.org/show_bug.cgi?id=120571", + "https://bugzilla.redhat.com/show_bug.cgi?id=620629", + ], + }, + { + "VulnerabilityID": "CVE-2012-4542", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: block: default SCSI command filter does not accommodate commands overlap across device classes", + "Description": "block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SG_IO ioctl call that leverages overlapping opcodes.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2012-4542.html", + "http://linux.oracle.com/errata/ELSA-2013-2534.html", + "http://marc.info/?l=linux-kernel\u0026m=135903967015813\u0026w=2", + "http://marc.info/?l=linux-kernel\u0026m=135904012416042\u0026w=2", + "http://rhn.redhat.com/errata/RHSA-2013-0496.html", + "http://rhn.redhat.com/errata/RHSA-2013-0579.html", + "http://rhn.redhat.com/errata/RHSA-2013-0882.html", + "http://rhn.redhat.com/errata/RHSA-2013-0928.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=875360", + "https://oss.oracle.com/git/?p=redpatch.git;a=commit;h=76a274e17114abf1a77de6b651424648ce9e10c8", + ], + }, + { + "VulnerabilityID": "CVE-2014-9892", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Description": "The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28770164 and Qualcomm internal bug CR568717.", + "Severity": "MEDIUM", + "References": + [ + "http://source.android.com/security/bulletin/2016-08-01.html", + "http://www.securityfocus.com/bid/92222", + "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=591b1f455c32206704cbcf426bb30911c260c33e", + ], + }, + { + "VulnerabilityID": "CVE-2014-9900", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: Info leak in uninitialized structure ethtool_wolinfo in ethtool_get_wol()", + "Description": "The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not initialize a certain data structure, which allows local users to obtain sensitive information via a crafted application, aka Android internal bug 28803952 and Qualcomm internal bug CR570754.", + "Severity": "MEDIUM", + "References": + [ + "http://source.android.com/security/bulletin/2016-08-01.html", + "http://www.securityfocus.com/bid/92222", + "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=63c317dbee97983004dffdd9f742a20d17150071", + ], + }, + { + "VulnerabilityID": "CVE-2016-10723", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Description": '** DISPUTED ** An issue was discovered in the Linux kernel through 4.17.2. Since the page allocator does not yield CPU resources to the owner of the oom_lock mutex, a local unprivileged user can trivially lock up the system forever by wasting CPU resources from the page allocator (e.g., via concurrent page fault events) when the global OOM killer is invoked. NOTE: the software maintainer has not accepted certain proposed patches, in part because of a viewpoint that "the underlying problem is non-trivial to handle."', + "Severity": "MEDIUM", + "References": + [ + "https://patchwork.kernel.org/patch/10395909/", + "https://patchwork.kernel.org/patch/9842889/", + "https://www.spinics.net/lists/linux-mm/msg117896.html", + ], + }, + { + "VulnerabilityID": "CVE-2016-8660", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: xfs: local DoS due to a page lock order bug in the XFS seek hole/data implementation", + "Description": 'The XFS subsystem in the Linux kernel through 4.8.2 allows local users to cause a denial of service (fdatasync failure and system hang) by using the vfs syscall group in the trinity program, related to a "page lock order bug in the XFS seek hole/data implementation."', + "Severity": "MEDIUM", + "References": + [ + "http://www.openwall.com/lists/oss-security/2016/10/13/8", + "http://www.securityfocus.com/bid/93558", + "https://bugzilla.redhat.com/show_bug.cgi?id=1384851", + ], + }, + { + "VulnerabilityID": "CVE-2017-13693", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: ACPI operand cache leak in dsutils.c", + "Description": "The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/100502", + "https://github.com/acpica/acpica/pull/295/commits/987a3b5cf7175916e2a4b6ea5b8e70f830dfe732", + "https://patchwork.kernel.org/patch/9919053/", + ], + }, + { + "VulnerabilityID": "CVE-2018-1121", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "procps-ng, procps: process hiding through race condition enumerating /proc", + "Description": "procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's proc_pid_readdir() returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list is being scanned, and fork/exec to obtain a lower PID, thus avoiding enumeration. An unprivileged attacker can hide a process from procps-ng's utilities by exploiting a race condition in reading /proc/PID entries. This vulnerability affects procps and procps-ng up to version 3.3.15, newer versions might be affected also.", + "Severity": "MEDIUM", + "References": + [ + "http://seclists.org/oss-sec/2018/q2/122", + "http://www.securityfocus.com/bid/104214", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1121", + "https://security.gentoo.org/glsa/201805-14", + "https://www.exploit-db.com/exploits/44806/", + "https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt", + ], + }, + { + "VulnerabilityID": "CVE-2018-12928", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: NULL pointer dereference in hfs_ext_read_extent in hfs.ko", + "Description": "In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/104593", + "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763384", + "https://marc.info/?l=linux-fsdevel\u0026m=152407263325766\u0026w=2", + ], + }, + { + "VulnerabilityID": "CVE-2018-17977", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: Mishandled interactions among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets resulting in a denial of service", + "Description": "The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets, which allows local users to cause a denial of service (memory consumption and system hang) by leveraging root access to execute crafted applications, as demonstrated on CentOS 7.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/105539", + "https://www.openwall.com/lists/oss-security/2018/10/05/5", + ], + }, + { + "VulnerabilityID": "CVE-2018-3693", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "Kernel: speculative bounds check bypass store", + "Description": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2018-3693.html", + "http://linux.oracle.com/errata/ELSA-2018-2390.html", + "https://01.org/security/advisories/intel-oss-10002", + "https://access.redhat.com/errata/RHSA-2018:2384", + "https://access.redhat.com/errata/RHSA-2018:2390", + "https://access.redhat.com/errata/RHSA-2018:2395", + "https://access.redhat.com/errata/RHSA-2019:1946", + "https://access.redhat.com/solutions/3523601", + "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", + "https://people.csail.mit.edu/vlk/spectre11.pdf", + "https://security.netapp.com/advisory/ntap-20180823-0001/", + "https://software.intel.com/sites/default/files/managed/4e/a1/337879-analyzing-potential-bounds-Check-bypass-vulnerabilities.pdf", + "https://thehackernews.com/2018/07/intel-spectre-vulnerability.html", + "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", + "https://www.suse.com/support/kb/doc/?id=7023075", + ], + }, + { + "VulnerabilityID": "CVE-2019-12378", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: unchecked kmalloc of new_ra in ip6_ra_control leads to denial of service", + "Description": "** DISPUTED ** An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12378.html", + "http://linux.oracle.com/errata/ELSA-2019-4746.html", + "http://www.securityfocus.com/bid/108475", + "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=95baa60a0da80a0143e3ddd4d3725758b4513825", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/", + "https://lkml.org/lkml/2019/5/25/229", + ], + }, + { + "VulnerabilityID": "CVE-2019-12379", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: memory leak in con_insert_unipair in drivers/tty/vt/consolemap.c", + "Description": "** DISPUTED ** An issue was discovered in con_insert_unipair in drivers/tty/vt/consolemap.c in the Linux kernel through 5.1.5. There is a memory leak in a certain case of an ENOMEM outcome of kmalloc. NOTE: This id is disputed as not being an issue.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108478", + "https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-next\u0026id=84ecc2f6eb1cb12e6d44818f94fa49b50f06e6ac", + "https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-testing\u0026id=15b3cd8ef46ad1b100e0d3c7e38774f330726820", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/", + "https://security.netapp.com/advisory/ntap-20190710-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2019-12381", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: unchecked kmalloc of new_ra in ip_ra_control leads to denial of service", + "Description": "An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12381.html", + "http://linux.oracle.com/errata/ELSA-2019-4746.html", + "http://www.securityfocus.com/bid/108473", + "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=425aa0e1d01513437668fa3d4a971168bbaa8515", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/", + "https://lkml.org/lkml/2019/5/25/230", + ], + }, + { + "VulnerabilityID": "CVE-2019-12382", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service", + "Description": "An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-12382.html", + "http://linux.oracle.com/errata/ELSA-2020-1016.html", + "http://www.securityfocus.com/bid/108474", + "https://cgit.freedesktop.org/drm/drm-misc/commit/?id=9f1f1a2dab38d4ce87a13565cf4dc1b73bef3a5f", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/", + "https://lkml.org/lkml/2019/5/24/843", + ], + }, + { + "VulnerabilityID": "CVE-2019-12455", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: null pointer dereference in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c causing denial of service", + "Description": "** DISPUTED ** An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c in the Linux kernel through 5.1.5. There is an unchecked kstrndup of derived_name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This id is disputed as not being an issue because β€œThe memory allocation that was not checked is part of a code that only runs at boot time, before user processes are started. Therefore, there is no possibility for an unprivileged user to control it, and no denial of service.”.", + "Severity": "MEDIUM", + "References": + [ + "https://git.kernel.org/pub/scm/linux/kernel/git/sunxi/linux.git/commit/?h=sunxi/clk-for-5.3\u0026id=fcdf445ff42f036d22178b49cf64e92d527c1330", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/", + "https://security.netapp.com/advisory/ntap-20190710-0002/", + "https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg2010240.html", + ], + }, + { + "VulnerabilityID": "CVE-2019-15213", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: use-after-free caused by malicious USB device in drivers/media/usb/dvb-usb/dvb-usb-init.c", + "Description": "An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-15213.html", + "http://linux.oracle.com/errata/ELSA-2019-4872.html", + "http://www.openwall.com/lists/oss-security/2019/08/20/2", + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3", + "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6cf97230cd5f36b7665099083272595c55d72be7", + "https://security.netapp.com/advisory/ntap-20190905-0002/", + "https://syzkaller.appspot.com/bug?id=a53c9c9dd2981bfdbfbcbc1ddbd35595eda8bced", + ], + }, + { + "VulnerabilityID": "CVE-2019-16089", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: Improper return check in nbd_genl_status function in drivers/block/nbd.c", + "Description": "An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.", + "Severity": "MEDIUM", + "References": + [ + "https://lore.kernel.org/patchwork/patch/1106884/", + "https://lore.kernel.org/patchwork/patch/1126650/", + "https://security.netapp.com/advisory/ntap-20191004-0001/", + "https://support.f5.com/csp/article/K03814795?utm_source=f5support\u0026amp;utm_medium=RSS", + ], + }, + { + "VulnerabilityID": "CVE-2019-19036", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: null-pointer dereference in btrfs_root_node in fs/btrfs/ctree.c", + "Description": "btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root-\u003enode) can be zero.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19036", + "https://security.netapp.com/advisory/ntap-20191205-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19046", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: Denial Of Service in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c", + "Description": "** DISPUTED ** A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20. NOTE: third parties dispute the relevance of this because an attacker cannot realistically control this failure at probe time.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html", + "https://bugzilla.suse.com/show_bug.cgi?id=1157304", + "https://github.com/torvalds/linux/commit/4aa7afb0ee20a97fbf0c5bab3df028d5fb85fdab", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/", + "https://usn.ubuntu.com/4302-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19082", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc leads to DoS", + "Description": "Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption). This affects the dce120_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, the dce100_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, and the dce112_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, aka CID-104c307147ad.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html", + "https://github.com/torvalds/linux/commit/104c307147ad379617472dd91a5bcb368d72bd6d", + "https://security.netapp.com/advisory/ntap-20191205-0001/", + "https://usn.ubuntu.com/4258-1/", + "https://usn.ubuntu.com/4284-1/", + "https://usn.ubuntu.com/4287-1/", + "https://usn.ubuntu.com/4287-2/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19083", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc leads to DoS", + "Description": "Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html", + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8", + "https://github.com/torvalds/linux/commit/055e547478a11a6360c7ce05e2afc3e366968a12", + "https://security.netapp.com/advisory/ntap-20191205-0001/", + "https://usn.ubuntu.com/4208-1/", + "https://usn.ubuntu.com/4226-1/", + "https://usn.ubuntu.com/4227-1/", + "https://usn.ubuntu.com/4227-2/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19318", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: use-after-free in rwsem_down_write_slowpath in kernel/locking/rwsem.c", + "Description": "In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19318", + "https://security.netapp.com/advisory/ntap-20200103-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19377", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c", + "Description": "In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19377", + "https://security.netapp.com/advisory/ntap-20200103-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19378", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: out-of-bounds write in index_rbio_pages in fs/btrfs/raid56.c", + "Description": "In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19378", + "https://security.netapp.com/advisory/ntap-20200103-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19448", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c", + "Description": "In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19448", + "https://security.netapp.com/advisory/ntap-20200103-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19449", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c", + "Description": "In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19449", + "https://security.netapp.com/advisory/ntap-20200103-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19462", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: NULL pointer dereference in relay_open in kernel/relay.c", + "Description": "relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.", + "Severity": "MEDIUM", + "References": + [ + "https://lore.kernel.org/lkml/20191129013745.7168-1-dja@axtens.net/", + "https://syzkaller-ppc64.appspot.com/bug?id=1c09906c83a8ea811a9e318c2a4f8e243becc6f8", + "https://syzkaller-ppc64.appspot.com/bug?id=b05b4d005191cc375cdf848c3d4d980308d50531", + "https://syzkaller.appspot.com/bug?id=e4265490d26d6c01cd9bc79dc915ef0a1bf15046", + "https://syzkaller.appspot.com/bug?id=f4d1cb4330bd3ddf4a628332b4285407b2eedd7b", + ], + }, + { + "VulnerabilityID": "CVE-2019-19768", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c", + "Description": "In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-buffer).", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-19768.html", + "http://linux.oracle.com/errata/ELSA-2020-5663.html", + "https://bugzilla.kernel.org/show_bug.cgi?id=205711", + "https://security.netapp.com/advisory/ntap-20200103-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19770", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: use-after-free in debugfs_remove in fs/debugfs/inode.c", + "Description": "** DISPUTED ** In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfs_create_file). NOTE: Linux kernel developers dispute this issue as not being an issue with debugfs, instead this is an issue with misuse of debugfs within blktrace.", + "Severity": "MEDIUM", + "References": + [ + "https://bugzilla.kernel.org/show_bug.cgi?id=205713", + "https://lore.kernel.org/linux-block/20200402000002.7442-1-mcgrof@kernel.org/", + "https://security.netapp.com/advisory/ntap-20200103-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2020-10708", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: race condition in kernel/audit.c may allow low privilege users trigger kernel panic", + "Description": "A race condition flaw was found in the Linux kernel audit subsystem. When the system is configured to panic on events being dropped, an attacker can use this flaw to trigger an audit event that begins while the audit is in the process of starting, causing the system to panic by exploiting a race condition in the audit event handling. This attack results in a denial of service.", + "Severity": "MEDIUM", + "References": + ["https://www.openwall.com/lists/oss-security/2020/04/17/1"], + }, + { + "VulnerabilityID": "CVE-2020-10942", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "Kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field", + "Description": "In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2020-10942.html", + "http://linux.oracle.com/errata/ELSA-2020-5663.html", + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.8", + "https://git.kernel.org/linus/42d84c8490f9f0931786f1623191fcab397c3d64", + "https://lkml.org/lkml/2020/2/15/125", + "https://security.netapp.com/advisory/ntap-20200403-0003/", + ], + }, + { + "VulnerabilityID": "CVE-2020-11565", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c", + "Description": "** DISPUTED ** An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability because the issue β€œis a bug in parsing mount options which can only be specified by a privileged user, so triggering the bug does not grant any powers not already held.”.", + "Severity": "MEDIUM", + "References": + [ + "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=aa9f7d5172fac9bf1f09e678c35e287a40a7b7dd", + "https://github.com/torvalds/linux/commit/aa9f7d5172fac9bf1f09e678c35e287a40a7b7dd", + ], + }, + { + "VulnerabilityID": "CVE-2020-11609", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Description": "An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer dereference, aka CID-485b06aadb93.", + "Severity": "MEDIUM", + "References": + [ + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.1", + "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=485b06aadb933190f4bc44e006076bc27a23f205", + "https://github.com/torvalds/linux/commit/485b06aadb933190f4bc44e006076bc27a23f205", + ], + }, + { + "VulnerabilityID": "CVE-2020-11668", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c", + "Description": "In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.", + "Severity": "MEDIUM", + "References": + [ + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.1", + "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a246b4d547708f33ff4d4b9a7a5dbac741dc89d8", + "https://github.com/torvalds/linux/commit/a246b4d547708f33ff4d4b9a7a5dbac741dc89d8", + ], + }, + { + "VulnerabilityID": "CVE-2020-11669", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: powerpc: guest can cause DoS on POWER9 KVM hosts", + "Description": "An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd.", + "Severity": "MEDIUM", + "References": + [ + "https://access.redhat.com/errata/RHSA-2019:3517", + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2", + "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=53a712bae5dd919521a58d7bad773b949358add0", + "https://github.com/torvalds/linux/commit/53a712bae5dd919521a58d7bad773b949358add0", + "https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208660.html", + "https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208661.html", + "https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208663.html", + ], + }, + { + "VulnerabilityID": "CVE-2020-11725", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: improper handling of private_size*count multiplication due to count=info-\u003eowner typo", + "Description": "** DISPUTED ** snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info-\u003eowner line, which later affects a private_size*count multiplication for unspecified \"interesting side effects.\" NOTE: kernel engineers dispute this finding, because it could be relevant only if new callers were added that were unfamiliar with the misuse of the info-\u003eowner field to represent data unrelated to the \"owner\" concept. The existing callers, SNDRV_CTL_IOCTL_ELEM_ADD and SNDRV_CTL_IOCTL_ELEM_REPLACE, have been designed to misuse the info-\u003eowner field in a safe way.", + "Severity": "MEDIUM", + "References": + [ + "https://github.com/torvalds/linux/blob/3b2549a3740efb8af0150415737067d87e466c5b/sound/core/control.c#L1434-L1474", + "https://lore.kernel.org/alsa-devel/s5h4ktmlfpx.wl-tiwai@suse.de/", + "https://twitter.com/yabbadabbadrew/status/1248632267028582400", + ], + }, + { + "VulnerabilityID": "CVE-2020-7053", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: use-after-free in i915_ppgtt_close in drivers/gpu/drm/i915/i915_gem_gtt.c", + "Description": "In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is related to i915_gem_context_destroy_ioctl in drivers/gpu/drm/i915/i915_gem_context.c.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2020-7053.html", + "http://linux.oracle.com/errata/ELSA-2020-5569.html", + "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1859522", + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2", + "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7dc40713618c884bf07c030d1ab1f47a9dc1f310", + "https://lore.kernel.org/stable/20200114183937.12224-1-tyhicks@canonical.com", + "https://security.netapp.com/advisory/ntap-20200204-0002/", + "https://usn.ubuntu.com/4255-1/", + "https://usn.ubuntu.com/4255-2/", + ], + }, + { + "VulnerabilityID": "CVE-2020-8992", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: soft lockup via a crafted journal size in ext4_protect_reserved_inode in fs/ext4/block_validity.c", + "Description": "ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2020-8992.html", + "http://linux.oracle.com/errata/ELSA-2020-5663.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html", + "https://patchwork.ozlabs.org/patch/1236118/", + "https://security.netapp.com/advisory/ntap-20200313-0003/", + ], + }, + { + "VulnerabilityID": "CVE-2007-3719", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: secretly Monopolizing the CPU Without Superuser Privileges", + "Description": 'The process scheduler in the Linux kernel 2.6.16 gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges."', + "Severity": "LOW", + "References": + [ + "http://osvdb.org/37127", + "http://www.cs.huji.ac.il/~dants/papers/Cheat07Security.pdf", + ], + }, + { + "VulnerabilityID": "CVE-2011-4915", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Description": "fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.", + "Severity": "LOW", + "References": + [ + "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0499680a42141d86417a8fbaa8c8db806bea1201", + "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a2ef990ab5a6705a356d146dd773a3b359787497", + "http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-4915.html", + "http://www.openwall.com/lists/oss-security/2011/11/07/9", + "https://lkml.org/lkml/2011/11/7/340", + "https://seclists.org/oss-sec/2011/q4/571", + "https://security-tracker.debian.org/tracker/CVE-2011-4915", + "https://vigilance.fr/vulnerability/Linux-kernel-information-disclosure-about-keyboard-11131", + ], + }, + { + "VulnerabilityID": "CVE-2011-4917", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Severity": "LOW", + }, + { + "VulnerabilityID": "CVE-2015-2877", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "Kernel: Cross-VM ASL INtrospection (CAIN)", + "Description": '** DISPUTED ** Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAIN) attack. NOTE: the vendor states "Basically if you care about this attack vector, disable deduplication." Share-until-written approaches for memory conservation among mutually untrusting tenants are inherently detectable for information disclosure, and can be classified as potentially misunderstood behaviors rather than vulnerabilities.', + "Severity": "LOW", + "References": + [ + "http://www.antoniobarresi.com/files/cain_advisory.txt", + "http://www.kb.cert.org/vuls/id/935424", + "http://www.securityfocus.com/bid/76256", + "https://bugzilla.redhat.com/show_bug.cgi?id=1252096", + "https://www.kb.cert.org/vuls/id/BGAR-A2CNKG", + "https://www.kb.cert.org/vuls/id/BLUU-9ZAHZH", + "https://www.usenix.org/system/files/conference/woot15/woot15-paper-barresi.pdf", + ], + }, + { + "VulnerabilityID": "CVE-2017-0630", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: Information disclosure vulnerability in kernel trace subsystem", + "Description": "An information disclosure vulnerability in the kernel trace subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34277115.", + "Severity": "LOW", + "References": + [ + "http://www.securityfocus.com/bid/98213", + "https://source.android.com/security/bulletin/2017-05-01", + "https://source.android.com/security/bulletin/2017-05-01#id-in-kernel-trace-subsystem", + ], + }, + { + "VulnerabilityID": "CVE-2017-13694", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: ACPI node and node_ext cache leak", + "Description": "The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and node_ext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.", + "Severity": "LOW", + "References": + [ + "http://www.securityfocus.com/bid/100500", + "https://github.com/acpica/acpica/pull/278/commits/4a0243ecb4c94e2d73510d096c5ea4d0711fc6c0", + "https://patchwork.kernel.org/patch/9806085/", + ], + }, + { + "VulnerabilityID": "CVE-2018-8043", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: NULL pointer dereference in drivers/net/phy/mdio-bcm-unimac.c:unimac_mdio_probe() can lead to denial of service", + "Description": "The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference).", + "Severity": "LOW", + "References": + [ + "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=297a6961ffb8ff4dc66c9fbf53b924bd1dda05d5", + "http://linux.oracle.com/cve/CVE-2018-8043.html", + "http://linux.oracle.com/errata/ELSA-2019-4509.html", + "http://www.securitytracker.com/id/1040749", + "https://github.com/torvalds/linux/commit/297a6961ffb8ff4dc66c9fbf53b924bd1dda05d5", + "https://usn.ubuntu.com/3619-1/", + "https://usn.ubuntu.com/3619-2/", + "https://usn.ubuntu.com/3630-1/", + "https://usn.ubuntu.com/3630-2/", + "https://usn.ubuntu.com/3632-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-11191", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: race condition in load_aout_binary() allows local users to bypass ASLR on setuid a.out programs", + "Description": "The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is called too late in load_aout_binary() in fs/binfmt_aout.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.", + "Severity": "LOW", + "References": + [ + "http://www.openwall.com/lists/oss-security/2019/04/18/5", + "http://www.openwall.com/lists/oss-security/2019/05/22/7", + "http://www.securityfocus.com/bid/107887", + "https://usn.ubuntu.com/4006-1/", + "https://usn.ubuntu.com/4006-2/", + "https://usn.ubuntu.com/4007-1/", + "https://usn.ubuntu.com/4007-2/", + "https://usn.ubuntu.com/4008-1/", + "https://usn.ubuntu.com/4008-3/", + "https://www.openwall.com/lists/oss-security/2019/04/03/4", + "https://www.openwall.com/lists/oss-security/2019/04/03/4/1", + ], + }, + { + "VulnerabilityID": "CVE-2019-12380", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: memory allocation failure in the efi subsystem leads to denial of service", + "Description": "**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed as not being an issue because β€œAll the code touched by the referenced commit runs only at boot, before any user processes are started. Therefore, there is no possibility for an unprivileged user to control it.”.", + "Severity": "LOW", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html", + "http://www.securityfocus.com/bid/108477", + "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=4e78921ba4dd0aca1cc89168f45039add4183f8e", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/", + "https://security.netapp.com/advisory/ntap-20190710-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2019-18808", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c", + "Description": "A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.", + "Severity": "LOW", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html", + "https://github.com/torvalds/linux/commit/128c66429247add5128c03dc1e144ca56f05a4e2", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYIFGYEDQXP5DVJQQUARQRK2PXKBKQGY/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YWWOOJKZ4NQYN4RMFIVJ3ZIXKJJI3MKP/", + "https://security.netapp.com/advisory/ntap-20191205-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-18885", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: fs/btrfs/volumes.c allows a btrfs_verify_dev_extents NULL pointer dereference", + "Description": "fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verify_dev_extents NULL pointer dereference via a crafted btrfs image because fs_devices-\u003edevices is mishandled within find_device, aka CID-09ba3bc9dd15.", + "Severity": "LOW", + "References": + [ + "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=09ba3bc9dd150457c506e4661380a6183af651c1", + "https://github.com/bobfuzzer/CVE-2019-18885", + "https://github.com/torvalds/linux/commit/09ba3bc9dd150457c506e4661380a6183af651c1", + "https://security.netapp.com/advisory/ntap-20191205-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-19039", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: information disclosure in __btrfs_free_extent in fs/btrfs/extent-tree.c", + "Description": "** DISPUTED ** __btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: The BTRFS development team disputes this issues as not being a vulnerability because β€œ1) The kernel provide facilities to restrict access to dmesg - dmesg_restrict=1 sysctl option. So it's really up to the system administrator to judge whether dmesg access shall be disallowed or not. 2) WARN/WARN_ON are widely used macros in the linux kernel. If this CVE is considered valid this would mean there are literally thousands CVE lurking in the kernel - something which clearly is not the case.”", + "Severity": "LOW", + "References": + ["https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19039"], + }, + { + "VulnerabilityID": "CVE-2019-19073", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel (DOS)", + "Description": "Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10.", + "Severity": "LOW", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html", + "https://github.com/torvalds/linux/commit/853acf7caf10b828102d92d05b5c101666a6142b", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/", + "https://security.netapp.com/advisory/ntap-20191205-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2019-3016", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: kvm: Information leak within a KVM guest", + "Description": "In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out.", + "Severity": "LOW", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-3016.html", + "http://linux.oracle.com/errata/ELSA-2020-5533.html", + "http://packetstormsecurity.com/files/157233/Kernel-Live-Patch-Security-Notice-LSN-0065-1.html", + "http://www.openwall.com/lists/oss-security/2020/01/30/4", + "https://bugzilla.redhat.com/show_bug.cgi?id=1792167", + "https://git.kernel.org/linus/1eff70a9abd46f175defafd29bc17ad456f398a7", + "https://git.kernel.org/linus/8c6de56a42e0c657955e12b882a81ef07d1d073e", + "https://git.kernel.org/linus/917248144db5d7320655dbb41d3af0b8a0f3d589", + "https://git.kernel.org/linus/a6bd811f1209fe1c64c9f6fd578101d6436c6b6e", + "https://git.kernel.org/linus/b043138246a41064527cf019a3d51d9f015e9796", + "https://lore.kernel.org/lkml/1580407316-11391-1-git-send-email-pbonzini@redhat.com/", + "https://security.netapp.com/advisory/ntap-20200313-0003/", + "https://usn.ubuntu.com/4300-1/", + "https://usn.ubuntu.com/4301-1/", + "https://www.openwall.com/lists/oss-security/2020/01/30/4", + ], + }, + { + "VulnerabilityID": "CVE-2019-3874", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: SCTP socket buffer memory leak leading to denial of service", + "Description": "The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.", + "Severity": "LOW", + "References": + [ + "http://linux.oracle.com/cve/CVE-2019-3874.html", + "http://linux.oracle.com/errata/ELSA-2019-3517.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3874", + "https://discuss.kubernetes.io/t/kubernetes-security-announcement-linux-kernel-memory-cgroups-escape-via-sctp-cve-2019-3874/5594", + "https://lore.kernel.org/netdev/20190401113110.GA20717@hmswarspite.think-freely.org/T/#u", + "https://security.netapp.com/advisory/ntap-20190411-0003/", + "https://usn.ubuntu.com/3979-1/", + "https://usn.ubuntu.com/3980-1/", + "https://usn.ubuntu.com/3980-2/", + "https://usn.ubuntu.com/3981-1/", + "https://usn.ubuntu.com/3981-2/", + "https://usn.ubuntu.com/3982-1/", + "https://usn.ubuntu.com/3982-2/", + ], + }, + { + "VulnerabilityID": "CVE-2020-0009", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Description": "In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-142938932", + "Severity": "LOW", + "References": + [ + "http://packetstormsecurity.com/files/155903/Android-ashmem-Read-Only-Bypasses.html", + "https://source.android.com/security/bulletin/2020-01-01", + ], + }, + { + "VulnerabilityID": "CVE-2020-0067", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Description": "In f2fs_xattr_generic_list of xattr.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not required for exploitation.Product: Android. Versions: Android kernel. Android ID: A-120551147.", + "Severity": "LOW", + "References": + [ + "http://android.googlesource.com/kernel/common/+/688078e7", + "https://source.android.com/security/bulletin/pixel/2020-04-01", + ], + }, + { + "VulnerabilityID": "CVE-2020-11494", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: transmission of uninitialized data allows attackers to read sensitive information", + "Description": "An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2cece4.", + "Severity": "LOW", + "References": + [ + "http://linux.oracle.com/cve/CVE-2020-11494.html", + "http://linux.oracle.com/errata/ELSA-2020-5663.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00035.html", + "https://github.com/torvalds/linux/commit/b9258a2cece4ec1f020715fe3554bc2e360f6264", + ], + }, + { + "VulnerabilityID": "CVE-2020-11608", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Description": "An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints, aka CID-998912346c0d.", + "Severity": "LOW", + "References": + [ + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.1", + "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=998912346c0da53a6dbb71fab3a138586b596b30", + "https://github.com/torvalds/linux/commit/998912346c0da53a6dbb71fab3a138586b596b30", + ], + }, + { + "VulnerabilityID": "CVE-2020-2732", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources", + "Description": "A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest.", + "Severity": "LOW", + "References": + [ + "http://linux.oracle.com/cve/CVE-2020-2732.html", + "http://linux.oracle.com/errata/ELSA-2020-5543.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=1805135", + "https://git.kernel.org/linus/07721feee46b4b248402133228235318199b05ec", + "https://git.kernel.org/linus/35a571346a94fb93b5b3b6a599675ef3384bc75c", + "https://git.kernel.org/linus/e71237d3ff1abf9f3388337cfebf53b96df2020d", + "https://linux.oracle.com/errata/ELSA-2020-5540.html", + "https://linux.oracle.com/errata/ELSA-2020-5542.html", + "https://linux.oracle.com/errata/ELSA-2020-5543.html", + "https://www.openwall.com/lists/oss-security/2020/02/25/3", + "https://www.spinics.net/lists/kvm/msg208259.html", + ], + }, + { + "VulnerabilityID": "CVE-2020-8428", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: use-after-free in fs/namei.c", + "Description": "fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for a UNIX domain socket, if the socket is being moved to a new parent directory and its old parent directory is being removed.", + "Severity": "LOW", + "References": + [ + "http://www.openwall.com/lists/oss-security/2020/01/28/4", + "http://www.openwall.com/lists/oss-security/2020/02/02/1", + "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d0cb50185ae942b03c4327be322055d622dc79f6", + "https://github.com/torvalds/linux/commit/d0cb50185ae942b03c4327be322055d622dc79f6", + "https://www.openwall.com/lists/oss-security/2020/01/28/2", + ], + }, + { + "VulnerabilityID": "CVE-2020-8647", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c", + "Description": "There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.", + "Severity": "LOW", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00039.html", + "https://bugzilla.kernel.org/show_bug.cgi?id=206359", + ], + }, + { + "VulnerabilityID": "CVE-2020-8648", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c", + "Description": "There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.", + "Severity": "LOW", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html", + "https://bugzilla.kernel.org/show_bug.cgi?id=206361", + ], + }, + { + "VulnerabilityID": "CVE-2020-8649", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: invalid read location in vgacon_invert_region function in drivers/video/console/vgacon.c", + "Description": "There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.", + "Severity": "LOW", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00039.html", + "https://bugzilla.kernel.org/show_bug.cgi?id=206357", + ], + }, + { + "VulnerabilityID": "CVE-2020-9383", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "kernel: out-of-bounds read in set_fdc in drivers/block/floppy.c", + "Description": "An issue was discovered in the Linux kernel through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.", + "Severity": "LOW", + "References": + [ + "http://linux.oracle.com/cve/CVE-2020-9383.html", + "http://linux.oracle.com/errata/ELSA-2020-5663.html", + "https://github.com/torvalds/linux/commit/2e90ca68b0d2f5548804f22f0dd61145516171e3", + "https://security.netapp.com/advisory/ntap-20200313-0003/", + ], + }, + { + "VulnerabilityID": "TEMP-0000000-F7A20F", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Severity": "LOW", + }, + { + "VulnerabilityID": "CVE-2019-15794", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Description": "Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma-\u003evm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.", + "Severity": "UNKNOWN", + "References": + [ + "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/eoan/commit/?id=270d16ae48a4dbf1c7e25e94cc3e38b4bea37635", + "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/eoan/commit/?id=ef81780548d20a786cc77ed4203fca146fd81ce3", + "https://usn.ubuntu.com/usn/usn-4208-1", + "https://usn.ubuntu.com/usn/usn-4209-1", + ], + }, + { + "VulnerabilityID": "CVE-2007-5686", + "PkgName": "login", + "InstalledVersion": "1:4.5-1.1", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "Severity": "MEDIUM", + "References": + [ + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", + ], + }, + { + "VulnerabilityID": "CVE-2018-7169", + "PkgName": "login", + "InstalledVersion": "1:4.5-1.1", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", + "Description": 'An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.', + "Severity": "MEDIUM", + "References": + [ + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", + "https://security.gentoo.org/glsa/201805-09", + ], + }, + { + "VulnerabilityID": "CVE-2019-19882", + "PkgName": "login", + "InstalledVersion": "1:4.5-1.1", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "Description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "Severity": "MEDIUM", + "References": + [ + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + ], + }, + { + "VulnerabilityID": "CVE-2013-4235", + "PkgName": "login", + "InstalledVersion": "1:4.5-1.1", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "Description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "Severity": "LOW", + "References": + [ + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + ], + }, + { + "VulnerabilityID": "TEMP-0628843-DBAD28", + "PkgName": "login", + "InstalledVersion": "1:4.5-1.1", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Severity": "LOW", + }, + { + "VulnerabilityID": "CVE-2008-1687", + "PkgName": "m4", + "InstalledVersion": "1.4.18-2", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "m4: unquoted output of maketemp and mkstemp", + "Description": "The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename.", + "Severity": "HIGH", + "References": + [ + "http://secunia.com/advisories/29671", + "http://secunia.com/advisories/29729", + "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.510612", + "http://www.openwall.com/lists/oss-security/2008/04/07/1", + "http://www.openwall.com/lists/oss-security/2008/04/07/12", + "http://www.openwall.com/lists/oss-security/2008/04/07/3", + "http://www.openwall.com/lists/oss-security/2008/04/07/4", + "http://www.securityfocus.com/bid/28688", + "http://www.vupen.com/english/advisories/2008/1151/references", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/41706", + ], + }, + { + "VulnerabilityID": "CVE-2008-1688", + "PkgName": "m4", + "InstalledVersion": "1.4.18-2", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "m4: code execution via -F argument", + "Description": "Unspecified vulnerability in GNU m4 before 1.4.11 might allow context-dependent attackers to execute arbitrary code, related to improper handling of filenames specified with the -F option. NOTE: it is not clear when this issue crosses privilege boundaries.", + "Severity": "HIGH", + "References": + [ + "http://osvdb.org/44272", + "http://secunia.com/advisories/29671", + "http://secunia.com/advisories/29729", + "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.510612", + "http://www.openwall.com/lists/oss-security/2008/04/07/1", + "http://www.openwall.com/lists/oss-security/2008/04/07/3", + "http://www.securityfocus.com/bid/28688", + "http://www.vupen.com/english/advisories/2008/1151/references", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/41704", + ], + }, + { + "VulnerabilityID": "CVE-2007-6755", + "PkgName": "openssl", + "InstalledVersion": "1.1.1d-0+deb10u3", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "Dual_EC_DRBG: weak pseudo random number generator", + "Description": 'The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.', + "Severity": "MEDIUM", + "References": + [ + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html", + ], + }, + { + "VulnerabilityID": "CVE-2010-0928", + "PkgName": "openssl", + "InstalledVersion": "1.1.1d-0+deb10u3", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "openssl: RSA authentication weakness", + "Description": 'OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."', + "Severity": "MEDIUM", + "References": + [ + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750", + ], + }, + { + "VulnerabilityID": "CVE-2019-1551", + "PkgName": "openssl", + "InstalledVersion": "1.1.1d-0+deb10u3", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", + "Description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html", + "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98", + "https://github.com/openssl/openssl/pull/10575", + "https://seclists.org/bugtraq/2019/Dec/39", + "https://seclists.org/bugtraq/2019/Dec/46", + "https://security.netapp.com/advisory/ntap-20191210-0001/", + "https://www.debian.org/security/2019/dsa-4594", + "https://www.openssl.org/news/secadv/20191206.txt", + "https://www.tenable.com/security/tns-2019-09", + ], + }, + { + "VulnerabilityID": "CVE-2007-5686", + "PkgName": "passwd", + "InstalledVersion": "1:4.5-1.1", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "Severity": "MEDIUM", + "References": + [ + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825", + ], + }, + { + "VulnerabilityID": "CVE-2018-7169", + "PkgName": "passwd", + "InstalledVersion": "1:4.5-1.1", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", + "Description": 'An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.', + "Severity": "MEDIUM", + "References": + [ + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", + "https://security.gentoo.org/glsa/201805-09", + ], + }, + { + "VulnerabilityID": "CVE-2019-19882", + "PkgName": "passwd", + "InstalledVersion": "1:4.5-1.1", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "Description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "Severity": "MEDIUM", + "References": + [ + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580", + ], + }, + { + "VulnerabilityID": "CVE-2013-4235", + "PkgName": "passwd", + "InstalledVersion": "1:4.5-1.1", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "Description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "Severity": "LOW", + "References": + [ + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235", + ], + }, + { + "VulnerabilityID": "TEMP-0628843-DBAD28", + "PkgName": "passwd", + "InstalledVersion": "1:4.5-1.1", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Severity": "LOW", + }, + { + "VulnerabilityID": "CVE-2010-4651", + "PkgName": "patch", + "InstalledVersion": "2.7.6-3+deb10u1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "patch: directory traversal flaw allows for arbitrary file creation", + "Description": "Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.", + "Severity": "MEDIUM", + "References": + [ + "http://git.savannah.gnu.org/cgit/patch.git/commit/?id=685a78b6052f4df6eac6d625a545cfb54a6ac0e1", + "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", + "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055241.html", + "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055246.html", + "http://lists.gnu.org/archive/html/bug-patch/2010-12/msg00000.html", + "http://openwall.com/lists/oss-security/2011/01/05/10", + "http://openwall.com/lists/oss-security/2011/01/06/19", + "http://openwall.com/lists/oss-security/2011/01/06/20", + "http://openwall.com/lists/oss-security/2011/01/06/21", + "http://secunia.com/advisories/43663", + "http://secunia.com/advisories/43677", + "http://support.apple.com/kb/HT4723", + "http://www.securityfocus.com/bid/46768", + "http://www.vupen.com/english/advisories/2011/0600", + "https://bugzilla.redhat.com/show_bug.cgi?id=667529", + ], + }, + { + "VulnerabilityID": "CVE-2018-6951", + "PkgName": "patch", + "InstalledVersion": "2.7.6-3+deb10u1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "patch: NULL pointer dereference in pch.c:intuit_diff_type() causes a crash", + "Description": 'An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue.', + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/103044", + "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a", + "https://savannah.gnu.org/bugs/index.php?53132", + "https://security.gentoo.org/glsa/201904-17", + "https://usn.ubuntu.com/3624-1/", + ], + }, + { + "VulnerabilityID": "CVE-2018-6952", + "PkgName": "patch", + "InstalledVersion": "2.7.6-3+deb10u1", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "patch: Double free of memory in pch.c:another_hunk() causes a crash", + "Description": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2018-6952.html", + "http://linux.oracle.com/errata/ELSA-2019-2033.html", + "http://www.securityfocus.com/bid/103047", + "https://savannah.gnu.org/bugs/index.php?53133", + "https://security.gentoo.org/glsa/201904-17", + ], + }, + { + "VulnerabilityID": "CVE-2011-4116", + "PkgName": "perl", + "InstalledVersion": "5.28.1-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "perl: File::Temp insecure temporary file handling", + "Description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", + "Severity": "MEDIUM", + "References": + [ + "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "https://seclists.org/oss-sec/2011/q4/238", + ], + }, + { + "VulnerabilityID": "CVE-2011-4116", + "PkgName": "perl-base", + "InstalledVersion": "5.28.1-6", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "perl: File::Temp insecure temporary file handling", + "Description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", + "Severity": "MEDIUM", + "References": + [ + "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "https://seclists.org/oss-sec/2011/q4/238", + ], + }, + { + "VulnerabilityID": "CVE-2011-4116", + "PkgName": "perl-modules-5.28", + "InstalledVersion": "5.28.1-6", + "Layer": + { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731", + }, + "Title": "perl: File::Temp insecure temporary file handling", + "Description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", + "Severity": "MEDIUM", + "References": + [ + "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "https://seclists.org/oss-sec/2011/q4/238", + ], + }, + { + "VulnerabilityID": "CVE-2020-8492", + "PkgName": "python3.7", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS", + "Description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.", + "Severity": "HIGH", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", + "https://bugs.python.org/issue39503", + "https://github.com/python/cpython/pull/18284", + "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html", + "https://security.netapp.com/advisory/ntap-20200221-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2017-17522", + "PkgName": "python3.7", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "python: Command injection in Lib/webbrowser.py", + "Description": "** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/102207", + "https://bugs.python.org/issue32367", + "https://security-tracker.debian.org/tracker/CVE-2017-17522", + ], + }, + { + "VulnerabilityID": "CVE-2019-18348", + "PkgName": "python3.7", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "python: CRLF injection via the host part of the url passed to urlopen()", + "Description": "An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.)", + "Severity": "MEDIUM", + "References": + [ + "https://bugs.python.org/issue30458#msg347282", + "https://bugzilla.redhat.com/show_bug.cgi?id=1727276", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/", + "https://security.netapp.com/advisory/ntap-20191107-0004/", + ], + }, + { + "VulnerabilityID": "CVE-2019-9674", + "PkgName": "python3.7", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "python: Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py", + "Description": "Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", + "https://bugs.python.org/issue36260", + "https://bugs.python.org/issue36462", + "https://github.com/python/cpython/blob/master/Lib/zipfile.py", + "https://python-security.readthedocs.io/security.html#archives-and-zip-bomb", + "https://security.netapp.com/advisory/ntap-20200221-0003/", + "https://www.python.org/news/security/", + ], + }, + { + "VulnerabilityID": "CVE-2020-8492", + "PkgName": "python3.7-minimal", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS", + "Description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.", + "Severity": "HIGH", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", + "https://bugs.python.org/issue39503", + "https://github.com/python/cpython/pull/18284", + "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html", + "https://security.netapp.com/advisory/ntap-20200221-0001/", + ], + }, + { + "VulnerabilityID": "CVE-2017-17522", + "PkgName": "python3.7-minimal", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "python: Command injection in Lib/webbrowser.py", + "Description": "** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/102207", + "https://bugs.python.org/issue32367", + "https://security-tracker.debian.org/tracker/CVE-2017-17522", + ], + }, + { + "VulnerabilityID": "CVE-2019-18348", + "PkgName": "python3.7-minimal", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "python: CRLF injection via the host part of the url passed to urlopen()", + "Description": "An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.)", + "Severity": "MEDIUM", + "References": + [ + "https://bugs.python.org/issue30458#msg347282", + "https://bugzilla.redhat.com/show_bug.cgi?id=1727276", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/", + "https://security.netapp.com/advisory/ntap-20191107-0004/", + ], + }, + { + "VulnerabilityID": "CVE-2019-9674", + "PkgName": "python3.7-minimal", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "python: Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py", + "Description": "Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.", + "Severity": "MEDIUM", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", + "https://bugs.python.org/issue36260", + "https://bugs.python.org/issue36462", + "https://github.com/python/cpython/blob/master/Lib/zipfile.py", + "https://python-security.readthedocs.io/security.html#archives-and-zip-bomb", + "https://security.netapp.com/advisory/ntap-20200221-0003/", + "https://www.python.org/news/security/", + ], + }, + { + "VulnerabilityID": "CVE-2019-3843", + "PkgName": "systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "systemd: services with DynamicUser can create SUID/SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108116", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2019-3844", + "PkgName": "systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108096", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2020-1712", + "PkgName": "systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "systemd: use-after-free when asynchronous polkit queries are performed", + "Description": "A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2020-1712.html", + "http://linux.oracle.com/errata/ELSA-2020-0575.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712", + "https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54", + "https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb", + "https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d", + "https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2", + "https://www.openwall.com/lists/oss-security/2020/02/05/1", + ], + }, + { + "VulnerabilityID": "CVE-2013-4392", + "PkgName": "systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "systemd: TOCTOU race condition when updating file permissions and SELinux security contexts", + "Description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "Severity": "LOW", + "References": + [ + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + ], + }, + { + "VulnerabilityID": "CVE-2019-20386", + "PkgName": "systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "systemd: a memory leak was discovered in button_open in login/logind-button.c when udev events are received", + "Description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", + "Severity": "LOW", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "https://security.netapp.com/advisory/ntap-20200210-0002/", + "https://usn.ubuntu.com/4269-1/", + ], + }, + { + "VulnerabilityID": "CVE-2019-3843", + "PkgName": "systemd-sysv", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "systemd: services with DynamicUser can create SUID/SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108116", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2019-3844", + "PkgName": "systemd-sysv", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", + "Severity": "MEDIUM", + "References": + [ + "http://www.securityfocus.com/bid/108096", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "https://security.netapp.com/advisory/ntap-20190619-0002/", + ], + }, + { + "VulnerabilityID": "CVE-2020-1712", + "PkgName": "systemd-sysv", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "systemd: use-after-free when asynchronous polkit queries are performed", + "Description": "A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.", + "Severity": "MEDIUM", + "References": + [ + "http://linux.oracle.com/cve/CVE-2020-1712.html", + "http://linux.oracle.com/errata/ELSA-2020-0575.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712", + "https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54", + "https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb", + "https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d", + "https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2", + "https://www.openwall.com/lists/oss-security/2020/02/05/1", + ], + }, + { + "VulnerabilityID": "CVE-2013-4392", + "PkgName": "systemd-sysv", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "systemd: TOCTOU race condition when updating file permissions and SELinux security contexts", + "Description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "Severity": "LOW", + "References": + [ + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060", + ], + }, + { + "VulnerabilityID": "CVE-2019-20386", + "PkgName": "systemd-sysv", + "InstalledVersion": "241-7~deb10u3", + "Layer": + { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1", + }, + "Title": "systemd: a memory leak was discovered in button_open in login/logind-button.c when udev events are received", + "Description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", + "Severity": "LOW", + "References": + [ + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "https://security.netapp.com/advisory/ntap-20200210-0002/", + "https://usn.ubuntu.com/4269-1/", + ], + }, + { + "VulnerabilityID": "TEMP-0517018-A83CE6", + "PkgName": "sysvinit-utils", + "InstalledVersion": "2.93-8", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Severity": "LOW", + }, + { + "VulnerabilityID": "CVE-2005-2541", + "PkgName": "tar", + "InstalledVersion": "1.30+dfsg-6", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", + "Severity": "CRITICAL", + "References": + ["http://marc.info/?l=bugtraq\u0026m=112327628230258\u0026w=2"], + }, + { + "VulnerabilityID": "CVE-2019-9923", + "PkgName": "tar", + "InstalledVersion": "1.30+dfsg-6", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Title": "tar: null-pointer dereference in pax_decode_header in sparse.c", + "Description": "pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.", + "Severity": "MEDIUM", + "References": + [ + "http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html", + "http://savannah.gnu.org/bugs/?55369", + "https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241", + ], + }, + { + "VulnerabilityID": "TEMP-0290435-0B57B5", + "PkgName": "tar", + "InstalledVersion": "1.30+dfsg-6", + "Layer": + { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", + }, + "Severity": "LOW", + }, + ], }, { "Target": "var/www/html/extensions/CategoryTree/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/Cite/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/CiteThisPage/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/CodeEditor/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/ConfirmEdit/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/Gadgets/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/ImageMap/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/InputBox/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/Interwiki/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/LocalisationUpdate/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/MultimediaViewer/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/Nuke/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/OATHAuth/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/PageImages/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/ParserFunctions/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/PdfHandler/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/Poem/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/Renameuser/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/ReplaceText/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/Scribunto/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/SpamBlacklist/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/SyntaxHighlight_GeSHi/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/TextExtracts/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/TitleBlacklist/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/extensions/WikiEditor/package-lock.json", - "Vulnerabilities": null - }, - { - "Target": "var/www/html/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, + { "Target": "var/www/html/package-lock.json", "Vulnerabilities": null }, { "Target": "var/www/html/skins/MonoBook/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/skins/Vector/package-lock.json", - "Vulnerabilities": null + "Vulnerabilities": null, }, { "Target": "var/www/html/tests/phpunit/data/composer/composer.lock", - "Vulnerabilities": null - } + "Vulnerabilities": null, + }, ] diff --git a/scanners/trivy/parser/__testFiles__/juice-shop-v10.2.0.json b/scanners/trivy/parser/__testFiles__/juice-shop-v10.2.0.json index cb2fcd8867..07bf689798 100644 --- a/scanners/trivy/parser/__testFiles__/juice-shop-v10.2.0.json +++ b/scanners/trivy/parser/__testFiles__/juice-shop-v10.2.0.json @@ -19,9 +19,7 @@ "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3", "sha256:77765a8e5ad0104144e543b4c5f8ad079f890ee666ae2c3e3f10ae26b8a936da" ], - "RepoTags": [ - "bkimminich/juice-shop:v10.2.0" - ], + "RepoTags": ["bkimminich/juice-shop:v10.2.0"], "RepoDigests": [ "bkimminich/juice-shop@sha256:b1802758946aa40549b98ee6b8f93e9b92d0a6bf7aed139284893466be9c5065" ], @@ -134,13 +132,8 @@ ] }, "config": { - "Cmd": [ - "npm", - "start" - ], - "Entrypoint": [ - "docker-entrypoint.sh" - ], + "Cmd": ["npm", "start"], + "Entrypoint": ["docker-entrypoint.sh"], "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "NODE_VERSION=12.16.2", @@ -189,9 +182,7 @@ "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-36159", "Description": "libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the line ends prematurely. If it does, the for-loop condition checks for the '\\0' terminator one byte too late.", "Severity": "CRITICAL", - "CweIDs": [ - "CWE-125" - ], + "CweIDs": ["CWE-125"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P", @@ -224,9 +215,7 @@ "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-30139", "Description": "In Alpine Linux apk-tools before 2.12.5, the tarball parser allows a buffer overflow and crash.", "Severity": "HIGH", - "CweIDs": [ - "CWE-125" - ], + "CweIDs": ["CWE-125"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", @@ -256,9 +245,7 @@ "Title": "busybox: invalid free or segmentation fault via malformed gzip data", "Description": "decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.", "Severity": "HIGH", - "CweIDs": [ - "CWE-755" - ], + "CweIDs": ["CWE-755"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", @@ -297,9 +284,7 @@ "Title": "openssl: SM2 Decryption Buffer Overflow", "Description": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the \"out\" parameter can be NULL and, on exit, the \"outlen\" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the \"out\" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", "Severity": "CRITICAL", - "CweIDs": [ - "CWE-120" - ], + "CweIDs": ["CWE-120"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", @@ -343,9 +328,7 @@ "Title": "openssl: Segmentation fault in SSL_check_chain causes denial of service", "Description": "Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the \"signature_algorithms_cert\" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).", "Severity": "HIGH", - "CweIDs": [ - "CWE-476" - ], + "CweIDs": ["CWE-476"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", @@ -409,11 +392,9 @@ "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-23840", "Title": "openssl: integer overflow in CipherUpdate", - "Description": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", + "Description": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", "Severity": "HIGH", - "CweIDs": [ - "CWE-190" - ], + "CweIDs": ["CWE-190"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", @@ -466,9 +447,7 @@ "Title": "openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT", "Description": "The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. If a \"purpose\" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named \"purpose\" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application. In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose. OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1h-1.1.1j).", "Severity": "HIGH", - "CweIDs": [ - "CWE-295" - ], + "CweIDs": ["CWE-295"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N", @@ -523,9 +502,7 @@ "Title": "openssl: Read buffer overruns processing ASN.1 strings", "Description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own \"d2i\" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the \"data\" and \"length\" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the \"data\" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", "Severity": "HIGH", - "CweIDs": [ - "CWE-125" - ], + "CweIDs": ["CWE-125"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", @@ -576,9 +553,7 @@ "Title": "openssl: EDIPARTYNAME NULL pointer de-reference", "Description": "The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the \"-crl_download\" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-476" - ], + "CweIDs": ["CWE-476"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", @@ -638,9 +613,7 @@ "Title": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()", "Description": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-190" - ], + "CweIDs": ["CWE-190"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", @@ -696,9 +669,7 @@ "Title": "openssl: NULL pointer dereference in signature_algorithms processing", "Description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-476" - ], + "CweIDs": ["CWE-476"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", @@ -760,9 +731,7 @@ "Title": "openssl: incorrect SSLv2 rollback protection", "Description": "OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this indicates that a version rollback has occurred (i.e. both client and server support greater than SSLv2, and yet this is the version that is being requested). The implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present, and rejected if it is absent. This means that such as server will accept a connection if a version rollback attack has occurred. Further the server will erroneously reject a connection if a normal SSLv2 connection attempt is made. Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this issue. In order to be vulnerable a 1.0.2 server must: 1) have configured SSLv2 support at compile time (this is off by default), 2) have configured SSLv2 support at runtime (this is off by default), 3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite list) OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to this issue. The underlying error is in the implementation of the RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING padding mode used by various other functions. Although 1.1.1 does not support SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the RSA_SSLV23_PADDING padding mode. Applications that directly call that function or use that padding mode will encounter this issue. However since there is no support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a security issue in that version. OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x).", "Severity": "LOW", - "CweIDs": [ - "CWE-326" - ], + "CweIDs": ["CWE-326"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", @@ -801,9 +770,7 @@ "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", "Severity": "HIGH", - "CweIDs": [ - "CWE-331" - ], + "CweIDs": ["CWE-331"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N", @@ -841,9 +808,7 @@ "Title": "openssl: SM2 Decryption Buffer Overflow", "Description": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the \"out\" parameter can be NULL and, on exit, the \"outlen\" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the \"out\" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", "Severity": "CRITICAL", - "CweIDs": [ - "CWE-120" - ], + "CweIDs": ["CWE-120"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", @@ -887,9 +852,7 @@ "Title": "openssl: Segmentation fault in SSL_check_chain causes denial of service", "Description": "Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the \"signature_algorithms_cert\" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).", "Severity": "HIGH", - "CweIDs": [ - "CWE-476" - ], + "CweIDs": ["CWE-476"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", @@ -953,11 +916,9 @@ "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-23840", "Title": "openssl: integer overflow in CipherUpdate", - "Description": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", + "Description": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", "Severity": "HIGH", - "CweIDs": [ - "CWE-190" - ], + "CweIDs": ["CWE-190"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", @@ -1010,9 +971,7 @@ "Title": "openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT", "Description": "The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. If a \"purpose\" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named \"purpose\" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application. In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose. OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1h-1.1.1j).", "Severity": "HIGH", - "CweIDs": [ - "CWE-295" - ], + "CweIDs": ["CWE-295"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N", @@ -1067,9 +1026,7 @@ "Title": "openssl: Read buffer overruns processing ASN.1 strings", "Description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own \"d2i\" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the \"data\" and \"length\" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the \"data\" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", "Severity": "HIGH", - "CweIDs": [ - "CWE-125" - ], + "CweIDs": ["CWE-125"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", @@ -1120,9 +1077,7 @@ "Title": "openssl: EDIPARTYNAME NULL pointer de-reference", "Description": "The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the \"-crl_download\" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-476" - ], + "CweIDs": ["CWE-476"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", @@ -1182,9 +1137,7 @@ "Title": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()", "Description": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-190" - ], + "CweIDs": ["CWE-190"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", @@ -1240,9 +1193,7 @@ "Title": "openssl: NULL pointer dereference in signature_algorithms processing", "Description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-476" - ], + "CweIDs": ["CWE-476"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", @@ -1304,9 +1255,7 @@ "Title": "openssl: incorrect SSLv2 rollback protection", "Description": "OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this indicates that a version rollback has occurred (i.e. both client and server support greater than SSLv2, and yet this is the version that is being requested). The implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present, and rejected if it is absent. This means that such as server will accept a connection if a version rollback attack has occurred. Further the server will erroneously reject a connection if a normal SSLv2 connection attempt is made. Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this issue. In order to be vulnerable a 1.0.2 server must: 1) have configured SSLv2 support at compile time (this is off by default), 2) have configured SSLv2 support at runtime (this is off by default), 3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite list) OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to this issue. The underlying error is in the implementation of the RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING padding mode used by various other functions. Although 1.1.1 does not support SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the RSA_SSLV23_PADDING padding mode. Applications that directly call that function or use that padding mode will encounter this issue. However since there is no support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a security issue in that version. OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x).", "Severity": "LOW", - "CweIDs": [ - "CWE-326" - ], + "CweIDs": ["CWE-326"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", @@ -1345,9 +1294,7 @@ "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", "Severity": "HIGH", - "CweIDs": [ - "CWE-331" - ], + "CweIDs": ["CWE-331"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N", @@ -1384,9 +1331,7 @@ "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2020-28928", "Description": "In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-787" - ], + "CweIDs": ["CWE-787"], "CVSS": { "nvd": { "V2Vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P", @@ -1423,9 +1368,7 @@ "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2020-28928", "Description": "In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-787" - ], + "CweIDs": ["CWE-787"], "CVSS": { "nvd": { "V2Vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P", @@ -1463,9 +1406,7 @@ "Title": "busybox: invalid free or segmentation fault via malformed gzip data", "Description": "decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.", "Severity": "HIGH", - "CweIDs": [ - "CWE-755" - ], + "CweIDs": ["CWE-755"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", @@ -1621,9 +1562,7 @@ "Title": "nodejs-bl: buffer over-read vulnerability leads to corrupted BufferList which can result in uninitialized memory being leaked", "Description": "A buffer over-read vulnerability exists in bl \u003c4.0.3, \u003c3.0.1, \u003c2.2.1, and \u003c1.2.3 which could allow an attacker to supply user input (even typed) that if it ends up in consume() argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via regular .slice() calls.", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-125" - ], + "CweIDs": ["CWE-125"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P", @@ -1662,9 +1601,7 @@ "Title": "nodejs-bl: buffer over-read vulnerability leads to corrupted BufferList which can result in uninitialized memory being leaked", "Description": "A buffer over-read vulnerability exists in bl \u003c4.0.3, \u003c3.0.1, \u003c2.2.1, and \u003c1.2.3 which could allow an attacker to supply user input (even typed) that if it ends up in consume() argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via regular .slice() calls.", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-125" - ], + "CweIDs": ["CWE-125"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P", @@ -1703,9 +1640,7 @@ "Title": "nodejs-color-string: Regular expression denial of service when the application is provided and checks a crafted invalid HWB string", "Description": "A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string.", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-770" - ], + "CweIDs": ["CWE-770"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", @@ -1764,9 +1699,7 @@ "Title": "nodejs-dot-prop: prototype pollution", "Description": "Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as objects.", "Severity": "HIGH", - "CweIDs": [ - "CWE-425" - ], + "CweIDs": ["CWE-425"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", @@ -1806,9 +1739,7 @@ "Title": "Authorization bypass in express-jwt", "Description": "In express-jwt (NPM package) up and including version 5.3.3, the algorithms entry to be specified in the configuration is not being enforced. When algorithms is not specified in the configuration, with the combination of jwks-rsa, it may lead to authorization bypass. You are affected by this vulnerability if all of the following conditions apply: - You are using express-jwt - You do not have **algorithms** configured in your express-jwt configuration. - You are using libraries such as jwks-rsa as the **secret**. You can fix this by specifying **algorithms** in the express-jwt configuration. See linked GHSA for example. This is also fixed in version 6.0.0.", "Severity": "CRITICAL", - "CweIDs": [ - "CWE-285" - ], + "CweIDs": ["CWE-285"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", @@ -1877,9 +1808,7 @@ "Title": "nodejs-growl: Does not properly sanitize input before passing it to exec", "Description": "Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution.", "Severity": "CRITICAL", - "CweIDs": [ - "CWE-78" - ], + "CweIDs": ["CWE-78"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", @@ -1918,9 +1847,7 @@ "Title": "Arbitrary Code Execution in grunt", "Description": "The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load() instead of its secure replacement safeLoad() of the package js-yaml inside grunt.file.readYAML.", "Severity": "HIGH", - "CweIDs": [ - "CWE-1188" - ], + "CweIDs": ["CWE-1188"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:H/Au:S/C:P/I:P/A:P", @@ -2001,9 +1928,7 @@ "Title": "nodejs-ini: Prototype pollution via malicious INI file", "Description": "This affects the package ini before 1.3.6. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context.", "Severity": "HIGH", - "CweIDs": [ - "CWE-400" - ], + "CweIDs": ["CWE-400"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", @@ -2045,9 +1970,7 @@ "Title": "nodejs-jsonwebtoken: verification step bypass with an altered token", "Description": "In jsonwebtoken node module before 4.2.2 it is possible for an attacker to bypass verification when a token digitally signed with an asymmetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family).", "Severity": "CRITICAL", - "CweIDs": [ - "CWE-327" - ], + "CweIDs": ["CWE-327"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", @@ -2105,9 +2028,7 @@ "Title": "nodejs-jsonwebtoken: verification step bypass with an altered token", "Description": "In jsonwebtoken node module before 4.2.2 it is possible for an attacker to bypass verification when a token digitally signed with an asymmetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family).", "Severity": "CRITICAL", - "CweIDs": [ - "CWE-327" - ], + "CweIDs": ["CWE-327"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", @@ -2226,9 +2147,7 @@ "Title": "nodejs-lodash: prototype pollution in zipObjectDeep function", "Description": "Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.", "Severity": "HIGH", - "CweIDs": [ - "CWE-770" - ], + "CweIDs": ["CWE-770"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P", @@ -2270,9 +2189,7 @@ "Title": "nodejs-lodash: command injection via template", "Description": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.", "Severity": "HIGH", - "CweIDs": [ - "CWE-77" - ], + "CweIDs": ["CWE-77"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P", @@ -2395,9 +2312,7 @@ "Title": "lodash: uncontrolled resource consumption in Data handler causing denial of service", "Description": "lodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The fixed version is: 4.17.11.", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-770" - ], + "CweIDs": ["CWE-770"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P", @@ -2477,9 +2392,7 @@ "Title": "nodejs-lodash: prototype pollution in zipObjectDeep function", "Description": "Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.", "Severity": "HIGH", - "CweIDs": [ - "CWE-770" - ], + "CweIDs": ["CWE-770"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P", @@ -2521,9 +2434,7 @@ "Title": "nodejs-lodash: command injection via template", "Description": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.", "Severity": "HIGH", - "CweIDs": [ - "CWE-77" - ], + "CweIDs": ["CWE-77"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P", @@ -2569,9 +2480,7 @@ "Title": "nodejs-lodash: prototype pollution in zipObjectDeep function", "Description": "Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.", "Severity": "HIGH", - "CweIDs": [ - "CWE-770" - ], + "CweIDs": ["CWE-770"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P", @@ -2613,9 +2522,7 @@ "Title": "nodejs-lodash: command injection via template", "Description": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.", "Severity": "HIGH", - "CweIDs": [ - "CWE-77" - ], + "CweIDs": ["CWE-77"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P", @@ -2698,9 +2605,7 @@ "Title": "nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload", "Description": "minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a \"constructor\" or \"__proto__\" payload.", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-20" - ], + "CweIDs": ["CWE-20"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", @@ -2739,9 +2644,7 @@ "Title": "nodejs-moment: Regular expression denial of service", "Description": "The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.", "Severity": "HIGH", - "CweIDs": [ - "CWE-400" - ], + "CweIDs": ["CWE-400"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", @@ -2779,9 +2682,7 @@ "Title": "moment.js: regular expression denial of service", "Description": "The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a \"regular expression Denial of Service (ReDoS).\"", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-399" - ], + "CweIDs": ["CWE-399"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C", @@ -2826,10 +2727,7 @@ "Title": "npm: sensitive information exposure through logs", "Description": "Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like \"\u003cprotocol\u003e://[\u003cuser\u003e[:\u003cpassword\u003e]@]\u003chostname\u003e[:\u003cport\u003e][:][/]\u003cpath\u003e\". The password value is not redacted and is printed to stdout and also to any generated log files.", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-532", - "CWE-532" - ], + "CweIDs": ["CWE-532", "CWE-532"], "CVSS": { "nvd": { "V2Vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N", @@ -2992,9 +2890,7 @@ "Title": "Remote code execution via the `pretty` option.", "Description": "Pug is an npm package which is a high-performance template engine. In pug before version 3.0.1, if a remote attacker was able to control the `pretty` option of the pug compiler, e.g. if you spread a user provided object such as the query parameters of a request into the pug template inputs, it was possible for them to achieve remote code execution on the node.js backend. This is fixed in version 3.0.1. This advisory applies to multiple pug packages including \"pug\", \"pug-code-gen\". pug-code-gen has a backported fix at version 2.0.3. This advisory is not exploitable if there is no way for un-trusted input to be passed to pug as the `pretty` option, e.g. if you compile templates in advance before applying user input to them, you do not need to upgrade.", "Severity": "CRITICAL", - "CweIDs": [ - "CWE-74" - ], + "CweIDs": ["CWE-74"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", @@ -3032,9 +2928,7 @@ "Title": "Remote code execution via the `pretty` option.", "Description": "Pug is an npm package which is a high-performance template engine. In pug before version 3.0.1, if a remote attacker was able to control the `pretty` option of the pug compiler, e.g. if you spread a user provided object such as the query parameters of a request into the pug template inputs, it was possible for them to achieve remote code execution on the node.js backend. This is fixed in version 3.0.1. This advisory applies to multiple pug packages including \"pug\", \"pug-code-gen\". pug-code-gen has a backported fix at version 2.0.3. This advisory is not exploitable if there is no way for un-trusted input to be passed to pug as the `pretty` option, e.g. if you compile templates in advance before applying user input to them, you do not need to upgrade.", "Severity": "CRITICAL", - "CweIDs": [ - "CWE-74" - ], + "CweIDs": ["CWE-74"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", @@ -3072,9 +2966,7 @@ "Title": "XSS - Sanitization not applied recursively", "Description": "sanitize-html before 1.4.3 has XSS.", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-79" - ], + "CweIDs": ["CWE-79"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", @@ -3108,9 +3000,7 @@ "Title": "Cross-Site Scripting in sanitize-html", "Description": "Sanitize-html is a library for scrubbing html input of malicious values. Versions 1.11.1 and below are vulnerable to cross site scripting (XSS) in certain scenarios: If allowed at least one nonTextTags, the result is a potential XSS vulnerability.", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-79" - ], + "CweIDs": ["CWE-79"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", @@ -3236,9 +3126,7 @@ "Title": "nodejs-set-value: type confusion allows bypass of CVE-2019-10747", "Description": "This affects the package set-value before \u003c2.0.1, \u003e=3.0.0 \u003c4.0.1. A type confusion vulnerability can lead to a bypass of CVE-2019-10747 when the user-provided keys used in the path parameter are arrays.", "Severity": "CRITICAL", - "CweIDs": [ - "CWE-843" - ], + "CweIDs": ["CWE-843"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", @@ -3278,9 +3166,7 @@ "Title": "Insecure defaults due to CORS misconfiguration in socket.io", "Description": "The package socket.io before 2.4.0 are vulnerable to Insecure Defaults due to CORS Misconfiguration. All domains are whitelisted by default.", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-346" - ], + "CweIDs": ["CWE-346"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N", @@ -3315,9 +3201,7 @@ "Title": "yarnpkg-socket.io-parser: a denial of service (memory consumption) via a large packet because a concatenation approach is used", "Description": "socket.io-parser before 3.4.1 allows attackers to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used.", "Severity": "HIGH", - "CweIDs": [ - "CWE-400" - ], + "CweIDs": ["CWE-400"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", @@ -3356,9 +3240,7 @@ "Title": "yarnpkg-socket.io-parser: a denial of service (memory consumption) via a large packet because a concatenation approach is used", "Description": "socket.io-parser before 3.4.1 allows attackers to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used.", "Severity": "HIGH", - "CweIDs": [ - "CWE-400" - ], + "CweIDs": ["CWE-400"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", @@ -3438,9 +3320,7 @@ "Title": "nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite", "Description": "The npm package \"tar\" (aka node-tar) before versions 6.1.2, 5.0.7, 4.4.15, and 3.2.3 has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. `node-tar` aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary `stat` calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory. This order of operations resulted in the directory being created and added to the `node-tar` directory cache. When a directory is present in the directory cache, subsequent calls to mkdir for that directory are skipped. However, this is also where `node-tar` checks for symlinks occur. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass `node-tar` symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.3, 4.4.15, 5.0.7 and 6.1.2.", "Severity": "HIGH", - "CweIDs": [ - "CWE-22" - ], + "CweIDs": ["CWE-22"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P", @@ -3482,9 +3362,7 @@ "Title": "nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite", "Description": "The npm package \"tar\" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths when the `preservePaths` flag is not set to `true`. This is achieved by stripping the absolute path root from any absolute file paths contained in a tar file. For example `/home/user/.bashrc` would turn into `home/user/.bashrc`. This logic was insufficient when file paths contained repeated path roots such as `////home/user/.bashrc`. `node-tar` would only strip a single path root from such paths. When given an absolute file path with repeating path roots, the resulting path (e.g. `///home/user/.bashrc`) would still resolve to an absolute path, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.2, 4.4.14, 5.0.6 and 6.1.1. Users may work around this vulnerability without upgrading by creating a custom `onentry` method which sanitizes the `entry.path` or a `filter` method which removes entries with absolute paths. See referenced GitHub Advisory for details. Be aware of CVE-2021-32803 which fixes a similar bug in later versions of tar.", "Severity": "HIGH", - "CweIDs": [ - "CWE-22" - ], + "CweIDs": ["CWE-22"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P", @@ -3526,10 +3404,7 @@ "Title": "nodejs-tar: insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite", "Description": "The npm package \"tar\" (aka node-tar) before versions 4.4.16, 5.0.8, and 6.1.7 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary stat calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory, where the symlink and directory names in the archive entry used backslashes as a path separator on posix systems. The cache checking logic used both `\\` and `/` characters as path separators, however `\\` is a valid filename character on posix systems. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass node-tar symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. Additionally, a similar confusion could arise on case-insensitive filesystems. If a tar archive contained a directory at `FOO`, followed by a symbolic link named `foo`, then on case-insensitive file systems, the creation of the symbolic link would remove the directory from the filesystem, but _not_ from the internal directory cache, as it would not be treated as a cache hit. A subsequent file entry within the `FOO` directory would then be placed in the target of the symbolic link, thinking that the directory had already been created. These issues were addressed in releases 4.4.16, 5.0.8 and 6.1.7. The v3 branch of node-tar has been deprecated and did not receive patches for these issues. If you are still using a v3 release we recommend you update to a more recent version of node-tar. If this is not possible, a workaround is available in the referenced GHSA-9r2w-394v-53qc.", "Severity": "HIGH", - "CweIDs": [ - "CWE-22", - "CWE-59" - ], + "CweIDs": ["CWE-22", "CWE-59"], "CVSS": { "nvd": { "V2Vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P", @@ -3568,10 +3443,7 @@ "Title": "nodejs-tar: insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite", "Description": "The npm package \"tar\" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary stat calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with names containing unicode values that normalized to the same value. Additionally, on Windows systems, long path portions would resolve to the same file system entities as their 8.3 \"short path\" counterparts. A specially crafted tar archive could thus include a directory with one form of the path, followed by a symbolic link with a different string that resolves to the same file system entity, followed by a file using the first form. By first creating a directory, and then replacing that directory with a symlink that had a different apparent name that resolved to the same entry in the filesystem, it was thus possible to bypass node-tar symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. These issues were addressed in releases 4.4.18, 5.0.10 and 6.1.9. The v3 branch of node-tar has been deprecated and did not receive patches for these issues. If you are still using a v3 release we recommend you update to a more recent version of node-tar. If this is not possible, a workaround is available in the referenced GHSA-qq89-hq3f-393p.", "Severity": "HIGH", - "CweIDs": [ - "CWE-22", - "CWE-59" - ], + "CweIDs": ["CWE-22", "CWE-59"], "CVSS": { "nvd": { "V2Vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P", @@ -3610,9 +3482,7 @@ "Title": "Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization", "Description": "The npm package \"tar\" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be outside of the extraction target directory is not extracted. This is, in part, accomplished by sanitizing absolute paths of entries within the archive, skipping archive entries that contain `..` path portions, and resolving the sanitized paths against the extraction target directory. This logic was insufficient on Windows systems when extracting tar files that contained a path that was not an absolute path, but specified a drive letter different from the extraction target, such as `C:some\\path`. If the drive letter does not match the extraction target, for example `D:\\extraction\\dir`, then the result of `path.resolve(extractionDirectory, entryPath)` would resolve against the current working directory on the `C:` drive, rather than the extraction target directory. Additionally, a `..` portion of the path could occur immediately after the drive letter, such as `C:../foo`, and was not properly sanitized by the logic that checked for `..` within the normalized and split portions of the path. This only affects users of `node-tar` on Windows systems. These issues were addressed in releases 4.4.18, 5.0.10 and 6.1.9. The v3 branch of node-tar has been deprecated and did not receive patches for these issues. If you are still using a v3 release we recommend you update to a more recent version of node-tar. There is no reasonable way to work around this issue without performing the same path normalization procedures that node-tar now does. Users are encouraged to upgrade to the latest patched versions of node-tar, rather than attempt to sanitize paths themselves.", "Severity": "HIGH", - "CweIDs": [ - "CWE-22" - ], + "CweIDs": ["CWE-22"], "CVSS": { "nvd": { "V2Vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P", @@ -3705,9 +3575,7 @@ "Title": "nodejs-ws: Specially crafted value of the `Sec-Websocket-Protocol` header can be used to significantly slow down a ws server", "Description": "ws is an open source WebSocket client and server library for Node.js. A specially crafted value of the `Sec-Websocket-Protocol` header can be used to significantly slow down a ws server. The vulnerability has been fixed in ws@7.4.6 (https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a5c44e17023ff). In vulnerable versions of ws, the issue can be mitigated by reducing the maximum allowed length of the request headers using the [`--max-http-header-size=size`](https://nodejs.org/api/cli.html#cli_max_http_header_size_size) and/or the [`maxHeaderSize`](https://nodejs.org/api/http.html#http_http_createserver_options_requestlistener) options.", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-400" - ], + "CweIDs": ["CWE-400"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", @@ -3745,9 +3613,7 @@ "Title": "nodejs-ws: Specially crafted value of the `Sec-Websocket-Protocol` header can be used to significantly slow down a ws server", "Description": "ws is an open source WebSocket client and server library for Node.js. A specially crafted value of the `Sec-Websocket-Protocol` header can be used to significantly slow down a ws server. The vulnerability has been fixed in ws@7.4.6 (https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a5c44e17023ff). In vulnerable versions of ws, the issue can be mitigated by reducing the maximum allowed length of the request headers using the [`--max-http-header-size=size`](https://nodejs.org/api/cli.html#cli_max_http_header_size_size) and/or the [`maxHeaderSize`](https://nodejs.org/api/http.html#http_http_createserver_options_requestlistener) options.", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-400" - ], + "CweIDs": ["CWE-400"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", @@ -3785,9 +3651,7 @@ "Title": "xmlhttprequest-ssl: SSL certificate validation disabled by default", "Description": "The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnauthorized (when the property exists but is undefined) is considered to be false within the https.request function of Node.js. In other words, no certificate is ever rejected.", "Severity": "CRITICAL", - "CweIDs": [ - "CWE-295" - ], + "CweIDs": ["CWE-295"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", @@ -3826,9 +3690,7 @@ "Title": "nodejs-xmlhttprequest: Code injection through user input to xhr.send", "Description": "This affects the package xmlhttprequest before 1.7.0; all versions of package xmlhttprequest-ssl. Provided requests are sent synchronously (async=False on xhr.open), malicious user input flowing into xhr.send could result in arbitrary code being injected and run.", "Severity": "HIGH", - "CweIDs": [ - "CWE-94" - ], + "CweIDs": ["CWE-94"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", @@ -3868,9 +3730,7 @@ "Title": "nodejs-y18n: prototype pollution vulnerability", "Description": "This affects the package y18n before 3.2.2, 4.0.1 and 5.0.5. PoC by po6ix: const y18n = require('y18n')(); y18n.setLocale('__proto__'); y18n.updateLocale({polluted: true}); console.log(polluted); // true", "Severity": "HIGH", - "CweIDs": [ - "CWE-20" - ], + "CweIDs": ["CWE-20"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", @@ -3912,9 +3772,7 @@ "Title": "nodejs-y18n: prototype pollution vulnerability", "Description": "This affects the package y18n before 3.2.2, 4.0.1 and 5.0.5. PoC by po6ix: const y18n = require('y18n')(); y18n.setLocale('__proto__'); y18n.updateLocale({polluted: true}); console.log(polluted); // true", "Severity": "HIGH", - "CweIDs": [ - "CWE-20" - ], + "CweIDs": ["CWE-20"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", @@ -3956,9 +3814,7 @@ "Title": "nodejs-yargs-parser: prototype pollution vulnerability", "Description": "yargs-parser could be tricked into adding or modifying properties of Object.prototype using a \"__proto__\" payload.", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-20" - ], + "CweIDs": ["CWE-20"], "CVSS": { "nvd": { "V2Vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P", @@ -3996,9 +3852,7 @@ "Title": "nodejs-yargs-parser: prototype pollution vulnerability", "Description": "yargs-parser could be tricked into adding or modifying properties of Object.prototype using a \"__proto__\" payload.", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-20" - ], + "CweIDs": ["CWE-20"], "CVSS": { "nvd": { "V2Vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P", diff --git a/scanners/trivy/parser/__testFiles__/juice-shop-v12.10.2.json b/scanners/trivy/parser/__testFiles__/juice-shop-v12.10.2.json index 63a070a53a..cf3c681f41 100644 --- a/scanners/trivy/parser/__testFiles__/juice-shop-v12.10.2.json +++ b/scanners/trivy/parser/__testFiles__/juice-shop-v12.10.2.json @@ -1,600 +1,582 @@ - { - "SchemaVersion": 2, - "ArtifactName": "bkimminich/juice-shop:v12.10.2", - "ArtifactType": "container_image", - "Metadata": { + "SchemaVersion": 2, + "ArtifactName": "bkimminich/juice-shop:v12.10.2", + "ArtifactType": "container_image", + "Metadata": { "OS": { - "Family": "alpine", - "Name": "3.11.12", - "EOSL": true + "Family": "alpine", + "Name": "3.11.12", + "EOSL": true }, "ImageID": "sha256:be30ca1df4be08840f6ca53885a1d371d35f54eae326161a2a40aa3c535fe703", "DiffIDs": [ - "sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7", - "sha256:f8700d3a252fffe60e30bc672e8a6560f30a3ce8816f2ad396020553fe4d9210", - "sha256:b8f0e895f5208b04d533d013ddec6f12642fdd679ef70bc1497ffe733c97428b", - "sha256:446ec7c50f08cfba388bcebe29f54b2a46a5ddccdabd6b4caac21cbdb7c60b4b", - "sha256:14bfcbbb53f34ede6cd7b031e162c5943a738eb21543ca1fdfdc0cc1ab578c07", - "sha256:96fd22f85d18e17255224d3bf9a75ea7da9985ecad19780e762815410c64a780", - "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1", - "sha256:873323b172036f6876ecc04895b0f8832ccecef9601ae723633fe08b9886ea83" - ], - "RepoTags": [ - "bkimminich/juice-shop:v12.10.2" + "sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7", + "sha256:f8700d3a252fffe60e30bc672e8a6560f30a3ce8816f2ad396020553fe4d9210", + "sha256:b8f0e895f5208b04d533d013ddec6f12642fdd679ef70bc1497ffe733c97428b", + "sha256:446ec7c50f08cfba388bcebe29f54b2a46a5ddccdabd6b4caac21cbdb7c60b4b", + "sha256:14bfcbbb53f34ede6cd7b031e162c5943a738eb21543ca1fdfdc0cc1ab578c07", + "sha256:96fd22f85d18e17255224d3bf9a75ea7da9985ecad19780e762815410c64a780", + "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1", + "sha256:873323b172036f6876ecc04895b0f8832ccecef9601ae723633fe08b9886ea83" ], + "RepoTags": ["bkimminich/juice-shop:v12.10.2"], "RepoDigests": [ - "bkimminich/juice-shop@sha256:33238f8c6291415c499265629b1b82ef791f5a33dff09f25c07264204a26f89b" + "bkimminich/juice-shop@sha256:33238f8c6291415c499265629b1b82ef791f5a33dff09f25c07264204a26f89b" ], "ImageConfig": { - "architecture": "amd64", - "created": "2021-10-12T21:23:22.113753293Z", - "history": [ + "architecture": "amd64", + "created": "2021-10-12T21:23:22.113753293Z", + "history": [ { - "created": "2021-08-31T23:18:31.206789071Z", - "created_by": "/bin/sh -c #(nop) ADD file:9d14b11183983923090d9e6d15cc51ee210466296e913bfefbfd580b3de59c95 in / " + "created": "2021-08-31T23:18:31.206789071Z", + "created_by": "/bin/sh -c #(nop) ADD file:9d14b11183983923090d9e6d15cc51ee210466296e913bfefbfd580b3de59c95 in / " }, { - "created": "2021-08-31T23:18:31.468221118Z", - "created_by": "/bin/sh -c #(nop) CMD [\"/bin/sh\"]", - "empty_layer": true + "created": "2021-08-31T23:18:31.468221118Z", + "created_by": "/bin/sh -c #(nop) CMD [\"/bin/sh\"]", + "empty_layer": true }, { - "created": "2021-08-31T23:43:22.542236428Z", - "created_by": "/bin/sh -c #(nop) ENV NODE_VERSION=12.22.6", - "empty_layer": true + "created": "2021-08-31T23:43:22.542236428Z", + "created_by": "/bin/sh -c #(nop) ENV NODE_VERSION=12.22.6", + "empty_layer": true }, { - "created": "2021-08-31T23:43:28.741308375Z", - "created_by": "/bin/sh -c addgroup -g 1000 node \u0026\u0026 adduser -u 1000 -G node -s /bin/sh -D node \u0026\u0026 apk add --no-cache libstdc++ \u0026\u0026 apk add --no-cache --virtual .build-deps curl \u0026\u0026 ARCH= \u0026\u0026 alpineArch=\"$(apk --print-arch)\" \u0026\u0026 case \"${alpineArch##*-}\" in x86_64) ARCH='x64' CHECKSUM=\"0ce2b97ecbbd84f1a5ed13278ed6845d93c6454d8550730b247a990438dba322\" ;; *) ;; esac \u0026\u0026 if [ -n \"${CHECKSUM}\" ]; then set -eu; curl -fsSLO --compressed \"https://unofficial-builds.nodejs.org/download/release/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz\"; echo \"$CHECKSUM node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz\" | sha256sum -c - \u0026\u0026 tar -xJf \"node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz\" -C /usr/local --strip-components=1 --no-same-owner \u0026\u0026 ln -s /usr/local/bin/node /usr/local/bin/nodejs; else echo \"Building from source\" \u0026\u0026 apk add --no-cache --virtual .build-deps-full binutils-gold g++ gcc gnupg libgcc linux-headers make python2 \u0026\u0026 for key in 4ED778F539E3634C779C87C6D7062848A1AB005C 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 74F12602B6F1C4E913FAA37AD3A89613643B6201 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C DD8F2338BAE7501E3DD5AC78C273792F7D83545D A48C2BEE680E841632CD4E44F07496B3EB3C1762 108F52B48DB57BB0CC439B2997B01419BD92F80A B9E2F5981AA6E0CD28160D9FF13993A75599653C ; do gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys \"$key\" || gpg --batch --keyserver keyserver.ubuntu.com --recv-keys \"$key\" ; done \u0026\u0026 curl -fsSLO --compressed \"https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION.tar.xz\" \u0026\u0026 curl -fsSLO --compressed \"https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc\" \u0026\u0026 gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \u0026\u0026 grep \" node-v$NODE_VERSION.tar.xz\\$\" SHASUMS256.txt | sha256sum -c - \u0026\u0026 tar -xf \"node-v$NODE_VERSION.tar.xz\" \u0026\u0026 cd \"node-v$NODE_VERSION\" \u0026\u0026 ./configure \u0026\u0026 make -j$(getconf _NPROCESSORS_ONLN) V= \u0026\u0026 make install \u0026\u0026 apk del .build-deps-full \u0026\u0026 cd .. \u0026\u0026 rm -Rf \"node-v$NODE_VERSION\" \u0026\u0026 rm \"node-v$NODE_VERSION.tar.xz\" SHASUMS256.txt.asc SHASUMS256.txt; fi \u0026\u0026 rm -f \"node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz\" \u0026\u0026 apk del .build-deps \u0026\u0026 node --version \u0026\u0026 npm --version" + "created": "2021-08-31T23:43:28.741308375Z", + "created_by": "/bin/sh -c addgroup -g 1000 node \u0026\u0026 adduser -u 1000 -G node -s /bin/sh -D node \u0026\u0026 apk add --no-cache libstdc++ \u0026\u0026 apk add --no-cache --virtual .build-deps curl \u0026\u0026 ARCH= \u0026\u0026 alpineArch=\"$(apk --print-arch)\" \u0026\u0026 case \"${alpineArch##*-}\" in x86_64) ARCH='x64' CHECKSUM=\"0ce2b97ecbbd84f1a5ed13278ed6845d93c6454d8550730b247a990438dba322\" ;; *) ;; esac \u0026\u0026 if [ -n \"${CHECKSUM}\" ]; then set -eu; curl -fsSLO --compressed \"https://unofficial-builds.nodejs.org/download/release/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz\"; echo \"$CHECKSUM node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz\" | sha256sum -c - \u0026\u0026 tar -xJf \"node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz\" -C /usr/local --strip-components=1 --no-same-owner \u0026\u0026 ln -s /usr/local/bin/node /usr/local/bin/nodejs; else echo \"Building from source\" \u0026\u0026 apk add --no-cache --virtual .build-deps-full binutils-gold g++ gcc gnupg libgcc linux-headers make python2 \u0026\u0026 for key in 4ED778F539E3634C779C87C6D7062848A1AB005C 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 74F12602B6F1C4E913FAA37AD3A89613643B6201 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C DD8F2338BAE7501E3DD5AC78C273792F7D83545D A48C2BEE680E841632CD4E44F07496B3EB3C1762 108F52B48DB57BB0CC439B2997B01419BD92F80A B9E2F5981AA6E0CD28160D9FF13993A75599653C ; do gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys \"$key\" || gpg --batch --keyserver keyserver.ubuntu.com --recv-keys \"$key\" ; done \u0026\u0026 curl -fsSLO --compressed \"https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION.tar.xz\" \u0026\u0026 curl -fsSLO --compressed \"https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc\" \u0026\u0026 gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \u0026\u0026 grep \" node-v$NODE_VERSION.tar.xz\\$\" SHASUMS256.txt | sha256sum -c - \u0026\u0026 tar -xf \"node-v$NODE_VERSION.tar.xz\" \u0026\u0026 cd \"node-v$NODE_VERSION\" \u0026\u0026 ./configure \u0026\u0026 make -j$(getconf _NPROCESSORS_ONLN) V= \u0026\u0026 make install \u0026\u0026 apk del .build-deps-full \u0026\u0026 cd .. \u0026\u0026 rm -Rf \"node-v$NODE_VERSION\" \u0026\u0026 rm \"node-v$NODE_VERSION.tar.xz\" SHASUMS256.txt.asc SHASUMS256.txt; fi \u0026\u0026 rm -f \"node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz\" \u0026\u0026 apk del .build-deps \u0026\u0026 node --version \u0026\u0026 npm --version" }, { - "created": "2021-08-31T23:43:29.259986126Z", - "created_by": "/bin/sh -c #(nop) ENV YARN_VERSION=1.22.5", - "empty_layer": true + "created": "2021-08-31T23:43:29.259986126Z", + "created_by": "/bin/sh -c #(nop) ENV YARN_VERSION=1.22.5", + "empty_layer": true }, { - "created": "2021-08-31T23:43:33.528239211Z", - "created_by": "/bin/sh -c apk add --no-cache --virtual .build-deps-yarn curl gnupg tar \u0026\u0026 for key in 6A010C5166006599AA17F08146C2130DFD2497F5 ; do gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys \"$key\" || gpg --batch --keyserver keyserver.ubuntu.com --recv-keys \"$key\" ; done \u0026\u0026 curl -fsSLO --compressed \"https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz\" \u0026\u0026 curl -fsSLO --compressed \"https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc\" \u0026\u0026 gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \u0026\u0026 mkdir -p /opt \u0026\u0026 tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ \u0026\u0026 ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn \u0026\u0026 ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg \u0026\u0026 rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \u0026\u0026 apk del .build-deps-yarn \u0026\u0026 yarn --version" + "created": "2021-08-31T23:43:33.528239211Z", + "created_by": "/bin/sh -c apk add --no-cache --virtual .build-deps-yarn curl gnupg tar \u0026\u0026 for key in 6A010C5166006599AA17F08146C2130DFD2497F5 ; do gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys \"$key\" || gpg --batch --keyserver keyserver.ubuntu.com --recv-keys \"$key\" ; done \u0026\u0026 curl -fsSLO --compressed \"https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz\" \u0026\u0026 curl -fsSLO --compressed \"https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc\" \u0026\u0026 gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \u0026\u0026 mkdir -p /opt \u0026\u0026 tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ \u0026\u0026 ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn \u0026\u0026 ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg \u0026\u0026 rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \u0026\u0026 apk del .build-deps-yarn \u0026\u0026 yarn --version" }, { - "created": "2021-08-31T23:43:33.764167946Z", - "created_by": "/bin/sh -c #(nop) COPY file:238737301d47304174e4d24f4def935b29b3069c03c72ae8de97d94624382fce in /usr/local/bin/ " + "created": "2021-08-31T23:43:33.764167946Z", + "created_by": "/bin/sh -c #(nop) COPY file:238737301d47304174e4d24f4def935b29b3069c03c72ae8de97d94624382fce in /usr/local/bin/ " }, { - "created": "2021-08-31T23:43:33.939059836Z", - "created_by": "/bin/sh -c #(nop) ENTRYPOINT [\"docker-entrypoint.sh\"]", - "empty_layer": true + "created": "2021-08-31T23:43:33.939059836Z", + "created_by": "/bin/sh -c #(nop) ENTRYPOINT [\"docker-entrypoint.sh\"]", + "empty_layer": true }, { - "created": "2021-08-31T23:43:34.123121758Z", - "created_by": "/bin/sh -c #(nop) CMD [\"node\"]", - "empty_layer": true + "created": "2021-08-31T23:43:34.123121758Z", + "created_by": "/bin/sh -c #(nop) CMD [\"node\"]", + "empty_layer": true }, { - "created": "2021-10-12T21:09:44.406187677Z", - "created_by": "ARG BUILD_DATE", - "comment": "buildkit.dockerfile.v0", - "empty_layer": true + "created": "2021-10-12T21:09:44.406187677Z", + "created_by": "ARG BUILD_DATE", + "comment": "buildkit.dockerfile.v0", + "empty_layer": true }, { - "created": "2021-10-12T21:09:44.406187677Z", - "created_by": "ARG VCS_REF", - "comment": "buildkit.dockerfile.v0", - "empty_layer": true + "created": "2021-10-12T21:09:44.406187677Z", + "created_by": "ARG VCS_REF", + "comment": "buildkit.dockerfile.v0", + "empty_layer": true }, { - "created": "2021-10-12T21:09:44.406187677Z", - "created_by": "LABEL maintainer=Bjoern Kimminich \u003cbjoern.kimminich@owasp.org\u003e org.opencontainers.image.title=OWASP Juice Shop org.opencontainers.image.description=Probably the most modern and sophisticated insecure web application org.opencontainers.image.authors=Bjoern Kimminich \u003cbjoern.kimminich@owasp.org\u003e org.opencontainers.image.vendor=Open Web Application Security Project org.opencontainers.image.documentation=https://help.owasp-juice.shop org.opencontainers.image.licenses=MIT org.opencontainers.image.version=12.10.2 org.opencontainers.image.url=https://owasp-juice.shop org.opencontainers.image.source=https://github.com/juice-shop/juice-shop org.opencontainers.image.revision=3d8a93e org.opencontainers.image.created=”2021-10-12T21:09:21Z”", - "comment": "buildkit.dockerfile.v0", - "empty_layer": true + "created": "2021-10-12T21:09:44.406187677Z", + "created_by": "LABEL maintainer=Bjoern Kimminich \u003cbjoern.kimminich@owasp.org\u003e org.opencontainers.image.title=OWASP Juice Shop org.opencontainers.image.description=Probably the most modern and sophisticated insecure web application org.opencontainers.image.authors=Bjoern Kimminich \u003cbjoern.kimminich@owasp.org\u003e org.opencontainers.image.vendor=Open Web Application Security Project org.opencontainers.image.documentation=https://help.owasp-juice.shop org.opencontainers.image.licenses=MIT org.opencontainers.image.version=12.10.2 org.opencontainers.image.url=https://owasp-juice.shop org.opencontainers.image.source=https://github.com/juice-shop/juice-shop org.opencontainers.image.revision=3d8a93e org.opencontainers.image.created=”2021-10-12T21:09:21Z”", + "comment": "buildkit.dockerfile.v0", + "empty_layer": true }, { - "created": "2021-10-12T21:09:44.406187677Z", - "created_by": "WORKDIR /juice-shop", - "comment": "buildkit.dockerfile.v0" + "created": "2021-10-12T21:09:44.406187677Z", + "created_by": "WORKDIR /juice-shop", + "comment": "buildkit.dockerfile.v0" }, { - "created": "2021-10-12T21:09:45.159386817Z", - "created_by": "RUN |2 BUILD_DATE=”2021-10-12T21:09:21Z” VCS_REF=3d8a93e /bin/sh -c addgroup --system --gid 1001 juicer \u0026\u0026 adduser juicer --system --uid 1001 --ingroup juicer # buildkit", - "comment": "buildkit.dockerfile.v0" + "created": "2021-10-12T21:09:45.159386817Z", + "created_by": "RUN |2 BUILD_DATE=”2021-10-12T21:09:21Z” VCS_REF=3d8a93e /bin/sh -c addgroup --system --gid 1001 juicer \u0026\u0026 adduser juicer --system --uid 1001 --ingroup juicer # buildkit", + "comment": "buildkit.dockerfile.v0" }, { - "created": "2021-10-12T21:23:20.754238724Z", - "created_by": "COPY /juice-shop . # buildkit", - "comment": "buildkit.dockerfile.v0" + "created": "2021-10-12T21:23:20.754238724Z", + "created_by": "COPY /juice-shop . # buildkit", + "comment": "buildkit.dockerfile.v0" }, { - "created": "2021-10-12T21:23:22.113753293Z", - "created_by": "RUN |2 BUILD_DATE=”2021-10-12T21:09:21Z” VCS_REF=3d8a93e /bin/sh -c mkdir logs \u0026\u0026 chown -R juicer logs \u0026\u0026 chgrp -R 0 ftp/ frontend/dist/ logs/ data/ i18n/ \u0026\u0026 chmod -R g=u ftp/ frontend/dist/ logs/ data/ i18n/ # buildkit", - "comment": "buildkit.dockerfile.v0" + "created": "2021-10-12T21:23:22.113753293Z", + "created_by": "RUN |2 BUILD_DATE=”2021-10-12T21:09:21Z” VCS_REF=3d8a93e /bin/sh -c mkdir logs \u0026\u0026 chown -R juicer logs \u0026\u0026 chgrp -R 0 ftp/ frontend/dist/ logs/ data/ i18n/ \u0026\u0026 chmod -R g=u ftp/ frontend/dist/ logs/ data/ i18n/ # buildkit", + "comment": "buildkit.dockerfile.v0" }, { - "created": "2021-10-12T21:23:22.113753293Z", - "created_by": "USER 1001", - "comment": "buildkit.dockerfile.v0", - "empty_layer": true + "created": "2021-10-12T21:23:22.113753293Z", + "created_by": "USER 1001", + "comment": "buildkit.dockerfile.v0", + "empty_layer": true }, { - "created": "2021-10-12T21:23:22.113753293Z", - "created_by": "EXPOSE map[3000/tcp:{}]", - "comment": "buildkit.dockerfile.v0", - "empty_layer": true + "created": "2021-10-12T21:23:22.113753293Z", + "created_by": "EXPOSE map[3000/tcp:{}]", + "comment": "buildkit.dockerfile.v0", + "empty_layer": true }, { - "created": "2021-10-12T21:23:22.113753293Z", - "created_by": "CMD [\"npm\" \"start\"]", - "comment": "buildkit.dockerfile.v0", - "empty_layer": true + "created": "2021-10-12T21:23:22.113753293Z", + "created_by": "CMD [\"npm\" \"start\"]", + "comment": "buildkit.dockerfile.v0", + "empty_layer": true } - ], - "os": "linux", - "rootfs": { + ], + "os": "linux", + "rootfs": { "type": "layers", "diff_ids": [ - "sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7", - "sha256:f8700d3a252fffe60e30bc672e8a6560f30a3ce8816f2ad396020553fe4d9210", - "sha256:b8f0e895f5208b04d533d013ddec6f12642fdd679ef70bc1497ffe733c97428b", - "sha256:446ec7c50f08cfba388bcebe29f54b2a46a5ddccdabd6b4caac21cbdb7c60b4b", - "sha256:14bfcbbb53f34ede6cd7b031e162c5943a738eb21543ca1fdfdc0cc1ab578c07", - "sha256:96fd22f85d18e17255224d3bf9a75ea7da9985ecad19780e762815410c64a780", - "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1", - "sha256:873323b172036f6876ecc04895b0f8832ccecef9601ae723633fe08b9886ea83" + "sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7", + "sha256:f8700d3a252fffe60e30bc672e8a6560f30a3ce8816f2ad396020553fe4d9210", + "sha256:b8f0e895f5208b04d533d013ddec6f12642fdd679ef70bc1497ffe733c97428b", + "sha256:446ec7c50f08cfba388bcebe29f54b2a46a5ddccdabd6b4caac21cbdb7c60b4b", + "sha256:14bfcbbb53f34ede6cd7b031e162c5943a738eb21543ca1fdfdc0cc1ab578c07", + "sha256:96fd22f85d18e17255224d3bf9a75ea7da9985ecad19780e762815410c64a780", + "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1", + "sha256:873323b172036f6876ecc04895b0f8832ccecef9601ae723633fe08b9886ea83" ] - }, - "config": { - "Cmd": [ - "npm", - "start" - ], - "Entrypoint": [ - "docker-entrypoint.sh" - ], + }, + "config": { + "Cmd": ["npm", "start"], + "Entrypoint": ["docker-entrypoint.sh"], "Env": [ - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", - "NODE_VERSION=12.22.6", - "YARN_VERSION=1.22.5" + "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", + "NODE_VERSION=12.22.6", + "YARN_VERSION=1.22.5" ], "Labels": { - "maintainer": "Bjoern Kimminich \u003cbjoern.kimminich@owasp.org\u003e", - "org.opencontainers.image.authors": "Bjoern Kimminich \u003cbjoern.kimminich@owasp.org\u003e", - "org.opencontainers.image.created": "”2021-10-12T21:09:21Z”", - "org.opencontainers.image.description": "Probably the most modern and sophisticated insecure web application", - "org.opencontainers.image.documentation": "https://help.owasp-juice.shop", - "org.opencontainers.image.licenses": "MIT", - "org.opencontainers.image.revision": "3d8a93e", - "org.opencontainers.image.source": "https://github.com/juice-shop/juice-shop", - "org.opencontainers.image.title": "OWASP Juice Shop", - "org.opencontainers.image.url": "https://owasp-juice.shop", - "org.opencontainers.image.vendor": "Open Web Application Security Project", - "org.opencontainers.image.version": "12.10.2" + "maintainer": "Bjoern Kimminich \u003cbjoern.kimminich@owasp.org\u003e", + "org.opencontainers.image.authors": "Bjoern Kimminich \u003cbjoern.kimminich@owasp.org\u003e", + "org.opencontainers.image.created": "”2021-10-12T21:09:21Z”", + "org.opencontainers.image.description": "Probably the most modern and sophisticated insecure web application", + "org.opencontainers.image.documentation": "https://help.owasp-juice.shop", + "org.opencontainers.image.licenses": "MIT", + "org.opencontainers.image.revision": "3d8a93e", + "org.opencontainers.image.source": "https://github.com/juice-shop/juice-shop", + "org.opencontainers.image.title": "OWASP Juice Shop", + "org.opencontainers.image.url": "https://owasp-juice.shop", + "org.opencontainers.image.vendor": "Open Web Application Security Project", + "org.opencontainers.image.version": "12.10.2" }, "User": "1001", "WorkingDir": "/juice-shop", "ExposedPorts": { - "3000/tcp": {} + "3000/tcp": {} }, "ArgsEscaped": true - } + } } - }, - "Results": [ + }, + "Results": [ { - "Target": "bkimminich/juice-shop:v12.10.2 (alpine 3.11.12)", - "Class": "os-pkgs", - "Type": "alpine" + "Target": "bkimminich/juice-shop:v12.10.2 (alpine 3.11.12)", + "Class": "os-pkgs", + "Type": "alpine" }, { - "Target": "Node.js", - "Class": "lang-pkgs", - "Type": "node-pkg", - "Vulnerabilities": [ + "Target": "Node.js", + "Class": "lang-pkgs", + "Type": "node-pkg", + "Vulnerabilities": [ { - "VulnerabilityID": "CVE-2021-3807", - "PkgName": "ansi-regex", - "PkgPath": "usr/local/lib/node_modules/npm/node_modules/string-width/node_modules/ansi-regex/package.json", - "InstalledVersion": "3.0.0", - "FixedVersion": "5.0.1, 6.0.1", - "Layer": { + "VulnerabilityID": "CVE-2021-3807", + "PkgName": "ansi-regex", + "PkgPath": "usr/local/lib/node_modules/npm/node_modules/string-width/node_modules/ansi-regex/package.json", + "InstalledVersion": "3.0.0", + "FixedVersion": "5.0.1, 6.0.1", + "Layer": { "Digest": "sha256:d0fe2b74aff960282c3c01d80bbbb5b45a12e84f7e2ad3b65daac8f42351d5a6", "DiffID": "sha256:f8700d3a252fffe60e30bc672e8a6560f30a3ce8816f2ad396020553fe4d9210" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-3807", - "Title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes", - "Description": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity", - "Severity": "HIGH", - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-3807", + "Title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes", + "Description": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity", + "Severity": "HIGH", + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C", - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "V2Score": 7.8, - "V3Score": 7.5 + "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C", + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "V2Score": 7.8, + "V3Score": 7.5 }, "redhat": { - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "V3Score": 7.5 + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "V3Score": 7.5 } - }, - "References": [ + }, + "References": [ "https://github.com/advisories/GHSA-93q8-gq69-wqmw", "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9", "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994", "https://nvd.nist.gov/vuln/detail/CVE-2021-3807" - ], - "PublishedDate": "2021-09-17T07:15:00Z", - "LastModifiedDate": "2021-10-19T13:11:00Z" + ], + "PublishedDate": "2021-09-17T07:15:00Z", + "LastModifiedDate": "2021-10-19T13:11:00Z" }, { - "VulnerabilityID": "CVE-2021-3807", - "PkgName": "ansi-regex", - "PkgPath": "usr/local/lib/node_modules/npm/node_modules/yargs/node_modules/ansi-regex/package.json", - "InstalledVersion": "4.1.0", - "FixedVersion": "5.0.1, 6.0.1", - "Layer": { + "VulnerabilityID": "CVE-2021-3807", + "PkgName": "ansi-regex", + "PkgPath": "usr/local/lib/node_modules/npm/node_modules/yargs/node_modules/ansi-regex/package.json", + "InstalledVersion": "4.1.0", + "FixedVersion": "5.0.1, 6.0.1", + "Layer": { "Digest": "sha256:d0fe2b74aff960282c3c01d80bbbb5b45a12e84f7e2ad3b65daac8f42351d5a6", "DiffID": "sha256:f8700d3a252fffe60e30bc672e8a6560f30a3ce8816f2ad396020553fe4d9210" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-3807", - "Title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes", - "Description": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity", - "Severity": "HIGH", - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-3807", + "Title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes", + "Description": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity", + "Severity": "HIGH", + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C", - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "V2Score": 7.8, - "V3Score": 7.5 + "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C", + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "V2Score": 7.8, + "V3Score": 7.5 }, "redhat": { - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "V3Score": 7.5 + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "V3Score": 7.5 } - }, - "References": [ + }, + "References": [ "https://github.com/advisories/GHSA-93q8-gq69-wqmw", "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9", "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994", "https://nvd.nist.gov/vuln/detail/CVE-2021-3807" - ], - "PublishedDate": "2021-09-17T07:15:00Z", - "LastModifiedDate": "2021-10-19T13:11:00Z" + ], + "PublishedDate": "2021-09-17T07:15:00Z", + "LastModifiedDate": "2021-10-19T13:11:00Z" }, { - "VulnerabilityID": "NSWG-ECO-428", - "PkgName": "base64url", - "PkgPath": "juice-shop/node_modules/base64url/package.json", - "InstalledVersion": "0.0.6", - "FixedVersion": "\u003e=3.0.0", - "Layer": { + "VulnerabilityID": "NSWG-ECO-428", + "PkgName": "base64url", + "PkgPath": "juice-shop/node_modules/base64url/package.json", + "InstalledVersion": "0.0.6", + "FixedVersion": "\u003e=3.0.0", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "Title": "Out-of-bounds Read", - "Description": "`base64url` allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below", - "Severity": "HIGH", - "References": [ + }, + "Title": "Out-of-bounds Read", + "Description": "`base64url` allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below", + "Severity": "HIGH", + "References": [ "https://github.com/brianloveswords/base64url/pull/25", "https://hackerone.com/reports/321687" - ] + ] }, { - "VulnerabilityID": "GHSA-rvg8-pwq2-xj7q", - "PkgName": "base64url", - "PkgPath": "juice-shop/node_modules/base64url/package.json", - "InstalledVersion": "0.0.6", - "FixedVersion": "3.0.0", - "Layer": { + "VulnerabilityID": "GHSA-rvg8-pwq2-xj7q", + "PkgName": "base64url", + "PkgPath": "juice-shop/node_modules/base64url/package.json", + "InstalledVersion": "0.0.6", + "FixedVersion": "3.0.0", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "PrimaryURL": "https://github.com/advisories/GHSA-rvg8-pwq2-xj7q", - "Title": "Out-of-bounds Read in base64url", - "Description": "Versions of `base64url` before 3.0.0 are vulnerable to to out-of-bounds reads as it allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below.\n\n\n## Recommendation\n\nUpdate to version 3.0.0 or later.", - "Severity": "MEDIUM", - "References": [ + }, + "PrimaryURL": "https://github.com/advisories/GHSA-rvg8-pwq2-xj7q", + "Title": "Out-of-bounds Read in base64url", + "Description": "Versions of `base64url` before 3.0.0 are vulnerable to to out-of-bounds reads as it allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below.\n\n\n## Recommendation\n\nUpdate to version 3.0.0 or later.", + "Severity": "MEDIUM", + "References": [ "https://github.com/advisories/GHSA-rvg8-pwq2-xj7q", "https://github.com/brianloveswords/base64url/pull/25" - ] + ] }, { - "VulnerabilityID": "GHSA-h6ch-v84p-w6p9", - "PkgName": "diff", - "PkgPath": "juice-shop/node_modules/clarinet/benchmark/node_modules/diff/package.json", - "InstalledVersion": "1.0.2", - "FixedVersion": "3.5.0", - "Layer": { + "VulnerabilityID": "GHSA-h6ch-v84p-w6p9", + "PkgName": "diff", + "PkgPath": "juice-shop/node_modules/clarinet/benchmark/node_modules/diff/package.json", + "InstalledVersion": "1.0.2", + "FixedVersion": "3.5.0", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "PrimaryURL": "https://github.com/advisories/GHSA-h6ch-v84p-w6p9", - "Title": "Regular Expression Denial of Service (ReDoS)", - "Description": "A vulnerability was found in diff before v3.5.0, the affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) attacks.", - "Severity": "HIGH", - "References": [ + }, + "PrimaryURL": "https://github.com/advisories/GHSA-h6ch-v84p-w6p9", + "Title": "Regular Expression Denial of Service (ReDoS)", + "Description": "A vulnerability was found in diff before v3.5.0, the affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) attacks.", + "Severity": "HIGH", + "References": [ "https://github.com/advisories/GHSA-h6ch-v84p-w6p9", "https://github.com/kpdecker/jsdiff/commit/2aec4298639bf30fb88a00b356bf404d3551b8c0" - ] + ] }, { - "VulnerabilityID": "CVE-2020-15084", - "PkgName": "express-jwt", - "PkgPath": "juice-shop/node_modules/express-jwt/package.json", - "InstalledVersion": "0.1.3", - "FixedVersion": "6.0.0", - "Layer": { + "VulnerabilityID": "CVE-2020-15084", + "PkgName": "express-jwt", + "PkgPath": "juice-shop/node_modules/express-jwt/package.json", + "InstalledVersion": "0.1.3", + "FixedVersion": "6.0.0", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2020-15084", - "Title": "Authorization bypass in express-jwt", - "Description": "In express-jwt (NPM package) up and including version 5.3.3, the algorithms entry to be specified in the configuration is not being enforced. When algorithms is not specified in the configuration, with the combination of jwks-rsa, it may lead to authorization bypass. You are affected by this vulnerability if all of the following conditions apply: - You are using express-jwt - You do not have **algorithms** configured in your express-jwt configuration. - You are using libraries such as jwks-rsa as the **secret**. You can fix this by specifying **algorithms** in the express-jwt configuration. See linked GHSA for example. This is also fixed in version 6.0.0.", - "Severity": "CRITICAL", - "CweIDs": [ - "CWE-285" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2020-15084", + "Title": "Authorization bypass in express-jwt", + "Description": "In express-jwt (NPM package) up and including version 5.3.3, the algorithms entry to be specified in the configuration is not being enforced. When algorithms is not specified in the configuration, with the combination of jwks-rsa, it may lead to authorization bypass. You are affected by this vulnerability if all of the following conditions apply: - You are using express-jwt - You do not have **algorithms** configured in your express-jwt configuration. - You are using libraries such as jwks-rsa as the **secret**. You can fix this by specifying **algorithms** in the express-jwt configuration. See linked GHSA for example. This is also fixed in version 6.0.0.", + "Severity": "CRITICAL", + "CweIDs": ["CWE-285"], + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", - "V2Score": 4.3, - "V3Score": 9.1 + "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "V2Score": 4.3, + "V3Score": 9.1 } - }, - "References": [ + }, + "References": [ "https://github.com/advisories/GHSA-6g6m-m6h5-w9gf", "https://github.com/auth0/express-jwt/commit/7ecab5f8f0cab5297c2b863596566eb0c019cdef", "https://github.com/auth0/express-jwt/security/advisories/GHSA-6g6m-m6h5-w9gf", "https://nvd.nist.gov/vuln/detail/CVE-2020-15084" - ], - "PublishedDate": "2020-06-30T16:15:00Z", - "LastModifiedDate": "2020-07-08T16:29:00Z" + ], + "PublishedDate": "2020-06-30T16:15:00Z", + "LastModifiedDate": "2020-07-08T16:29:00Z" }, { - "VulnerabilityID": "CVE-2017-16042", - "PkgName": "growl", - "PkgPath": "juice-shop/node_modules/clarinet/benchmark/node_modules/growl/package.json", - "InstalledVersion": "1.5.1", - "FixedVersion": "1.10.0", - "Layer": { + "VulnerabilityID": "CVE-2017-16042", + "PkgName": "growl", + "PkgPath": "juice-shop/node_modules/clarinet/benchmark/node_modules/growl/package.json", + "InstalledVersion": "1.5.1", + "FixedVersion": "1.10.0", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2017-16042", - "Title": "nodejs-growl: Does not properly sanitize input before passing it to exec", - "Description": "Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution.", - "Severity": "CRITICAL", - "CweIDs": [ - "CWE-78" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2017-16042", + "Title": "nodejs-growl: Does not properly sanitize input before passing it to exec", + "Description": "Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution.", + "Severity": "CRITICAL", + "CweIDs": ["CWE-78"], + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", - "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "V2Score": 7.5, - "V3Score": 9.8 + "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "V2Score": 7.5, + "V3Score": 9.8 }, "redhat": { - "V3Vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", - "V3Score": 8.1 + "V3Vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "V3Score": 8.1 } - }, - "References": [ + }, + "References": [ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16042", "https://github.com/advisories/GHSA-qh2h-chj9-jffq", "https://github.com/tj/node-growl/issues/60", "https://github.com/tj/node-growl/pull/61", "https://nodesecurity.io/advisories/146", "https://nvd.nist.gov/vuln/detail/CVE-2017-16042" - ], - "PublishedDate": "2018-06-04T19:29:00Z", - "LastModifiedDate": "2019-10-09T23:24:00Z" + ], + "PublishedDate": "2018-06-04T19:29:00Z", + "LastModifiedDate": "2019-10-09T23:24:00Z" }, { - "VulnerabilityID": "CVE-2021-32822", - "PkgName": "hbs", - "PkgPath": "juice-shop/node_modules/hbs/package.json", - "InstalledVersion": "4.1.2", - "Layer": { + "VulnerabilityID": "CVE-2021-32822", + "PkgName": "hbs", + "PkgPath": "juice-shop/node_modules/hbs/package.json", + "InstalledVersion": "4.1.2", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-32822", - "Title": "Insertion of Sensitive Information into Externally-Accessible File or Directory and Exposure of Sensitive Information to an Unauthorized Actor in hbs", - "Description": "The npm hbs package is an Express view engine wrapper for Handlebars. Depending on usage, users of hbs may be vulnerable to a file disclosure vulnerability. There is currently no patch for this vulnerability. hbs mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options a file disclosure vulnerability may be triggered in downstream applications. For an example PoC see the referenced GHSL-2021-020.", - "Severity": "MEDIUM", - "CweIDs": [ - "CWE-200" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-32822", + "Title": "Insertion of Sensitive Information into Externally-Accessible File or Directory and Exposure of Sensitive Information to an Unauthorized Actor in hbs", + "Description": "The npm hbs package is an Express view engine wrapper for Handlebars. Depending on usage, users of hbs may be vulnerable to a file disclosure vulnerability. There is currently no patch for this vulnerability. hbs mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options a file disclosure vulnerability may be triggered in downstream applications. For an example PoC see the referenced GHSL-2021-020.", + "Severity": "MEDIUM", + "CweIDs": ["CWE-200"], + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N", - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", - "V2Score": 5, - "V3Score": 5.3 + "V2Vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N", + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "V2Score": 5, + "V3Score": 5.3 } - }, - "References": [ + }, + "References": [ "https://github.com/advisories/GHSA-7f5c-rpf4-86p8", "https://nvd.nist.gov/vuln/detail/CVE-2021-32822", "https://securitylab.github.com/advisories/GHSL-2021-020-pillarjs-hbs/" - ], - "PublishedDate": "2021-08-16T19:15:00Z", - "LastModifiedDate": "2021-08-24T15:55:00Z" + ], + "PublishedDate": "2021-08-16T19:15:00Z", + "LastModifiedDate": "2021-08-24T15:55:00Z" }, { - "VulnerabilityID": "CVE-2015-9235", - "PkgName": "jsonwebtoken", - "PkgPath": "juice-shop/node_modules/express-jwt/node_modules/jsonwebtoken/package.json", - "InstalledVersion": "0.1.0", - "FixedVersion": "4.2.2", - "Layer": { + "VulnerabilityID": "CVE-2015-9235", + "PkgName": "jsonwebtoken", + "PkgPath": "juice-shop/node_modules/express-jwt/node_modules/jsonwebtoken/package.json", + "InstalledVersion": "0.1.0", + "FixedVersion": "4.2.2", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2015-9235", - "Title": "nodejs-jsonwebtoken: verification step bypass with an altered token", - "Description": "In jsonwebtoken node module before 4.2.2 it is possible for an attacker to bypass verification when a token digitally signed with an asymmetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family).", - "Severity": "CRITICAL", - "CweIDs": [ - "CWE-327" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2015-9235", + "Title": "nodejs-jsonwebtoken: verification step bypass with an altered token", + "Description": "In jsonwebtoken node module before 4.2.2 it is possible for an attacker to bypass verification when a token digitally signed with an asymmetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family).", + "Severity": "CRITICAL", + "CweIDs": ["CWE-327"], + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", - "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "V2Score": 7.5, - "V3Score": 9.8 + "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "V2Score": 7.5, + "V3Score": 9.8 }, "redhat": { - "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", - "V3Score": 7.3 + "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "V3Score": 7.3 } - }, - "References": [ + }, + "References": [ "https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/", "https://github.com/advisories/GHSA-c7hr-j4mj-j2w6", "https://github.com/auth0/node-jsonwebtoken/commit/1bb584bc382295eeb7ee8c4452a673a77a68b687", "https://nodesecurity.io/advisories/17", "https://nvd.nist.gov/vuln/detail/CVE-2015-9235", "https://www.timmclean.net/2015/02/25/jwt-alg-none.html" - ], - "PublishedDate": "2018-05-29T20:29:00Z", - "LastModifiedDate": "2019-10-09T23:15:00Z" + ], + "PublishedDate": "2018-05-29T20:29:00Z", + "LastModifiedDate": "2019-10-09T23:15:00Z" }, { - "VulnerabilityID": "NSWG-ECO-17", - "PkgName": "jsonwebtoken", - "PkgPath": "juice-shop/node_modules/express-jwt/node_modules/jsonwebtoken/package.json", - "InstalledVersion": "0.1.0", - "FixedVersion": "\u003e=4.2.2", - "Layer": { + "VulnerabilityID": "NSWG-ECO-17", + "PkgName": "jsonwebtoken", + "PkgPath": "juice-shop/node_modules/express-jwt/node_modules/jsonwebtoken/package.json", + "InstalledVersion": "0.1.0", + "FixedVersion": "\u003e=4.2.2", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "Title": "Verification Bypass", - "Description": "It is possible for an attacker to bypass verification when \"a token digitally signed with an asymetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family)\" [1]", - "Severity": "HIGH", - "References": [ + }, + "Title": "Verification Bypass", + "Description": "It is possible for an attacker to bypass verification when \"a token digitally signed with an asymetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family)\" [1]", + "Severity": "HIGH", + "References": [ "https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/", "https://github.com/auth0/node-jsonwebtoken/commit/1bb584bc382295eeb7ee8c4452a673a77a68b687", "https://www.timmclean.net/2015/02/25/jwt-alg-none.html" - ] + ] }, { - "VulnerabilityID": "CVE-2015-9235", - "PkgName": "jsonwebtoken", - "PkgPath": "juice-shop/node_modules/jsonwebtoken/package.json", - "InstalledVersion": "0.4.0", - "FixedVersion": "4.2.2", - "Layer": { + "VulnerabilityID": "CVE-2015-9235", + "PkgName": "jsonwebtoken", + "PkgPath": "juice-shop/node_modules/jsonwebtoken/package.json", + "InstalledVersion": "0.4.0", + "FixedVersion": "4.2.2", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2015-9235", - "Title": "nodejs-jsonwebtoken: verification step bypass with an altered token", - "Description": "In jsonwebtoken node module before 4.2.2 it is possible for an attacker to bypass verification when a token digitally signed with an asymmetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family).", - "Severity": "CRITICAL", - "CweIDs": [ - "CWE-327" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2015-9235", + "Title": "nodejs-jsonwebtoken: verification step bypass with an altered token", + "Description": "In jsonwebtoken node module before 4.2.2 it is possible for an attacker to bypass verification when a token digitally signed with an asymmetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family).", + "Severity": "CRITICAL", + "CweIDs": ["CWE-327"], + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", - "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "V2Score": 7.5, - "V3Score": 9.8 + "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "V2Score": 7.5, + "V3Score": 9.8 }, "redhat": { - "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", - "V3Score": 7.3 + "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "V3Score": 7.3 } - }, - "References": [ + }, + "References": [ "https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/", "https://github.com/advisories/GHSA-c7hr-j4mj-j2w6", "https://github.com/auth0/node-jsonwebtoken/commit/1bb584bc382295eeb7ee8c4452a673a77a68b687", "https://nodesecurity.io/advisories/17", "https://nvd.nist.gov/vuln/detail/CVE-2015-9235", "https://www.timmclean.net/2015/02/25/jwt-alg-none.html" - ], - "PublishedDate": "2018-05-29T20:29:00Z", - "LastModifiedDate": "2019-10-09T23:15:00Z" + ], + "PublishedDate": "2018-05-29T20:29:00Z", + "LastModifiedDate": "2019-10-09T23:15:00Z" }, { - "VulnerabilityID": "NSWG-ECO-17", - "PkgName": "jsonwebtoken", - "PkgPath": "juice-shop/node_modules/jsonwebtoken/package.json", - "InstalledVersion": "0.4.0", - "FixedVersion": "\u003e=4.2.2", - "Layer": { + "VulnerabilityID": "NSWG-ECO-17", + "PkgName": "jsonwebtoken", + "PkgPath": "juice-shop/node_modules/jsonwebtoken/package.json", + "InstalledVersion": "0.4.0", + "FixedVersion": "\u003e=4.2.2", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "Title": "Verification Bypass", - "Description": "It is possible for an attacker to bypass verification when \"a token digitally signed with an asymetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family)\" [1]", - "Severity": "HIGH", - "References": [ + }, + "Title": "Verification Bypass", + "Description": "It is possible for an attacker to bypass verification when \"a token digitally signed with an asymetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family)\" [1]", + "Severity": "HIGH", + "References": [ "https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/", "https://github.com/auth0/node-jsonwebtoken/commit/1bb584bc382295eeb7ee8c4452a673a77a68b687", "https://www.timmclean.net/2015/02/25/jwt-alg-none.html" - ] + ] }, { - "VulnerabilityID": "CVE-2016-1000223", - "PkgName": "jws", - "PkgPath": "juice-shop/node_modules/jws/package.json", - "InstalledVersion": "0.2.6", - "FixedVersion": "3.0.0", - "Layer": { + "VulnerabilityID": "CVE-2016-1000223", + "PkgName": "jws", + "PkgPath": "juice-shop/node_modules/jws/package.json", + "InstalledVersion": "0.2.6", + "FixedVersion": "3.0.0", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2016-1000223", - "Title": "Forgeable Public/Private Tokens", - "Description": "Since \"algorithm\" isn't enforced in `jws.verify()`, a malicious user could choose what algorithm is sent to the server. If the server is expecting RSA but is sent HMAC-SHA with RSA's public key, the server will think the public key is actually an HMAC private key. This could be used to forge any data an attacker wants.\n\nIn addition, there is the `none` algorithm to be concerned about. In versions prior to 3.0.0, verification of the token could be bypassed when the `alg` field is set to `none`.\n\n*Edit ( 7/29/16 ): A previous version of this advisory incorrectly stated that the vulnerability was patched in version 2.0.0 instead of 3.0.0. The advisory has been updated to reflect this new information. Thanks to Fabien Catteau for reporting the error.*", - "Severity": "HIGH", - "References": [ + }, + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2016-1000223", + "Title": "Forgeable Public/Private Tokens", + "Description": "Since \"algorithm\" isn't enforced in `jws.verify()`, a malicious user could choose what algorithm is sent to the server. If the server is expecting RSA but is sent HMAC-SHA with RSA's public key, the server will think the public key is actually an HMAC private key. This could be used to forge any data an attacker wants.\n\nIn addition, there is the `none` algorithm to be concerned about. In versions prior to 3.0.0, verification of the token could be bypassed when the `alg` field is set to `none`.\n\n*Edit ( 7/29/16 ): A previous version of this advisory incorrectly stated that the vulnerability was patched in version 2.0.0 instead of 3.0.0. The advisory has been updated to reflect this new information. Thanks to Fabien Catteau for reporting the error.*", + "Severity": "HIGH", + "References": [ "https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/", "https://github.com/advisories/GHSA-gjcw-v447-2w7q", "https://github.com/brianloveswords/node-jws/commit/585d0e1e97b6747c10cf5b7689ccc5618a89b299#diff-4ac32a78649ca5bdd8e0ba38b7006a1e", "https://nvd.nist.gov/vuln/detail/CVE-2016-1000223" - ] + ] }, { - "VulnerabilityID": "CVE-2019-10744", - "PkgName": "lodash", - "PkgPath": "juice-shop/node_modules/sanitize-html/node_modules/lodash/package.json", - "InstalledVersion": "2.4.2", - "FixedVersion": "4.17.12", - "Layer": { + "VulnerabilityID": "CVE-2019-10744", + "PkgName": "lodash", + "PkgPath": "juice-shop/node_modules/sanitize-html/node_modules/lodash/package.json", + "InstalledVersion": "2.4.2", + "FixedVersion": "4.17.12", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-10744", - "Title": "nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties", - "Description": "Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.", - "Severity": "CRITICAL", - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-10744", + "Title": "nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties", + "Description": "Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.", + "Severity": "CRITICAL", + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P", - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", - "V2Score": 6.4, - "V3Score": 9.1 + "V2Vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P", + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", + "V2Score": 6.4, + "V3Score": 9.1 }, "redhat": { - "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", - "V3Score": 9.1 + "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", + "V3Score": 9.1 } - }, - "References": [ + }, + "References": [ "https://access.redhat.com/errata/RHSA-2019:3024", "https://github.com/advisories/GHSA-jf85-cpcp-j695", "https://nvd.nist.gov/vuln/detail/CVE-2019-10744", @@ -603,41 +585,39 @@ "https://support.f5.com/csp/article/K47105354?utm_source=f5support\u0026amp;utm_medium=RSS", "https://www.oracle.com/security-alerts/cpujan2021.html", "https://www.oracle.com/security-alerts/cpuoct2020.html" - ], - "PublishedDate": "2019-07-26T00:15:00Z", - "LastModifiedDate": "2021-03-16T13:57:00Z" + ], + "PublishedDate": "2019-07-26T00:15:00Z", + "LastModifiedDate": "2021-03-16T13:57:00Z" }, { - "VulnerabilityID": "CVE-2020-8203", - "PkgName": "lodash", - "PkgPath": "juice-shop/node_modules/sanitize-html/node_modules/lodash/package.json", - "InstalledVersion": "2.4.2", - "FixedVersion": "4.17.19", - "Layer": { + "VulnerabilityID": "CVE-2020-8203", + "PkgName": "lodash", + "PkgPath": "juice-shop/node_modules/sanitize-html/node_modules/lodash/package.json", + "InstalledVersion": "2.4.2", + "FixedVersion": "4.17.19", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2020-8203", - "Title": "nodejs-lodash: prototype pollution in zipObjectDeep function", - "Description": "Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.", - "Severity": "HIGH", - "CweIDs": [ - "CWE-770" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2020-8203", + "Title": "nodejs-lodash: prototype pollution in zipObjectDeep function", + "Description": "Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.", + "Severity": "HIGH", + "CweIDs": ["CWE-770"], + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P", - "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", - "V2Score": 5.8, - "V3Score": 7.4 + "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P", + "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", + "V2Score": 5.8, + "V3Score": 7.4 }, "redhat": { - "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", - "V3Score": 7.4 + "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", + "V3Score": 7.4 } - }, - "References": [ + }, + "References": [ "https://github.com/advisories/GHSA-p6mc-m468-83gw", "https://github.com/lodash/lodash/issues/4874", "https://hackerone.com/reports/712065", @@ -647,41 +627,39 @@ "https://www.oracle.com//security-alerts/cpujul2021.html", "https://www.oracle.com/security-alerts/cpuApr2021.html", "https://www.oracle.com/security-alerts/cpuoct2021.html" - ], - "PublishedDate": "2020-07-15T17:15:00Z", - "LastModifiedDate": "2021-10-20T11:15:00Z" + ], + "PublishedDate": "2020-07-15T17:15:00Z", + "LastModifiedDate": "2021-10-20T11:15:00Z" }, { - "VulnerabilityID": "CVE-2021-23337", - "PkgName": "lodash", - "PkgPath": "juice-shop/node_modules/sanitize-html/node_modules/lodash/package.json", - "InstalledVersion": "2.4.2", - "FixedVersion": "4.17.21", - "Layer": { + "VulnerabilityID": "CVE-2021-23337", + "PkgName": "lodash", + "PkgPath": "juice-shop/node_modules/sanitize-html/node_modules/lodash/package.json", + "InstalledVersion": "2.4.2", + "FixedVersion": "4.17.21", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-23337", - "Title": "nodejs-lodash: command injection via template", - "Description": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.", - "Severity": "HIGH", - "CweIDs": [ - "CWE-77" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-23337", + "Title": "nodejs-lodash: command injection via template", + "Description": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.", + "Severity": "HIGH", + "CweIDs": ["CWE-77"], + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", - "V2Score": 6.5, - "V3Score": 7.2 + "V2Vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "V2Score": 6.5, + "V3Score": 7.2 }, "redhat": { - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", - "V3Score": 7.2 + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "V3Score": 7.2 } - }, - "References": [ + }, + "References": [ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337", "https://github.com/advisories/GHSA-35jh-r3h4-6jhm", "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851", @@ -695,75 +673,75 @@ "https://snyk.io/vuln/SNYK-JS-LODASH-1040724", "https://www.oracle.com//security-alerts/cpujul2021.html", "https://www.oracle.com/security-alerts/cpuoct2021.html" - ], - "PublishedDate": "2021-02-15T13:15:00Z", - "LastModifiedDate": "2021-10-20T11:16:00Z" + ], + "PublishedDate": "2021-02-15T13:15:00Z", + "LastModifiedDate": "2021-10-20T11:16:00Z" }, { - "VulnerabilityID": "CVE-2018-16487", - "PkgName": "lodash", - "PkgPath": "juice-shop/node_modules/sanitize-html/node_modules/lodash/package.json", - "InstalledVersion": "2.4.2", - "FixedVersion": "4.17.11", - "Layer": { + "VulnerabilityID": "CVE-2018-16487", + "PkgName": "lodash", + "PkgPath": "juice-shop/node_modules/sanitize-html/node_modules/lodash/package.json", + "InstalledVersion": "2.4.2", + "FixedVersion": "4.17.11", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2018-16487", - "Title": "lodash: Prototype pollution in utilities function", - "Description": "A prototype pollution vulnerability was found in lodash \u003c4.17.11 where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype.", - "Severity": "MEDIUM", - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2018-16487", + "Title": "lodash: Prototype pollution in utilities function", + "Description": "A prototype pollution vulnerability was found in lodash \u003c4.17.11 where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype.", + "Severity": "MEDIUM", + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", - "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", - "V2Score": 6.8, - "V3Score": 5.6 + "V2Vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", + "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", + "V2Score": 6.8, + "V3Score": 5.6 }, "redhat": { - "V3Vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", - "V3Score": 5.6 + "V3Vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", + "V3Score": 5.6 } - }, - "References": [ + }, + "References": [ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16487", "https://github.com/advisories/GHSA-4xc9-xhrj-v574", "https://hackerone.com/reports/380873", "https://nvd.nist.gov/vuln/detail/CVE-2018-16487", "https://security.netapp.com/advisory/ntap-20190919-0004/" - ], - "PublishedDate": "2019-02-01T18:29:00Z", - "LastModifiedDate": "2020-09-18T16:38:00Z" + ], + "PublishedDate": "2019-02-01T18:29:00Z", + "LastModifiedDate": "2020-09-18T16:38:00Z" }, { - "VulnerabilityID": "CVE-2018-3721", - "PkgName": "lodash", - "PkgPath": "juice-shop/node_modules/sanitize-html/node_modules/lodash/package.json", - "InstalledVersion": "2.4.2", - "FixedVersion": "4.17.5", - "Layer": { + "VulnerabilityID": "CVE-2018-3721", + "PkgName": "lodash", + "PkgPath": "juice-shop/node_modules/sanitize-html/node_modules/lodash/package.json", + "InstalledVersion": "2.4.2", + "FixedVersion": "4.17.5", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2018-3721", - "Title": "lodash: Prototype pollution in utilities function", - "Description": "lodash node module before 4.17.5 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via defaultsDeep, merge, and mergeWith functions, which allows a malicious user to modify the prototype of \"Object\" via __proto__, causing the addition or modification of an existing property that will exist on all objects.", - "Severity": "MEDIUM", - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2018-3721", + "Title": "lodash: Prototype pollution in utilities function", + "Description": "lodash node module before 4.17.5 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via defaultsDeep, merge, and mergeWith functions, which allows a malicious user to modify the prototype of \"Object\" via __proto__, causing the addition or modification of an existing property that will exist on all objects.", + "Severity": "MEDIUM", + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N", - "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", - "V2Score": 4, - "V3Score": 6.5 + "V2Vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "V2Score": 4, + "V3Score": 6.5 }, "redhat": { - "V3Vector": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", - "V3Score": 2.9 + "V3Vector": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", + "V3Score": 2.9 } - }, - "References": [ + }, + "References": [ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3721", "https://github.com/advisories/GHSA-fvqr-27wr-82fm", "https://github.com/lodash/lodash/commit/d8e069cc3410082e44eb18fcf8e7f3d08ebe1d4a", @@ -772,41 +750,39 @@ "https://security.netapp.com/advisory/ntap-20190919-0004/", "https://snyk.io/vuln/npm:lodash:20180130", "https://www.npmjs.com/advisories/577" - ], - "PublishedDate": "2018-06-07T02:29:00Z", - "LastModifiedDate": "2019-10-03T00:03:00Z" + ], + "PublishedDate": "2018-06-07T02:29:00Z", + "LastModifiedDate": "2019-10-03T00:03:00Z" }, { - "VulnerabilityID": "CVE-2019-1010266", - "PkgName": "lodash", - "PkgPath": "juice-shop/node_modules/sanitize-html/node_modules/lodash/package.json", - "InstalledVersion": "2.4.2", - "FixedVersion": "4.17.11", - "Layer": { + "VulnerabilityID": "CVE-2019-1010266", + "PkgName": "lodash", + "PkgPath": "juice-shop/node_modules/sanitize-html/node_modules/lodash/package.json", + "InstalledVersion": "2.4.2", + "FixedVersion": "4.17.11", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1010266", - "Title": "lodash: uncontrolled resource consumption in Data handler causing denial of service", - "Description": "lodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The fixed version is: 4.17.11.", - "Severity": "MEDIUM", - "CweIDs": [ - "CWE-770" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1010266", + "Title": "lodash: uncontrolled resource consumption in Data handler causing denial of service", + "Description": "lodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The fixed version is: 4.17.11.", + "Severity": "MEDIUM", + "CweIDs": ["CWE-770"], + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P", - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "V2Score": 4, - "V3Score": 6.5 + "V2Vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P", + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "V2Score": 4, + "V3Score": 6.5 }, "redhat": { - "V3Vector": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", - "V3Score": 4.4 + "V3Vector": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", + "V3Score": 4.4 } - }, - "References": [ + }, + "References": [ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010266", "https://github.com/advisories/GHSA-x5rq-j2xg-h7qm", "https://github.com/lodash/lodash/issues/3359", @@ -814,38 +790,38 @@ "https://nvd.nist.gov/vuln/detail/CVE-2019-1010266", "https://security.netapp.com/advisory/ntap-20190919-0004/", "https://snyk.io/vuln/SNYK-JS-LODASH-73639" - ], - "PublishedDate": "2019-07-17T21:15:00Z", - "LastModifiedDate": "2020-09-30T13:40:00Z" + ], + "PublishedDate": "2019-07-17T21:15:00Z", + "LastModifiedDate": "2020-09-30T13:40:00Z" }, { - "VulnerabilityID": "CVE-2019-10744", - "PkgName": "lodash", - "PkgPath": "juice-shop/node_modules/clarinet/benchmark/node_modules/lodash/package.json", - "InstalledVersion": "4.17.11", - "FixedVersion": "4.17.12", - "Layer": { + "VulnerabilityID": "CVE-2019-10744", + "PkgName": "lodash", + "PkgPath": "juice-shop/node_modules/clarinet/benchmark/node_modules/lodash/package.json", + "InstalledVersion": "4.17.11", + "FixedVersion": "4.17.12", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-10744", - "Title": "nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties", - "Description": "Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.", - "Severity": "CRITICAL", - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-10744", + "Title": "nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties", + "Description": "Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.", + "Severity": "CRITICAL", + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P", - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", - "V2Score": 6.4, - "V3Score": 9.1 + "V2Vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P", + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", + "V2Score": 6.4, + "V3Score": 9.1 }, "redhat": { - "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", - "V3Score": 9.1 + "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", + "V3Score": 9.1 } - }, - "References": [ + }, + "References": [ "https://access.redhat.com/errata/RHSA-2019:3024", "https://github.com/advisories/GHSA-jf85-cpcp-j695", "https://nvd.nist.gov/vuln/detail/CVE-2019-10744", @@ -854,41 +830,39 @@ "https://support.f5.com/csp/article/K47105354?utm_source=f5support\u0026amp;utm_medium=RSS", "https://www.oracle.com/security-alerts/cpujan2021.html", "https://www.oracle.com/security-alerts/cpuoct2020.html" - ], - "PublishedDate": "2019-07-26T00:15:00Z", - "LastModifiedDate": "2021-03-16T13:57:00Z" + ], + "PublishedDate": "2019-07-26T00:15:00Z", + "LastModifiedDate": "2021-03-16T13:57:00Z" }, { - "VulnerabilityID": "CVE-2020-8203", - "PkgName": "lodash", - "PkgPath": "juice-shop/node_modules/clarinet/benchmark/node_modules/lodash/package.json", - "InstalledVersion": "4.17.11", - "FixedVersion": "4.17.19", - "Layer": { + "VulnerabilityID": "CVE-2020-8203", + "PkgName": "lodash", + "PkgPath": "juice-shop/node_modules/clarinet/benchmark/node_modules/lodash/package.json", + "InstalledVersion": "4.17.11", + "FixedVersion": "4.17.19", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2020-8203", - "Title": "nodejs-lodash: prototype pollution in zipObjectDeep function", - "Description": "Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.", - "Severity": "HIGH", - "CweIDs": [ - "CWE-770" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2020-8203", + "Title": "nodejs-lodash: prototype pollution in zipObjectDeep function", + "Description": "Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.", + "Severity": "HIGH", + "CweIDs": ["CWE-770"], + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P", - "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", - "V2Score": 5.8, - "V3Score": 7.4 + "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P", + "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", + "V2Score": 5.8, + "V3Score": 7.4 }, "redhat": { - "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", - "V3Score": 7.4 + "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", + "V3Score": 7.4 } - }, - "References": [ + }, + "References": [ "https://github.com/advisories/GHSA-p6mc-m468-83gw", "https://github.com/lodash/lodash/issues/4874", "https://hackerone.com/reports/712065", @@ -898,41 +872,39 @@ "https://www.oracle.com//security-alerts/cpujul2021.html", "https://www.oracle.com/security-alerts/cpuApr2021.html", "https://www.oracle.com/security-alerts/cpuoct2021.html" - ], - "PublishedDate": "2020-07-15T17:15:00Z", - "LastModifiedDate": "2021-10-20T11:15:00Z" + ], + "PublishedDate": "2020-07-15T17:15:00Z", + "LastModifiedDate": "2021-10-20T11:15:00Z" }, { - "VulnerabilityID": "CVE-2021-23337", - "PkgName": "lodash", - "PkgPath": "juice-shop/node_modules/clarinet/benchmark/node_modules/lodash/package.json", - "InstalledVersion": "4.17.11", - "FixedVersion": "4.17.21", - "Layer": { + "VulnerabilityID": "CVE-2021-23337", + "PkgName": "lodash", + "PkgPath": "juice-shop/node_modules/clarinet/benchmark/node_modules/lodash/package.json", + "InstalledVersion": "4.17.11", + "FixedVersion": "4.17.21", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-23337", - "Title": "nodejs-lodash: command injection via template", - "Description": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.", - "Severity": "HIGH", - "CweIDs": [ - "CWE-77" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-23337", + "Title": "nodejs-lodash: command injection via template", + "Description": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.", + "Severity": "HIGH", + "CweIDs": ["CWE-77"], + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", - "V2Score": 6.5, - "V3Score": 7.2 + "V2Vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "V2Score": 6.5, + "V3Score": 7.2 }, "redhat": { - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", - "V3Score": 7.2 + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "V3Score": 7.2 } - }, - "References": [ + }, + "References": [ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337", "https://github.com/advisories/GHSA-35jh-r3h4-6jhm", "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851", @@ -946,99 +918,95 @@ "https://snyk.io/vuln/SNYK-JS-LODASH-1040724", "https://www.oracle.com//security-alerts/cpujul2021.html", "https://www.oracle.com/security-alerts/cpuoct2021.html" - ], - "PublishedDate": "2021-02-15T13:15:00Z", - "LastModifiedDate": "2021-10-20T11:16:00Z" + ], + "PublishedDate": "2021-02-15T13:15:00Z", + "LastModifiedDate": "2021-10-20T11:16:00Z" }, { - "VulnerabilityID": "GHSA-5mrr-rgp6-x4gr", - "PkgName": "marsdb", - "PkgPath": "juice-shop/node_modules/marsdb/package.json", - "InstalledVersion": "0.6.11", - "Layer": { + "VulnerabilityID": "GHSA-5mrr-rgp6-x4gr", + "PkgName": "marsdb", + "PkgPath": "juice-shop/node_modules/marsdb/package.json", + "InstalledVersion": "0.6.11", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "PrimaryURL": "https://github.com/advisories/GHSA-5mrr-rgp6-x4gr", - "Title": "Command Injection in marsdb", - "Description": "All versions of `marsdb` are vulnerable to Command Injection. In the `DocumentMatcher` class, selectors on `$where` clauses are passed to a Function constructor unsanitized. This allows attackers to run arbitrary commands in the system when the function is executed.\n\n\n## Recommendation\n\nNo fix is currently available. Consider using an alternative package until a fix is made available.", - "Severity": "CRITICAL", - "References": [ + }, + "PrimaryURL": "https://github.com/advisories/GHSA-5mrr-rgp6-x4gr", + "Title": "Command Injection in marsdb", + "Description": "All versions of `marsdb` are vulnerable to Command Injection. In the `DocumentMatcher` class, selectors on `$where` clauses are passed to a Function constructor unsanitized. This allows attackers to run arbitrary commands in the system when the function is executed.\n\n\n## Recommendation\n\nNo fix is currently available. Consider using an alternative package until a fix is made available.", + "Severity": "CRITICAL", + "References": [ "https://github.com/advisories/GHSA-5mrr-rgp6-x4gr", "https://github.com/bkimminich/juice-shop/issues/1173" - ] + ] }, { - "VulnerabilityID": "CVE-2017-18214", - "PkgName": "moment", - "PkgPath": "juice-shop/node_modules/moment/package.json", - "InstalledVersion": "2.0.0", - "FixedVersion": "2.19.3", - "Layer": { + "VulnerabilityID": "CVE-2017-18214", + "PkgName": "moment", + "PkgPath": "juice-shop/node_modules/moment/package.json", + "InstalledVersion": "2.0.0", + "FixedVersion": "2.19.3", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2017-18214", - "Title": "nodejs-moment: Regular expression denial of service", - "Description": "The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.", - "Severity": "HIGH", - "CweIDs": [ - "CWE-400" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2017-18214", + "Title": "nodejs-moment: Regular expression denial of service", + "Description": "The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.", + "Severity": "HIGH", + "CweIDs": ["CWE-400"], + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "V2Score": 5, - "V3Score": 7.5 + "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "V2Score": 5, + "V3Score": 7.5 }, "redhat": { - "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "V3Score": 5.3 + "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "V3Score": 5.3 } - }, - "References": [ + }, + "References": [ "https://github.com/advisories/GHSA-446m-mv8f-q348", "https://github.com/moment/moment/issues/4163", "https://nodesecurity.io/advisories/532", "https://nvd.nist.gov/vuln/detail/CVE-2017-18214", "https://www.tenable.com/security/tns-2019-02" - ], - "PublishedDate": "2018-03-04T21:29:00Z", - "LastModifiedDate": "2020-11-16T20:23:00Z" + ], + "PublishedDate": "2018-03-04T21:29:00Z", + "LastModifiedDate": "2020-11-16T20:23:00Z" }, { - "VulnerabilityID": "CVE-2016-4055", - "PkgName": "moment", - "PkgPath": "juice-shop/node_modules/moment/package.json", - "InstalledVersion": "2.0.0", - "FixedVersion": "2.11.2", - "Layer": { + "VulnerabilityID": "CVE-2016-4055", + "PkgName": "moment", + "PkgPath": "juice-shop/node_modules/moment/package.json", + "InstalledVersion": "2.0.0", + "FixedVersion": "2.11.2", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2016-4055", - "Title": "moment.js: regular expression denial of service", - "Description": "The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a \"regular expression Denial of Service (ReDoS).\"", - "Severity": "MEDIUM", - "CweIDs": [ - "CWE-399" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2016-4055", + "Title": "moment.js: regular expression denial of service", + "Description": "The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a \"regular expression Denial of Service (ReDoS).\"", + "Severity": "MEDIUM", + "CweIDs": ["CWE-399"], + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C", - "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "V2Score": 7.8, - "V3Score": 6.5 + "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C", + "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "V2Score": 7.8, + "V3Score": 6.5 }, "redhat": { - "V2Vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", - "V2Score": 4.3 + "V2Vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", + "V2Score": 4.3 } - }, - "References": [ + }, + "References": [ "http://www.openwall.com/lists/oss-security/2016/04/20/11", "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "http://www.securityfocus.com/bid/95849", @@ -1051,205 +1019,199 @@ "https://nvd.nist.gov/vuln/detail/CVE-2016-4055", "https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS", "https://www.tenable.com/security/tns-2019-02" - ], - "PublishedDate": "2017-01-23T21:59:00Z", - "LastModifiedDate": "2019-08-11T18:15:00Z" + ], + "PublishedDate": "2017-01-23T21:59:00Z", + "LastModifiedDate": "2019-08-11T18:15:00Z" }, { - "VulnerabilityID": "CVE-2016-1000237", - "PkgName": "sanitize-html", - "PkgPath": "juice-shop/node_modules/sanitize-html/package.json", - "InstalledVersion": "1.4.2", - "FixedVersion": "1.4.3", - "Layer": { + "VulnerabilityID": "CVE-2016-1000237", + "PkgName": "sanitize-html", + "PkgPath": "juice-shop/node_modules/sanitize-html/package.json", + "InstalledVersion": "1.4.2", + "FixedVersion": "1.4.3", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2016-1000237", - "Title": "XSS - Sanitization not applied recursively", - "Description": "sanitize-html before 1.4.3 has XSS.", - "Severity": "MEDIUM", - "CweIDs": [ - "CWE-79" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2016-1000237", + "Title": "XSS - Sanitization not applied recursively", + "Description": "sanitize-html before 1.4.3 has XSS.", + "Severity": "MEDIUM", + "CweIDs": ["CWE-79"], + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", - "V2Score": 4.3, - "V3Score": 6.1 + "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "V2Score": 4.3, + "V3Score": 6.1 } - }, - "References": [ + }, + "References": [ "https://github.com/advisories/GHSA-3j7m-hmh3-9jmp", "https://github.com/punkave/sanitize-html/issues/29", "https://nodesecurity.io/advisories/135", "https://nvd.nist.gov/vuln/detail/CVE-2016-1000237", "https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000237.json" - ], - "PublishedDate": "2020-01-23T15:15:00Z", - "LastModifiedDate": "2020-01-24T19:44:00Z" + ], + "PublishedDate": "2020-01-23T15:15:00Z", + "LastModifiedDate": "2020-01-24T19:44:00Z" }, { - "VulnerabilityID": "CVE-2017-16016", - "PkgName": "sanitize-html", - "PkgPath": "juice-shop/node_modules/sanitize-html/package.json", - "InstalledVersion": "1.4.2", - "FixedVersion": "1.11.4", - "Layer": { + "VulnerabilityID": "CVE-2017-16016", + "PkgName": "sanitize-html", + "PkgPath": "juice-shop/node_modules/sanitize-html/package.json", + "InstalledVersion": "1.4.2", + "FixedVersion": "1.11.4", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2017-16016", - "Title": "Cross-Site Scripting in sanitize-html", - "Description": "Sanitize-html is a library for scrubbing html input of malicious values. Versions 1.11.1 and below are vulnerable to cross site scripting (XSS) in certain scenarios: If allowed at least one nonTextTags, the result is a potential XSS vulnerability.", - "Severity": "MEDIUM", - "CweIDs": [ - "CWE-79" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2017-16016", + "Title": "Cross-Site Scripting in sanitize-html", + "Description": "Sanitize-html is a library for scrubbing html input of malicious values. Versions 1.11.1 and below are vulnerable to cross site scripting (XSS) in certain scenarios: If allowed at least one nonTextTags, the result is a potential XSS vulnerability.", + "Severity": "MEDIUM", + "CweIDs": ["CWE-79"], + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", - "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", - "V2Score": 4.3, - "V3Score": 6.1 + "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", + "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "V2Score": 4.3, + "V3Score": 6.1 } - }, - "References": [ + }, + "References": [ "https://github.com/advisories/GHSA-xc6g-ggrc-qq4r", "https://github.com/punkave/sanitize-html/commit/5d205a1005ba0df80e21d8c64a15bb3accdb2403", "https://github.com/punkave/sanitize-html/issues/100", "https://nodesecurity.io/advisories/154", "https://nvd.nist.gov/vuln/detail/CVE-2017-16016" - ], - "PublishedDate": "2018-06-04T19:29:00Z", - "LastModifiedDate": "2019-10-09T23:24:00Z" + ], + "PublishedDate": "2018-06-04T19:29:00Z", + "LastModifiedDate": "2019-10-09T23:24:00Z" }, { - "VulnerabilityID": "CVE-2021-26539", - "PkgName": "sanitize-html", - "PkgPath": "juice-shop/node_modules/sanitize-html/package.json", - "InstalledVersion": "1.4.2", - "FixedVersion": "2.3.1", - "Layer": { + "VulnerabilityID": "CVE-2021-26539", + "PkgName": "sanitize-html", + "PkgPath": "juice-shop/node_modules/sanitize-html/package.json", + "InstalledVersion": "1.4.2", + "FixedVersion": "2.3.1", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-26539", - "Title": "sanitize-html: improper handling of internationalized domain name (IDN) can lead to bypass hostname whitelist validation", - "Description": "Apostrophe Technologies sanitize-html before 2.3.1 does not properly handle internationalized domain name (IDN) which could allow an attacker to bypass hostname whitelist validation set by the \"allowedIframeHostnames\" option.", - "Severity": "MEDIUM", - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-26539", + "Title": "sanitize-html: improper handling of internationalized domain name (IDN) can lead to bypass hostname whitelist validation", + "Description": "Apostrophe Technologies sanitize-html before 2.3.1 does not properly handle internationalized domain name (IDN) which could allow an attacker to bypass hostname whitelist validation set by the \"allowedIframeHostnames\" option.", + "Severity": "MEDIUM", + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N", - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", - "V2Score": 5, - "V3Score": 5.3 + "V2Vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "V2Score": 5, + "V3Score": 5.3 }, "redhat": { - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", - "V3Score": 5.3 + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "V3Score": 5.3 } - }, - "References": [ + }, + "References": [ "https://advisory.checkmarx.net/advisory/CX-2021-4308", "https://github.com/advisories/GHSA-rjqq-98f6-6j3r", "https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#231-2021-01-22", "https://github.com/apostrophecms/sanitize-html/pull/458", "https://nvd.nist.gov/vuln/detail/CVE-2021-26539" - ], - "PublishedDate": "2021-02-08T17:15:00Z", - "LastModifiedDate": "2021-03-25T23:15:00Z" + ], + "PublishedDate": "2021-02-08T17:15:00Z", + "LastModifiedDate": "2021-03-25T23:15:00Z" }, { - "VulnerabilityID": "CVE-2021-26540", - "PkgName": "sanitize-html", - "PkgPath": "juice-shop/node_modules/sanitize-html/package.json", - "InstalledVersion": "1.4.2", - "FixedVersion": "2.3.2", - "Layer": { + "VulnerabilityID": "CVE-2021-26540", + "PkgName": "sanitize-html", + "PkgPath": "juice-shop/node_modules/sanitize-html/package.json", + "InstalledVersion": "1.4.2", + "FixedVersion": "2.3.2", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-26540", - "Title": "sanitize-html: improper validation of hostnames set by the \"allowedIframeHostnames\" option can lead to bypass hostname whitelist for iframe element", - "Description": "Apostrophe Technologies sanitize-html before 2.3.2 does not properly validate the hostnames set by the \"allowedIframeHostnames\" option when the \"allowIframeRelativeUrls\" is set to true, which allows attackers to bypass hostname whitelist for iframe element, related using an src value that starts with \"/\\\\example.com\".", - "Severity": "MEDIUM", - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-26540", + "Title": "sanitize-html: improper validation of hostnames set by the \"allowedIframeHostnames\" option can lead to bypass hostname whitelist for iframe element", + "Description": "Apostrophe Technologies sanitize-html before 2.3.2 does not properly validate the hostnames set by the \"allowedIframeHostnames\" option when the \"allowIframeRelativeUrls\" is set to true, which allows attackers to bypass hostname whitelist for iframe element, related using an src value that starts with \"/\\\\example.com\".", + "Severity": "MEDIUM", + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N", - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", - "V2Score": 5, - "V3Score": 5.3 + "V2Vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "V2Score": 5, + "V3Score": 5.3 }, "redhat": { - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", - "V3Score": 5.3 + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "V3Score": 5.3 } - }, - "References": [ + }, + "References": [ "https://advisory.checkmarx.net/advisory/CX-2021-4309", "https://github.com/advisories/GHSA-mjxr-4v3x-q3m4", "https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#232-2021-01-26", "https://github.com/apostrophecms/sanitize-html/pull/460", "https://nvd.nist.gov/vuln/detail/CVE-2021-26540" - ], - "PublishedDate": "2021-02-08T17:15:00Z", - "LastModifiedDate": "2021-04-01T15:02:00Z" + ], + "PublishedDate": "2021-02-08T17:15:00Z", + "LastModifiedDate": "2021-04-01T15:02:00Z" }, { - "VulnerabilityID": "NSWG-ECO-154", - "PkgName": "sanitize-html", - "PkgPath": "juice-shop/node_modules/sanitize-html/package.json", - "InstalledVersion": "1.4.2", - "FixedVersion": "\u003e=1.11.4", - "Layer": { + "VulnerabilityID": "NSWG-ECO-154", + "PkgName": "sanitize-html", + "PkgPath": "juice-shop/node_modules/sanitize-html/package.json", + "InstalledVersion": "1.4.2", + "FixedVersion": "\u003e=1.11.4", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "Title": "Cross Site Scripting", - "Description": "Sanitize-html is a library for scrubbing html input of malicious values.\n\nVersions 1.11.1 and below are vulnerable to cross site scripting (XSS) in certain scenarios:\n\nIf allowed at least one nonTextTags, the result is a potential XSS vulnerability.\nPoC:\n\n```\nvar sanitizeHtml = require('sanitize-html');\n\nvar dirty = '!\u003ctextarea\u003e\u0026lt;/textarea\u0026gt;\u003csvg/onload=prompt`xs`\u0026gt;\u003c/textarea\u003e!';\nvar clean = sanitizeHtml(dirty, {\n allowedTags: [ 'textarea' ]\n});\n\nconsole.log(clean);\n\n// !\u003ctextarea\u003e\u003c/textarea\u003e\u003csvg/onload=prompt`xs`\u003e\u003c/textarea\u003e!\n```", - "Severity": "MEDIUM", - "References": [ + }, + "Title": "Cross Site Scripting", + "Description": "Sanitize-html is a library for scrubbing html input of malicious values.\n\nVersions 1.11.1 and below are vulnerable to cross site scripting (XSS) in certain scenarios:\n\nIf allowed at least one nonTextTags, the result is a potential XSS vulnerability.\nPoC:\n\n```\nvar sanitizeHtml = require('sanitize-html');\n\nvar dirty = '!\u003ctextarea\u003e\u0026lt;/textarea\u0026gt;\u003csvg/onload=prompt`xs`\u0026gt;\u003c/textarea\u003e!';\nvar clean = sanitizeHtml(dirty, {\n allowedTags: [ 'textarea' ]\n});\n\nconsole.log(clean);\n\n// !\u003ctextarea\u003e\u003c/textarea\u003e\u003csvg/onload=prompt`xs`\u003e\u003c/textarea\u003e!\n```", + "Severity": "MEDIUM", + "References": [ "https://github.com/punkave/sanitize-html/commit/5d205a1005ba0df80e21d8c64a15bb3accdb2403", "https://github.com/punkave/sanitize-html/issues/100" - ] + ] }, { - "VulnerabilityID": "CVE-2021-23440", - "PkgName": "set-value", - "PkgPath": "juice-shop/node_modules/set-value/package.json", - "InstalledVersion": "2.0.1", - "FixedVersion": "4.0.1", - "Layer": { + "VulnerabilityID": "CVE-2021-23440", + "PkgName": "set-value", + "PkgPath": "juice-shop/node_modules/set-value/package.json", + "InstalledVersion": "2.0.1", + "FixedVersion": "4.0.1", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-23440", - "Title": "nodejs-set-value: type confusion allows bypass of CVE-2019-10747", - "Description": "This affects the package set-value before \u003c2.0.1, \u003e=3.0.0 \u003c4.0.1. A type confusion vulnerability can lead to a bypass of CVE-2019-10747 when the user-provided keys used in the path parameter are arrays.", - "Severity": "CRITICAL", - "CweIDs": [ - "CWE-843" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-23440", + "Title": "nodejs-set-value: type confusion allows bypass of CVE-2019-10747", + "Description": "This affects the package set-value before \u003c2.0.1, \u003e=3.0.0 \u003c4.0.1. A type confusion vulnerability can lead to a bypass of CVE-2019-10747 when the user-provided keys used in the path parameter are arrays.", + "Severity": "CRITICAL", + "CweIDs": ["CWE-843"], + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "V2Score": 7.5, - "V3Score": 9.8 + "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "V2Score": 7.5, + "V3Score": 9.8 }, "redhat": { - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", - "V3Score": 7.3 + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "V3Score": 7.3 } - }, - "References": [ + }, + "References": [ "https://github.com/advisories/GHSA-4jqc-8m5r-9rpr", "https://github.com/jonschlinkert/set-value/commit/7cf8073bb06bf0c15e08475f9f952823b4576452", "https://github.com/jonschlinkert/set-value/pull/33", @@ -1257,41 +1219,39 @@ "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1584212", "https://snyk.io/vuln/SNYK-JS-SETVALUE-1540541", "https://www.huntr.dev/bounties/2eae1159-01de-4f82-a177-7478a408c4a2/" - ], - "PublishedDate": "2021-09-12T13:15:00Z", - "LastModifiedDate": "2021-11-03T20:29:00Z" + ], + "PublishedDate": "2021-09-12T13:15:00Z", + "LastModifiedDate": "2021-11-03T20:29:00Z" }, { - "VulnerabilityID": "CVE-2021-32803", - "PkgName": "tar", - "PkgPath": "juice-shop/node_modules/node-gyp/node_modules/tar/package.json", - "InstalledVersion": "2.2.2", - "FixedVersion": "6.1.2, 5.0.7, 4.4.15, 3.2.3", - "Layer": { + "VulnerabilityID": "CVE-2021-32803", + "PkgName": "tar", + "PkgPath": "juice-shop/node_modules/node-gyp/node_modules/tar/package.json", + "InstalledVersion": "2.2.2", + "FixedVersion": "6.1.2, 5.0.7, 4.4.15, 3.2.3", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-32803", - "Title": "nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite", - "Description": "The npm package \"tar\" (aka node-tar) before versions 6.1.2, 5.0.7, 4.4.15, and 3.2.3 has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. `node-tar` aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary `stat` calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory. This order of operations resulted in the directory being created and added to the `node-tar` directory cache. When a directory is present in the directory cache, subsequent calls to mkdir for that directory are skipped. However, this is also where `node-tar` checks for symlinks occur. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass `node-tar` symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.3, 4.4.15, 5.0.7 and 6.1.2.", - "Severity": "HIGH", - "CweIDs": [ - "CWE-22" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-32803", + "Title": "nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite", + "Description": "The npm package \"tar\" (aka node-tar) before versions 6.1.2, 5.0.7, 4.4.15, and 3.2.3 has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. `node-tar` aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary `stat` calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory. This order of operations resulted in the directory being created and added to the `node-tar` directory cache. When a directory is present in the directory cache, subsequent calls to mkdir for that directory are skipped. However, this is also where `node-tar` checks for symlinks occur. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass `node-tar` symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.3, 4.4.15, 5.0.7 and 6.1.2.", + "Severity": "HIGH", + "CweIDs": ["CWE-22"], + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P", - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", - "V2Score": 5.8, - "V3Score": 8.1 + "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P", + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", + "V2Score": 5.8, + "V3Score": 8.1 }, "redhat": { - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", - "V3Score": 8.1 + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", + "V3Score": 8.1 } - }, - "References": [ + }, + "References": [ "https://github.com/advisories/GHSA-r628-mhmh-qjhw", "https://github.com/npm/node-tar/commit/9dbdeb6df8e9dbd96fa9e84341b9d74734be6c20", "https://github.com/npm/node-tar/security/advisories/GHSA-r628-mhmh-qjhw", @@ -1301,41 +1261,39 @@ "https://www.npmjs.com/advisories/1771", "https://www.npmjs.com/package/tar", "https://www.oracle.com/security-alerts/cpuoct2021.html" - ], - "PublishedDate": "2021-08-03T19:15:00Z", - "LastModifiedDate": "2021-10-20T11:16:00Z" + ], + "PublishedDate": "2021-08-03T19:15:00Z", + "LastModifiedDate": "2021-10-20T11:16:00Z" }, { - "VulnerabilityID": "CVE-2021-32804", - "PkgName": "tar", - "PkgPath": "juice-shop/node_modules/node-gyp/node_modules/tar/package.json", - "InstalledVersion": "2.2.2", - "FixedVersion": "6.1.1, 5.0.6, 4.4.14, 3.2.2", - "Layer": { + "VulnerabilityID": "CVE-2021-32804", + "PkgName": "tar", + "PkgPath": "juice-shop/node_modules/node-gyp/node_modules/tar/package.json", + "InstalledVersion": "2.2.2", + "FixedVersion": "6.1.1, 5.0.6, 4.4.14, 3.2.2", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-32804", - "Title": "nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite", - "Description": "The npm package \"tar\" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths when the `preservePaths` flag is not set to `true`. This is achieved by stripping the absolute path root from any absolute file paths contained in a tar file. For example `/home/user/.bashrc` would turn into `home/user/.bashrc`. This logic was insufficient when file paths contained repeated path roots such as `////home/user/.bashrc`. `node-tar` would only strip a single path root from such paths. When given an absolute file path with repeating path roots, the resulting path (e.g. `///home/user/.bashrc`) would still resolve to an absolute path, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.2, 4.4.14, 5.0.6 and 6.1.1. Users may work around this vulnerability without upgrading by creating a custom `onentry` method which sanitizes the `entry.path` or a `filter` method which removes entries with absolute paths. See referenced GitHub Advisory for details. Be aware of CVE-2021-32803 which fixes a similar bug in later versions of tar.", - "Severity": "HIGH", - "CweIDs": [ - "CWE-22" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-32804", + "Title": "nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite", + "Description": "The npm package \"tar\" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths when the `preservePaths` flag is not set to `true`. This is achieved by stripping the absolute path root from any absolute file paths contained in a tar file. For example `/home/user/.bashrc` would turn into `home/user/.bashrc`. This logic was insufficient when file paths contained repeated path roots such as `////home/user/.bashrc`. `node-tar` would only strip a single path root from such paths. When given an absolute file path with repeating path roots, the resulting path (e.g. `///home/user/.bashrc`) would still resolve to an absolute path, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.2, 4.4.14, 5.0.6 and 6.1.1. Users may work around this vulnerability without upgrading by creating a custom `onentry` method which sanitizes the `entry.path` or a `filter` method which removes entries with absolute paths. See referenced GitHub Advisory for details. Be aware of CVE-2021-32803 which fixes a similar bug in later versions of tar.", + "Severity": "HIGH", + "CweIDs": ["CWE-22"], + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P", - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", - "V2Score": 5.8, - "V3Score": 8.1 + "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P", + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", + "V2Score": 5.8, + "V3Score": 8.1 }, "redhat": { - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", - "V3Score": 8.1 + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", + "V3Score": 8.1 } - }, - "References": [ + }, + "References": [ "https://github.com/advisories/GHSA-3jfq-g458-7qm9", "https://github.com/npm/node-tar/commit/1f036ca23f64a547bdd6c79c1a44bc62e8115da4", "https://github.com/npm/node-tar/security/advisories/GHSA-3jfq-g458-7qm9", @@ -1345,180 +1303,170 @@ "https://www.npmjs.com/advisories/1770", "https://www.npmjs.com/package/tar", "https://www.oracle.com/security-alerts/cpuoct2021.html" - ], - "PublishedDate": "2021-08-03T19:15:00Z", - "LastModifiedDate": "2021-10-20T11:16:00Z" + ], + "PublishedDate": "2021-08-03T19:15:00Z", + "LastModifiedDate": "2021-10-20T11:16:00Z" }, { - "VulnerabilityID": "CVE-2021-37701", - "PkgName": "tar", - "PkgPath": "juice-shop/node_modules/node-gyp/node_modules/tar/package.json", - "InstalledVersion": "2.2.2", - "FixedVersion": "6.1.7, 5.0.8, 4.4.16", - "Layer": { + "VulnerabilityID": "CVE-2021-37701", + "PkgName": "tar", + "PkgPath": "juice-shop/node_modules/node-gyp/node_modules/tar/package.json", + "InstalledVersion": "2.2.2", + "FixedVersion": "6.1.7, 5.0.8, 4.4.16", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-37701", - "Title": "nodejs-tar: insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite", - "Description": "The npm package \"tar\" (aka node-tar) before versions 4.4.16, 5.0.8, and 6.1.7 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary stat calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory, where the symlink and directory names in the archive entry used backslashes as a path separator on posix systems. The cache checking logic used both `\\` and `/` characters as path separators, however `\\` is a valid filename character on posix systems. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass node-tar symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. Additionally, a similar confusion could arise on case-insensitive filesystems. If a tar archive contained a directory at `FOO`, followed by a symbolic link named `foo`, then on case-insensitive file systems, the creation of the symbolic link would remove the directory from the filesystem, but _not_ from the internal directory cache, as it would not be treated as a cache hit. A subsequent file entry within the `FOO` directory would then be placed in the target of the symbolic link, thinking that the directory had already been created. These issues were addressed in releases 4.4.16, 5.0.8 and 6.1.7. The v3 branch of node-tar has been deprecated and did not receive patches for these issues. If you are still using a v3 release we recommend you update to a more recent version of node-tar. If this is not possible, a workaround is available in the referenced GHSA-9r2w-394v-53qc.", - "Severity": "HIGH", - "CweIDs": [ - "CWE-22", - "CWE-59" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-37701", + "Title": "nodejs-tar: insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite", + "Description": "The npm package \"tar\" (aka node-tar) before versions 4.4.16, 5.0.8, and 6.1.7 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary stat calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory, where the symlink and directory names in the archive entry used backslashes as a path separator on posix systems. The cache checking logic used both `\\` and `/` characters as path separators, however `\\` is a valid filename character on posix systems. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass node-tar symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. Additionally, a similar confusion could arise on case-insensitive filesystems. If a tar archive contained a directory at `FOO`, followed by a symbolic link named `foo`, then on case-insensitive file systems, the creation of the symbolic link would remove the directory from the filesystem, but _not_ from the internal directory cache, as it would not be treated as a cache hit. A subsequent file entry within the `FOO` directory would then be placed in the target of the symbolic link, thinking that the directory had already been created. These issues were addressed in releases 4.4.16, 5.0.8 and 6.1.7. The v3 branch of node-tar has been deprecated and did not receive patches for these issues. If you are still using a v3 release we recommend you update to a more recent version of node-tar. If this is not possible, a workaround is available in the referenced GHSA-9r2w-394v-53qc.", + "Severity": "HIGH", + "CweIDs": ["CWE-22", "CWE-59"], + "CVSS": { "nvd": { - "V2Vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P", - "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", - "V2Score": 4.4, - "V3Score": 8.6 + "V2Vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P", + "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "V2Score": 4.4, + "V3Score": 8.6 }, "redhat": { - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", - "V3Score": 8.1 + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", + "V3Score": 8.1 } - }, - "References": [ + }, + "References": [ "https://github.com/advisories/GHSA-9r2w-394v-53qc", "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc", "https://nvd.nist.gov/vuln/detail/CVE-2021-37701", "https://www.npmjs.com/advisories/1779", "https://www.npmjs.com/package/tar", "https://www.oracle.com/security-alerts/cpuoct2021.html" - ], - "PublishedDate": "2021-08-31T17:15:00Z", - "LastModifiedDate": "2021-10-20T11:17:00Z" + ], + "PublishedDate": "2021-08-31T17:15:00Z", + "LastModifiedDate": "2021-10-20T11:17:00Z" }, { - "VulnerabilityID": "CVE-2021-37712", - "PkgName": "tar", - "PkgPath": "juice-shop/node_modules/node-gyp/node_modules/tar/package.json", - "InstalledVersion": "2.2.2", - "FixedVersion": "6.1.9, 5.0.10, 4.4.18", - "Layer": { + "VulnerabilityID": "CVE-2021-37712", + "PkgName": "tar", + "PkgPath": "juice-shop/node_modules/node-gyp/node_modules/tar/package.json", + "InstalledVersion": "2.2.2", + "FixedVersion": "6.1.9, 5.0.10, 4.4.18", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-37712", - "Title": "nodejs-tar: insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite", - "Description": "The npm package \"tar\" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary stat calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with names containing unicode values that normalized to the same value. Additionally, on Windows systems, long path portions would resolve to the same file system entities as their 8.3 \"short path\" counterparts. A specially crafted tar archive could thus include a directory with one form of the path, followed by a symbolic link with a different string that resolves to the same file system entity, followed by a file using the first form. By first creating a directory, and then replacing that directory with a symlink that had a different apparent name that resolved to the same entry in the filesystem, it was thus possible to bypass node-tar symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. These issues were addressed in releases 4.4.18, 5.0.10 and 6.1.9. The v3 branch of node-tar has been deprecated and did not receive patches for these issues. If you are still using a v3 release we recommend you update to a more recent version of node-tar. If this is not possible, a workaround is available in the referenced GHSA-qq89-hq3f-393p.", - "Severity": "HIGH", - "CweIDs": [ - "CWE-22", - "CWE-59" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-37712", + "Title": "nodejs-tar: insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite", + "Description": "The npm package \"tar\" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary stat calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with names containing unicode values that normalized to the same value. Additionally, on Windows systems, long path portions would resolve to the same file system entities as their 8.3 \"short path\" counterparts. A specially crafted tar archive could thus include a directory with one form of the path, followed by a symbolic link with a different string that resolves to the same file system entity, followed by a file using the first form. By first creating a directory, and then replacing that directory with a symlink that had a different apparent name that resolved to the same entry in the filesystem, it was thus possible to bypass node-tar symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. These issues were addressed in releases 4.4.18, 5.0.10 and 6.1.9. The v3 branch of node-tar has been deprecated and did not receive patches for these issues. If you are still using a v3 release we recommend you update to a more recent version of node-tar. If this is not possible, a workaround is available in the referenced GHSA-qq89-hq3f-393p.", + "Severity": "HIGH", + "CweIDs": ["CWE-22", "CWE-59"], + "CVSS": { "nvd": { - "V2Vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P", - "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", - "V2Score": 4.4, - "V3Score": 8.6 + "V2Vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P", + "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "V2Score": 4.4, + "V3Score": 8.6 }, "redhat": { - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", - "V3Score": 8.1 + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", + "V3Score": 8.1 } - }, - "References": [ + }, + "References": [ "https://github.com/advisories/GHSA-qq89-hq3f-393p", "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p", "https://nvd.nist.gov/vuln/detail/CVE-2021-37712", "https://www.npmjs.com/advisories/1780", "https://www.npmjs.com/package/tar", "https://www.oracle.com/security-alerts/cpuoct2021.html" - ], - "PublishedDate": "2021-08-31T17:15:00Z", - "LastModifiedDate": "2021-10-20T11:17:00Z" + ], + "PublishedDate": "2021-08-31T17:15:00Z", + "LastModifiedDate": "2021-10-20T11:17:00Z" }, { - "VulnerabilityID": "CVE-2021-37713", - "PkgName": "tar", - "PkgPath": "juice-shop/node_modules/node-gyp/node_modules/tar/package.json", - "InstalledVersion": "2.2.2", - "FixedVersion": "6.1.9, 5.0.10, 4.4.18", - "Layer": { + "VulnerabilityID": "CVE-2021-37713", + "PkgName": "tar", + "PkgPath": "juice-shop/node_modules/node-gyp/node_modules/tar/package.json", + "InstalledVersion": "2.2.2", + "FixedVersion": "6.1.9, 5.0.10, 4.4.18", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-37713", - "Title": "Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization", - "Description": "The npm package \"tar\" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be outside of the extraction target directory is not extracted. This is, in part, accomplished by sanitizing absolute paths of entries within the archive, skipping archive entries that contain `..` path portions, and resolving the sanitized paths against the extraction target directory. This logic was insufficient on Windows systems when extracting tar files that contained a path that was not an absolute path, but specified a drive letter different from the extraction target, such as `C:some\\path`. If the drive letter does not match the extraction target, for example `D:\\extraction\\dir`, then the result of `path.resolve(extractionDirectory, entryPath)` would resolve against the current working directory on the `C:` drive, rather than the extraction target directory. Additionally, a `..` portion of the path could occur immediately after the drive letter, such as `C:../foo`, and was not properly sanitized by the logic that checked for `..` within the normalized and split portions of the path. This only affects users of `node-tar` on Windows systems. These issues were addressed in releases 4.4.18, 5.0.10 and 6.1.9. The v3 branch of node-tar has been deprecated and did not receive patches for these issues. If you are still using a v3 release we recommend you update to a more recent version of node-tar. There is no reasonable way to work around this issue without performing the same path normalization procedures that node-tar now does. Users are encouraged to upgrade to the latest patched versions of node-tar, rather than attempt to sanitize paths themselves.", - "Severity": "HIGH", - "CweIDs": [ - "CWE-22" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-37713", + "Title": "Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization", + "Description": "The npm package \"tar\" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be outside of the extraction target directory is not extracted. This is, in part, accomplished by sanitizing absolute paths of entries within the archive, skipping archive entries that contain `..` path portions, and resolving the sanitized paths against the extraction target directory. This logic was insufficient on Windows systems when extracting tar files that contained a path that was not an absolute path, but specified a drive letter different from the extraction target, such as `C:some\\path`. If the drive letter does not match the extraction target, for example `D:\\extraction\\dir`, then the result of `path.resolve(extractionDirectory, entryPath)` would resolve against the current working directory on the `C:` drive, rather than the extraction target directory. Additionally, a `..` portion of the path could occur immediately after the drive letter, such as `C:../foo`, and was not properly sanitized by the logic that checked for `..` within the normalized and split portions of the path. This only affects users of `node-tar` on Windows systems. These issues were addressed in releases 4.4.18, 5.0.10 and 6.1.9. The v3 branch of node-tar has been deprecated and did not receive patches for these issues. If you are still using a v3 release we recommend you update to a more recent version of node-tar. There is no reasonable way to work around this issue without performing the same path normalization procedures that node-tar now does. Users are encouraged to upgrade to the latest patched versions of node-tar, rather than attempt to sanitize paths themselves.", + "Severity": "HIGH", + "CweIDs": ["CWE-22"], + "CVSS": { "nvd": { - "V2Vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P", - "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", - "V2Score": 4.4, - "V3Score": 8.6 + "V2Vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P", + "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "V2Score": 4.4, + "V3Score": 8.6 } - }, - "References": [ + }, + "References": [ "https://github.com/advisories/GHSA-5955-9wpr-37jh", "https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh", "https://nvd.nist.gov/vuln/detail/CVE-2021-37713", "https://www.npmjs.com/package/tar", "https://www.oracle.com/security-alerts/cpuoct2021.html" - ], - "PublishedDate": "2021-08-31T17:15:00Z", - "LastModifiedDate": "2021-10-20T11:17:00Z" + ], + "PublishedDate": "2021-08-31T17:15:00Z", + "LastModifiedDate": "2021-10-20T11:17:00Z" }, { - "VulnerabilityID": "CVE-2021-3765", - "PkgName": "validator", - "PkgPath": "juice-shop/node_modules/validator/package.json", - "InstalledVersion": "13.6.0", - "FixedVersion": "13.7.0", - "Layer": { + "VulnerabilityID": "CVE-2021-3765", + "PkgName": "validator", + "PkgPath": "juice-shop/node_modules/validator/package.json", + "InstalledVersion": "13.6.0", + "FixedVersion": "13.7.0", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-3765", - "Title": "Inefficient Regular Expression Complexity in validator.js", - "Description": "validator.js is vulnerable to Inefficient Regular Expression Complexity", - "Severity": "MEDIUM", - "References": [ + }, + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-3765", + "Title": "Inefficient Regular Expression Complexity in validator.js", + "Description": "validator.js is vulnerable to Inefficient Regular Expression Complexity", + "Severity": "MEDIUM", + "References": [ "https://github.com/advisories/GHSA-qgmg-gppg-76g5", "https://github.com/validatorjs/validator.js/commit/496fc8b2a7f5997acaaec33cc44d0b8dba5fb5e1", "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9", "https://nvd.nist.gov/vuln/detail/CVE-2021-3765" - ], - "PublishedDate": "2021-11-02T07:15:00Z", - "LastModifiedDate": "2021-11-02T11:31:00Z" + ], + "PublishedDate": "2021-11-02T07:15:00Z", + "LastModifiedDate": "2021-11-02T11:31:00Z" }, { - "VulnerabilityID": "CVE-2021-23449", - "PkgName": "vm2", - "PkgPath": "juice-shop/node_modules/vm2/package.json", - "InstalledVersion": "3.9.3", - "FixedVersion": "3.9.4", - "Layer": { + "VulnerabilityID": "CVE-2021-23449", + "PkgName": "vm2", + "PkgPath": "juice-shop/node_modules/vm2/package.json", + "InstalledVersion": "3.9.3", + "FixedVersion": "3.9.4", + "Layer": { "Digest": "sha256:d60b2707975852ac9893dd5f0b9ed98a222f5a8c5b80003dafe8cb2c419d7407", "DiffID": "sha256:882c984cafed0fa20487f0b4f95474af7d46cff44d735d266633ebcea37e2bd1" - }, - "SeveritySource": "nvd", - "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-23449", - "Title": "Prototype Pollution in vm2", - "Description": "This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitrary code on the host machine.", - "Severity": "CRITICAL", - "CweIDs": [ - "CWE-915" - ], - "CVSS": { + }, + "SeveritySource": "nvd", + "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-23449", + "Title": "Prototype Pollution in vm2", + "Description": "This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitrary code on the host machine.", + "Severity": "CRITICAL", + "CweIDs": ["CWE-915"], + "CVSS": { "nvd": { - "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", - "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", - "V2Score": 7.5, - "V3Score": 10 + "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "V2Score": 7.5, + "V3Score": 10 } - }, - "References": [ + }, + "References": [ "https://github.com/advisories/GHSA-rjf2-j2r6-q8gr", "https://github.com/patriksimek/vm2/commit/b4f6e2bd2c4a1ef52fc4483d8e35f28bc4481886", "https://github.com/patriksimek/vm2/issues/363", @@ -1526,11 +1474,11 @@ "https://nvd.nist.gov/vuln/detail/CVE-2021-23449", "https://security.netapp.com/advisory/ntap-20211029-0010/", "https://snyk.io/vuln/SNYK-JS-VM2-1585918" - ], - "PublishedDate": "2021-10-18T17:15:00Z", - "LastModifiedDate": "2021-10-29T13:15:00Z" + ], + "PublishedDate": "2021-10-18T17:15:00Z", + "LastModifiedDate": "2021-10-29T13:15:00Z" } - ] + ] } - ] -} \ No newline at end of file + ] +} diff --git a/scanners/trivy/parser/__testFiles__/securecodebox-repo.json b/scanners/trivy/parser/__testFiles__/securecodebox-repo.json index 444e840c51..64692a0dd4 100644 --- a/scanners/trivy/parser/__testFiles__/securecodebox-repo.json +++ b/scanners/trivy/parser/__testFiles__/securecodebox-repo.json @@ -30,9 +30,7 @@ "Title": "jwt-go: access restriction bypass vulnerability", "Description": "jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m[\"aud\"] (which is allowed by the specification). Because the type assertion fails, \"\" is the value of aud. This is a security problem if the JWT token is presented to a service that lacks its own audience check.", "Severity": "HIGH", - "CweIDs": [ - "CWE-862" - ], + "CweIDs": ["CWE-862"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N", @@ -64,9 +62,7 @@ "Title": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation", "Description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.", "Severity": "HIGH", - "CweIDs": [ - "CWE-129" - ], + "CweIDs": ["CWE-129"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", @@ -104,9 +100,7 @@ "Title": "golang-github-miekg-dns: predictable TXID can lead to response forgeries", "Description": "The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries.", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-338" - ], + "CweIDs": ["CWE-338"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", @@ -140,9 +134,7 @@ "Title": "golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference", "Description": "A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.", "Severity": "HIGH", - "CweIDs": [ - "CWE-476" - ], + "CweIDs": ["CWE-476"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", @@ -222,9 +214,7 @@ "Title": "jwt-go: access restriction bypass vulnerability", "Description": "jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m[\"aud\"] (which is allowed by the specification). Because the type assertion fails, \"\" is the value of aud. This is a security problem if the JWT token is presented to a service that lacks its own audience check.", "Severity": "HIGH", - "CweIDs": [ - "CWE-862" - ], + "CweIDs": ["CWE-862"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N", @@ -256,9 +246,7 @@ "Title": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation", "Description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.", "Severity": "HIGH", - "CweIDs": [ - "CWE-129" - ], + "CweIDs": ["CWE-129"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", @@ -296,9 +284,7 @@ "Title": "golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference", "Description": "A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.", "Severity": "HIGH", - "CweIDs": [ - "CWE-476" - ], + "CweIDs": ["CWE-476"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", @@ -332,9 +318,7 @@ "Title": "golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic", "Description": "golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature verification in the golang.org/x/crypto/ssh package. A client can attack an SSH server that accepts public keys. Also, a server can attack any SSH client.", "Severity": "HIGH", - "CweIDs": [ - "CWE-347" - ], + "CweIDs": ["CWE-347"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", @@ -404,9 +388,7 @@ "Title": "kubernetes: Bearer tokens written to logs at high verbosity levels (\u003e= 7)", "Description": "The Kubernetes client-go library logs request headers at verbosity levels of 7 or higher. This can disclose credentials to unauthorized users via logs or command output. Kubernetes components (such as kube-apiserver) prior to v1.16.0, which make use of basic or bearer token authentication, and run at high verbosity levels, are affected.", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-532" - ], + "CweIDs": ["CWE-532"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N", @@ -441,9 +423,7 @@ "Title": "kubernetes: Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel \u003e= 9", "Description": "In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects \u003c= v1.19.3, \u003c= v1.18.10, \u003c= v1.17.13, \u003c v1.20.0-alpha2.", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-532" - ], + "CweIDs": ["CWE-532"], "CVSS": { "nvd": { "V2Vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N", @@ -482,9 +462,7 @@ "Title": "jwt-go: access restriction bypass vulnerability", "Description": "jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m[\"aud\"] (which is allowed by the specification). Because the type assertion fails, \"\" is the value of aud. This is a security problem if the JWT token is presented to a service that lacks its own audience check.", "Severity": "HIGH", - "CweIDs": [ - "CWE-862" - ], + "CweIDs": ["CWE-862"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N", @@ -516,9 +494,7 @@ "Title": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation", "Description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.", "Severity": "HIGH", - "CweIDs": [ - "CWE-129" - ], + "CweIDs": ["CWE-129"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", @@ -556,9 +532,7 @@ "Title": "golang-github-miekg-dns: predictable TXID can lead to response forgeries", "Description": "The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries.", "Severity": "MEDIUM", - "CweIDs": [ - "CWE-338" - ], + "CweIDs": ["CWE-338"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", @@ -592,9 +566,7 @@ "Title": "golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference", "Description": "A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.", "Severity": "HIGH", - "CweIDs": [ - "CWE-476" - ], + "CweIDs": ["CWE-476"], "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", @@ -670,4 +642,4 @@ "Type": "npm" } ] -} \ No newline at end of file +} diff --git a/scanners/typo3scan/examples/example.com/scan.yaml b/scanners/typo3scan/examples/example.com/scan.yaml index f7faa55ee6..2a2389008f 100644 --- a/scanners/typo3scan/examples/example.com/scan.yaml +++ b/scanners/typo3scan/examples/example.com/scan.yaml @@ -14,4 +14,4 @@ spec: - "--vuln" # Set the number of threads to use for enumerating extensions at 10 - "--threads" - - "10" \ No newline at end of file + - "10" diff --git a/scanners/typo3scan/parser/__testFiles__/localhost.json b/scanners/typo3scan/parser/__testFiles__/localhost.json index 9f92b52f9b..097bca4c2c 100644 --- a/scanners/typo3scan/parser/__testFiles__/localhost.json +++ b/scanners/typo3scan/parser/__testFiles__/localhost.json @@ -1,437 +1,423 @@ { - "http://localhost:80":{ - "Backend":"http://localhost:80/typo3/index.php", - "Version":"8.7", - "Vulnerabilities":[ - { - "Advisory":"TYPO3-CORE-SA-2019-026", - "Type":"Insecure Deserialization", - "Subcomponent":"Query Generator & Query View (ext:lowlevel, ext:core)", - "Affected":"8.7.29 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-026" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-025", - "Type":"SQL Injection", - "Subcomponent":"Query Generator (ext:lowlevel)", - "Affected":"8.7.29 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-025" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-024", - "Type":"Directory Traversal", - "Subcomponent":"Extension Manager (ext:extensionmanger)", - "Affected":"8.7.29 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-024" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-023", - "Type":"Cross-Site Scripting", - "Subcomponent":"Filelist Module (ext:filelist)", - "Affected":"8.7.29 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-023" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-022", - "Type":"Cross-Site Scripting", - "Subcomponent":"Link Handling (ext:core, ext:frontend)", - "Affected":"8.7.29 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-022" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-021", - "Type":"Cross-Site Scripting", - "Subcomponent":"Form Framework (ext:form)", - "Affected":"8.7.29 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-021" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-020", - "Type":"Insecure Deserialization", - "Subcomponent":"Backend & Core API (ext:backend, ext:core)", - "Affected":"8.7.26 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-020" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-019", - "Type":"Arbitrary Code Execution, Cross-Site Scripting", - "Subcomponent":"Backend API (ext:backend)", - "Affected":"8.7.26 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-019" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-018", - "Type":"Security Misconfiguration", - "Subcomponent":"Frontend Session Handling (ext:frontend)", - "Affected":"8.7.26 - 8.5.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-018" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-015", - "Type":"Cross-Site Scripting", - "Subcomponent":"Link Handling (ext:core)", - "Affected":"8.7.26 - 8.3.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-015" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-014", - "Type":"Information Disclosure", - "Subcomponent":"Backend User Interface (ext:backend)", - "Affected":"8.7.26 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-014" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-013", - "Type":"Cross-Site Scripting", - "Subcomponent":"Fluid Engine (package typo3fluid/fluid)", - "Affected":"8.7.24 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-013" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-012", - "Type":"Arbitrary Code Execution", - "Subcomponent":"Image Processing via ImageMagick (ext:core)", - "Affected":"8.7.24 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-012" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-011", - "Type":"Security Misconfiguration", - "Subcomponent":"User Session Handling (ext:core)", - "Affected":"8.7.24 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-011" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-008", - "Type":"Arbitrary Code Execution", - "Subcomponent":"File List (ext:filelist)", - "Affected":"8.7.22 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-008" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-007", - "Type":"Cross-Site Scripting", - "Subcomponent":"Form Framework (ext:form)", - "Affected":"8.7.22 - 8.5.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-007" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-006", - "Type":"Cross-Site Scripting", - "Subcomponent":"3rd party library Bootstrap CSS toolkit", - "Affected":"8.7.22 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-006" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-005", - "Type":"Cross-Site Scripting", - "Subcomponent":"Fluid (ext:fluid)", - "Affected":"8.7.22 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-005" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-003", - "Type":"Broken Access Control", - "Subcomponent":"Localization Handling", - "Affected":"8.7.22 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-003" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-002", - "Type":"Security Misconfiguration", - "Subcomponent":"Backend User Account Model (ext:core)", - "Affected":"8.7.22 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-002" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-001", - "Type":"Information Disclosure", - "Subcomponent":"RequireJS package configuration", - "Affected":"8.7.22 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-001" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-012", - "Type":"Denial of Service", - "Subcomponent":"Frontend Session Handling", - "Affected":"8.7.20 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-012" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-011", - "Type":"Denial of Service", - "Subcomponent":"Online media asset handling", - "Affected":"8.7.20 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-011" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-010", - "Type":"Information Disclosure", - "Subcomponent":"Install Tool", - "Affected":"8.7.20 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-010" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-009", - "Type":"Security Misconfiguration", - "Subcomponent":"Install Tool Session Handling", - "Affected":"8.7.20 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-009" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-008", - "Type":"Cross-Site Scripting", - "Subcomponent":"Frontend user login", - "Affected":"8.7.20 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-008" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-007", - "Type":"Cross-Site Scripting", - "Subcomponent":"Backend modal component", - "Affected":"8.7.20 - 8.5.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-007" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-006", - "Type":"Cross-Site Scripting", - "Subcomponent":"Online media asset rendering", - "Affected":"8.7.20 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-006" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-005", - "Type":"Cross-Site Scripting", - "Subcomponent":"3rd party JavaScript library CKEditor", - "Affected":"8.7.20 - 8.5.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-005" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-004", - "Type":"Insecure Deserialization", - "Subcomponent":"Form Framework (ext:form)", - "Affected":"8.7.16 - 8.5.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-004" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-003", - "Type":"Privilege Escalation & SQL Injection", - "Subcomponent":"Form Framework (ext:form)", - "Affected":"8.7.16 - 8.5.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-003" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-002", - "Type":"Insecure Deserialization & Arbitrary Code Execution", - "Subcomponent":"TYPO3 CMS", - "Affected":"8.7.16 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-002" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-001", - "Type":"Authentication Bypass", - "Subcomponent":"Salted Passwords (ext:saltedpasswords)", - "Affected":"8.7.16 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-001" - }, - { - "Advisory":"TYPO3-CORE-SA-2017-007", - "Type":"Arbitrary Code Execution", - "Subcomponent":"TYPO3 CMS", - "Affected":"8.7.4 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2017-007" - }, - { - "Advisory":"TYPO3-CORE-SA-2017-005", - "Type":"Information Disclosure", - "Subcomponent":"TYPO3 CMS", - "Affected":"8.7.4 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2017-005" - }, - { - "Advisory":"TYPO3-CORE-SA-2017-006", - "Type":"Information Disclosure", - "Subcomponent":"TYPO3 CMS", - "Affected":"8.7.4 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2017-006" - }, - { - "Advisory":"TYPO3-CORE-SA-2017-004", - "Type":"Cross-Site Scripting", - "Subcomponent":"TYPO3 CMS", - "Affected":"8.7.4 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2017-004" - }, - { - "Advisory":"TYPO3-CORE-SA-2020-011", - "Type":"Sensitive Data Exposure", - "Subcomponent":"Session Storage (ext:core)", - "Affected":"8.7.37 - 8.7.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2020-011" - }, - { - "Advisory":"TYPO3-CORE-SA-2020-010", - "Type":"Cross-Site Scripting", - "Subcomponent":"Fluid (ext:fluid)", - "Affected":"8.7.37 - 8.7.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2020-010" - }, - { - "Advisory":"TYPO3-CORE-SA-2020-009", - "Type":"Cross-Site Scripting", - "Subcomponent":"Fluid Engine (package typo3fluid/fluid)", - "Affected":"8.7.37 - 8.7.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2020-009" - }, - { - "Advisory":"TYPO3-CORE-SA-2021-008", - "Type":"Cross-Site Scripting", - "Subcomponent":"Content Preview Renderer (ext:backend)", - "Affected":"8.7.39 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2021-008" - }, - { - "Advisory":"TYPO3-CORE-SA-2021-006", - "Type":"Sensitive Data Exposure", - "Subcomponent":"Session Storage (ext:core)", - "Affected":"8.7.39 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2021-006" - }, - { - "Advisory":"TYPO3-CORE-SA-2021-003", - "Type":"Broken Access Control", - "Subcomponent":"Form Framework (ext:form)", - "Affected":"8.7.39 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2021-003" - }, - { - "Advisory":"TYPO3-CORE-SA-2021-002", - "Type":"Unrestricted File Upload", - "Subcomponent":"Form Framework (ext:form)", - "Affected":"8.7.39 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2021-002" - }, - { - "Advisory":"TYPO3-CORE-SA-2021-001", - "Type":"Open Redirection", - "Subcomponent":"Login Handling (ext:core)", - "Affected":"8.7.39 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2021-001" - }, - { - "Advisory":"TYPO3-CORE-SA-2021-013", - "Type":"Cross-Site-Scripting", - "Subcomponent":"Content Rendering, HTML Parser (ext:frontend, ext:core)", - "Affected":"8.7.41 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2021-013" - }, - { - "Advisory":"TYPO3-CORE-SA-2021-012", - "Type":"Information Disclosure", - "Subcomponent":"User Authentication (ext:core)", - "Affected":"8.7.40 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2021-012" - }, - { - "Advisory":"TYPO3-CORE-SA-2021-011", - "Type":"Cross-Site Scripting", - "Subcomponent":"Backend Grid View (ext:backend)", - "Affected":"8.7.40 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2021-011" - }, - { - "Advisory":"TYPO3-CORE-SA-2021-010", - "Type":"Cross-Site Scripting", - "Subcomponent":"Query Generator & Query View (ext:lowlevel, ext:core)", - "Affected":"8.7.40 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2021-010" - } - ], - "Extensions":[ - { - "Name":"extbase", - "Title":"Log4Php", - "Repo":"https://extensions.typo3.org/extension/extbase", - "Current":"1.1.1 (alpha)", - "Url":"http://localhost:80/typo3/sysext/extbase/", - "Version":"unknown", - "Version File":"not found", - "Vulnerabilities":[ - - ] - }, - { - "Name":"feedit", - "Title":"Frontend Editing", - "Repo":"https://extensions.typo3.org/extension/feedit", - "Current":"10.0.2 (stable)", - "Url":"http://localhost:80/typo3/sysext/feedit/", - "Version":"unknown", - "Version File":"not found", - "Vulnerabilities":[ - - ] - }, - { - "Name":"func", - "Title":"WebFunc", - "Repo":"https://extensions.typo3.org/extension/func", - "Current":"9.0.1 (stable)", - "Url":"http://localhost:80/typo3/sysext/func/", - "Version":"unknown", - "Version File":"not found", - "Vulnerabilities":[ - - ] - }, - { - "Name":"rsaauth", - "Title":"RSA authentication for TYPO3", - "Repo":"https://extensions.typo3.org/extension/rsaauth", - "Current":"10.0.1 (deprecated)", - "Url":"http://localhost:80/typo3/sysext/rsaauth/", - "Version":"unknown", - "Version File":"not found", - "Vulnerabilities":[ - - ] - }, - { - "Name":"sys_action", - "Title":"UserTask Center, Actions", - "Repo":"https://extensions.typo3.org/extension/sys_action", - "Current":"10.0.0 (stable)", - "Url":"http://localhost:80/typo3/sysext/sys_action/", - "Version":"unknown", - "Version File":"not found", - "Vulnerabilities":[ - - ] - }, - { - "Name":"taskcenter", - "Title":"UserTask Center", - "Repo":"https://extensions.typo3.org/extension/taskcenter", - "Current":"10.0.0 (stable)", - "Url":"http://localhost:80/typo3/sysext/taskcenter/", - "Version":"unknown", - "Version File":"not found", - "Vulnerabilities":[ - - ] - }, - { - "Name":"tstemplate", - "Title":"WebTemplate", - "Repo":"https://extensions.typo3.org/extension/tstemplate", - "Current":"0.0.5 (stable)", - "Url":"http://localhost:80/typo3/sysext/tstemplate/", - "Version":"unknown", - "Version File":"not found", - "Vulnerabilities":[ - - ] - } - ] - } -} \ No newline at end of file + "http://localhost:80": { + "Backend": "http://localhost:80/typo3/index.php", + "Version": "8.7", + "Vulnerabilities": [ + { + "Advisory": "TYPO3-CORE-SA-2019-026", + "Type": "Insecure Deserialization", + "Subcomponent": "Query Generator & Query View (ext:lowlevel, ext:core)", + "Affected": "8.7.29 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-026" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-025", + "Type": "SQL Injection", + "Subcomponent": "Query Generator (ext:lowlevel)", + "Affected": "8.7.29 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-025" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-024", + "Type": "Directory Traversal", + "Subcomponent": "Extension Manager (ext:extensionmanger)", + "Affected": "8.7.29 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-024" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-023", + "Type": "Cross-Site Scripting", + "Subcomponent": "Filelist Module (ext:filelist)", + "Affected": "8.7.29 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-023" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-022", + "Type": "Cross-Site Scripting", + "Subcomponent": "Link Handling (ext:core, ext:frontend)", + "Affected": "8.7.29 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-022" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-021", + "Type": "Cross-Site Scripting", + "Subcomponent": "Form Framework (ext:form)", + "Affected": "8.7.29 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-021" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-020", + "Type": "Insecure Deserialization", + "Subcomponent": "Backend & Core API (ext:backend, ext:core)", + "Affected": "8.7.26 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-020" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-019", + "Type": "Arbitrary Code Execution, Cross-Site Scripting", + "Subcomponent": "Backend API (ext:backend)", + "Affected": "8.7.26 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-019" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-018", + "Type": "Security Misconfiguration", + "Subcomponent": "Frontend Session Handling (ext:frontend)", + "Affected": "8.7.26 - 8.5.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-018" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-015", + "Type": "Cross-Site Scripting", + "Subcomponent": "Link Handling (ext:core)", + "Affected": "8.7.26 - 8.3.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-015" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-014", + "Type": "Information Disclosure", + "Subcomponent": "Backend User Interface (ext:backend)", + "Affected": "8.7.26 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-014" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-013", + "Type": "Cross-Site Scripting", + "Subcomponent": "Fluid Engine (package typo3fluid/fluid)", + "Affected": "8.7.24 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-013" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-012", + "Type": "Arbitrary Code Execution", + "Subcomponent": "Image Processing via ImageMagick (ext:core)", + "Affected": "8.7.24 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-012" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-011", + "Type": "Security Misconfiguration", + "Subcomponent": "User Session Handling (ext:core)", + "Affected": "8.7.24 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-011" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-008", + "Type": "Arbitrary Code Execution", + "Subcomponent": "File List (ext:filelist)", + "Affected": "8.7.22 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-008" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-007", + "Type": "Cross-Site Scripting", + "Subcomponent": "Form Framework (ext:form)", + "Affected": "8.7.22 - 8.5.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-007" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-006", + "Type": "Cross-Site Scripting", + "Subcomponent": "3rd party library Bootstrap CSS toolkit", + "Affected": "8.7.22 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-006" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-005", + "Type": "Cross-Site Scripting", + "Subcomponent": "Fluid (ext:fluid)", + "Affected": "8.7.22 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-005" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-003", + "Type": "Broken Access Control", + "Subcomponent": "Localization Handling", + "Affected": "8.7.22 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-003" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-002", + "Type": "Security Misconfiguration", + "Subcomponent": "Backend User Account Model (ext:core)", + "Affected": "8.7.22 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-002" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-001", + "Type": "Information Disclosure", + "Subcomponent": "RequireJS package configuration", + "Affected": "8.7.22 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-001" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-012", + "Type": "Denial of Service", + "Subcomponent": "Frontend Session Handling", + "Affected": "8.7.20 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-012" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-011", + "Type": "Denial of Service", + "Subcomponent": "Online media asset handling", + "Affected": "8.7.20 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-011" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-010", + "Type": "Information Disclosure", + "Subcomponent": "Install Tool", + "Affected": "8.7.20 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-010" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-009", + "Type": "Security Misconfiguration", + "Subcomponent": "Install Tool Session Handling", + "Affected": "8.7.20 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-009" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-008", + "Type": "Cross-Site Scripting", + "Subcomponent": "Frontend user login", + "Affected": "8.7.20 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-008" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-007", + "Type": "Cross-Site Scripting", + "Subcomponent": "Backend modal component", + "Affected": "8.7.20 - 8.5.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-007" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-006", + "Type": "Cross-Site Scripting", + "Subcomponent": "Online media asset rendering", + "Affected": "8.7.20 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-006" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-005", + "Type": "Cross-Site Scripting", + "Subcomponent": "3rd party JavaScript library CKEditor", + "Affected": "8.7.20 - 8.5.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-005" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-004", + "Type": "Insecure Deserialization", + "Subcomponent": "Form Framework (ext:form)", + "Affected": "8.7.16 - 8.5.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-004" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-003", + "Type": "Privilege Escalation & SQL Injection", + "Subcomponent": "Form Framework (ext:form)", + "Affected": "8.7.16 - 8.5.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-003" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-002", + "Type": "Insecure Deserialization & Arbitrary Code Execution", + "Subcomponent": "TYPO3 CMS", + "Affected": "8.7.16 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-002" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-001", + "Type": "Authentication Bypass", + "Subcomponent": "Salted Passwords (ext:saltedpasswords)", + "Affected": "8.7.16 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-001" + }, + { + "Advisory": "TYPO3-CORE-SA-2017-007", + "Type": "Arbitrary Code Execution", + "Subcomponent": "TYPO3 CMS", + "Affected": "8.7.4 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2017-007" + }, + { + "Advisory": "TYPO3-CORE-SA-2017-005", + "Type": "Information Disclosure", + "Subcomponent": "TYPO3 CMS", + "Affected": "8.7.4 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2017-005" + }, + { + "Advisory": "TYPO3-CORE-SA-2017-006", + "Type": "Information Disclosure", + "Subcomponent": "TYPO3 CMS", + "Affected": "8.7.4 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2017-006" + }, + { + "Advisory": "TYPO3-CORE-SA-2017-004", + "Type": "Cross-Site Scripting", + "Subcomponent": "TYPO3 CMS", + "Affected": "8.7.4 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2017-004" + }, + { + "Advisory": "TYPO3-CORE-SA-2020-011", + "Type": "Sensitive Data Exposure", + "Subcomponent": "Session Storage (ext:core)", + "Affected": "8.7.37 - 8.7.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2020-011" + }, + { + "Advisory": "TYPO3-CORE-SA-2020-010", + "Type": "Cross-Site Scripting", + "Subcomponent": "Fluid (ext:fluid)", + "Affected": "8.7.37 - 8.7.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2020-010" + }, + { + "Advisory": "TYPO3-CORE-SA-2020-009", + "Type": "Cross-Site Scripting", + "Subcomponent": "Fluid Engine (package typo3fluid/fluid)", + "Affected": "8.7.37 - 8.7.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2020-009" + }, + { + "Advisory": "TYPO3-CORE-SA-2021-008", + "Type": "Cross-Site Scripting", + "Subcomponent": "Content Preview Renderer (ext:backend)", + "Affected": "8.7.39 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2021-008" + }, + { + "Advisory": "TYPO3-CORE-SA-2021-006", + "Type": "Sensitive Data Exposure", + "Subcomponent": "Session Storage (ext:core)", + "Affected": "8.7.39 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2021-006" + }, + { + "Advisory": "TYPO3-CORE-SA-2021-003", + "Type": "Broken Access Control", + "Subcomponent": "Form Framework (ext:form)", + "Affected": "8.7.39 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2021-003" + }, + { + "Advisory": "TYPO3-CORE-SA-2021-002", + "Type": "Unrestricted File Upload", + "Subcomponent": "Form Framework (ext:form)", + "Affected": "8.7.39 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2021-002" + }, + { + "Advisory": "TYPO3-CORE-SA-2021-001", + "Type": "Open Redirection", + "Subcomponent": "Login Handling (ext:core)", + "Affected": "8.7.39 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2021-001" + }, + { + "Advisory": "TYPO3-CORE-SA-2021-013", + "Type": "Cross-Site-Scripting", + "Subcomponent": "Content Rendering, HTML Parser (ext:frontend, ext:core)", + "Affected": "8.7.41 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2021-013" + }, + { + "Advisory": "TYPO3-CORE-SA-2021-012", + "Type": "Information Disclosure", + "Subcomponent": "User Authentication (ext:core)", + "Affected": "8.7.40 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2021-012" + }, + { + "Advisory": "TYPO3-CORE-SA-2021-011", + "Type": "Cross-Site Scripting", + "Subcomponent": "Backend Grid View (ext:backend)", + "Affected": "8.7.40 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2021-011" + }, + { + "Advisory": "TYPO3-CORE-SA-2021-010", + "Type": "Cross-Site Scripting", + "Subcomponent": "Query Generator & Query View (ext:lowlevel, ext:core)", + "Affected": "8.7.40 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2021-010" + } + ], + "Extensions": [ + { + "Name": "extbase", + "Title": "Log4Php", + "Repo": "https://extensions.typo3.org/extension/extbase", + "Current": "1.1.1 (alpha)", + "Url": "http://localhost:80/typo3/sysext/extbase/", + "Version": "unknown", + "Version File": "not found", + "Vulnerabilities": [] + }, + { + "Name": "feedit", + "Title": "Frontend Editing", + "Repo": "https://extensions.typo3.org/extension/feedit", + "Current": "10.0.2 (stable)", + "Url": "http://localhost:80/typo3/sysext/feedit/", + "Version": "unknown", + "Version File": "not found", + "Vulnerabilities": [] + }, + { + "Name": "func", + "Title": "WebFunc", + "Repo": "https://extensions.typo3.org/extension/func", + "Current": "9.0.1 (stable)", + "Url": "http://localhost:80/typo3/sysext/func/", + "Version": "unknown", + "Version File": "not found", + "Vulnerabilities": [] + }, + { + "Name": "rsaauth", + "Title": "RSA authentication for TYPO3", + "Repo": "https://extensions.typo3.org/extension/rsaauth", + "Current": "10.0.1 (deprecated)", + "Url": "http://localhost:80/typo3/sysext/rsaauth/", + "Version": "unknown", + "Version File": "not found", + "Vulnerabilities": [] + }, + { + "Name": "sys_action", + "Title": "UserTask Center, Actions", + "Repo": "https://extensions.typo3.org/extension/sys_action", + "Current": "10.0.0 (stable)", + "Url": "http://localhost:80/typo3/sysext/sys_action/", + "Version": "unknown", + "Version File": "not found", + "Vulnerabilities": [] + }, + { + "Name": "taskcenter", + "Title": "UserTask Center", + "Repo": "https://extensions.typo3.org/extension/taskcenter", + "Current": "10.0.0 (stable)", + "Url": "http://localhost:80/typo3/sysext/taskcenter/", + "Version": "unknown", + "Version File": "not found", + "Vulnerabilities": [] + }, + { + "Name": "tstemplate", + "Title": "WebTemplate", + "Repo": "https://extensions.typo3.org/extension/tstemplate", + "Current": "0.0.5 (stable)", + "Url": "http://localhost:80/typo3/sysext/tstemplate/", + "Version": "unknown", + "Version File": "not found", + "Vulnerabilities": [] + } + ] + } +} diff --git a/scanners/typo3scan/parser/__testFiles__/localhost_vuln_extensions.json b/scanners/typo3scan/parser/__testFiles__/localhost_vuln_extensions.json index 003a8448d1..0542dd18cd 100644 --- a/scanners/typo3scan/parser/__testFiles__/localhost_vuln_extensions.json +++ b/scanners/typo3scan/parser/__testFiles__/localhost_vuln_extensions.json @@ -1,457 +1,445 @@ { - "http://localhost:80":{ - "Backend":"http://localhost:80/typo3/index.php", - "Version":"8.7", - "Vulnerabilities":[ - { - "Advisory":"TYPO3-CORE-SA-2019-026", - "Type":"Insecure Deserialization", - "Subcomponent":"Query Generator & Query View (ext:lowlevel, ext:core)", - "Affected":"8.7.29 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-026" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-025", - "Type":"SQL Injection", - "Subcomponent":"Query Generator (ext:lowlevel)", - "Affected":"8.7.29 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-025" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-024", - "Type":"Directory Traversal", - "Subcomponent":"Extension Manager (ext:extensionmanger)", - "Affected":"8.7.29 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-024" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-023", - "Type":"Cross-Site Scripting", - "Subcomponent":"Filelist Module (ext:filelist)", - "Affected":"8.7.29 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-023" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-022", - "Type":"Cross-Site Scripting", - "Subcomponent":"Link Handling (ext:core, ext:frontend)", - "Affected":"8.7.29 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-022" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-021", - "Type":"Cross-Site Scripting", - "Subcomponent":"Form Framework (ext:form)", - "Affected":"8.7.29 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-021" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-020", - "Type":"Insecure Deserialization", - "Subcomponent":"Backend & Core API (ext:backend, ext:core)", - "Affected":"8.7.26 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-020" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-019", - "Type":"Arbitrary Code Execution, Cross-Site Scripting", - "Subcomponent":"Backend API (ext:backend)", - "Affected":"8.7.26 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-019" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-018", - "Type":"Security Misconfiguration", - "Subcomponent":"Frontend Session Handling (ext:frontend)", - "Affected":"8.7.26 - 8.5.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-018" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-015", - "Type":"Cross-Site Scripting", - "Subcomponent":"Link Handling (ext:core)", - "Affected":"8.7.26 - 8.3.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-015" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-014", - "Type":"Information Disclosure", - "Subcomponent":"Backend User Interface (ext:backend)", - "Affected":"8.7.26 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-014" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-013", - "Type":"Cross-Site Scripting", - "Subcomponent":"Fluid Engine (package typo3fluid/fluid)", - "Affected":"8.7.24 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-013" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-012", - "Type":"Arbitrary Code Execution", - "Subcomponent":"Image Processing via ImageMagick (ext:core)", - "Affected":"8.7.24 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-012" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-011", - "Type":"Security Misconfiguration", - "Subcomponent":"User Session Handling (ext:core)", - "Affected":"8.7.24 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-011" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-008", - "Type":"Arbitrary Code Execution", - "Subcomponent":"File List (ext:filelist)", - "Affected":"8.7.22 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-008" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-007", - "Type":"Cross-Site Scripting", - "Subcomponent":"Form Framework (ext:form)", - "Affected":"8.7.22 - 8.5.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-007" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-006", - "Type":"Cross-Site Scripting", - "Subcomponent":"3rd party library Bootstrap CSS toolkit", - "Affected":"8.7.22 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-006" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-005", - "Type":"Cross-Site Scripting", - "Subcomponent":"Fluid (ext:fluid)", - "Affected":"8.7.22 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-005" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-003", - "Type":"Broken Access Control", - "Subcomponent":"Localization Handling", - "Affected":"8.7.22 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-003" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-002", - "Type":"Security Misconfiguration", - "Subcomponent":"Backend User Account Model (ext:core)", - "Affected":"8.7.22 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-002" - }, - { - "Advisory":"TYPO3-CORE-SA-2019-001", - "Type":"Information Disclosure", - "Subcomponent":"RequireJS package configuration", - "Affected":"8.7.22 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2019-001" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-012", - "Type":"Denial of Service", - "Subcomponent":"Frontend Session Handling", - "Affected":"8.7.20 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-012" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-011", - "Type":"Denial of Service", - "Subcomponent":"Online media asset handling", - "Affected":"8.7.20 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-011" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-010", - "Type":"Information Disclosure", - "Subcomponent":"Install Tool", - "Affected":"8.7.20 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-010" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-009", - "Type":"Security Misconfiguration", - "Subcomponent":"Install Tool Session Handling", - "Affected":"8.7.20 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-009" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-008", - "Type":"Cross-Site Scripting", - "Subcomponent":"Frontend user login", - "Affected":"8.7.20 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-008" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-007", - "Type":"Cross-Site Scripting", - "Subcomponent":"Backend modal component", - "Affected":"8.7.20 - 8.5.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-007" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-006", - "Type":"Cross-Site Scripting", - "Subcomponent":"Online media asset rendering", - "Affected":"8.7.20 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-006" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-005", - "Type":"Cross-Site Scripting", - "Subcomponent":"3rd party JavaScript library CKEditor", - "Affected":"8.7.20 - 8.5.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-005" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-004", - "Type":"Insecure Deserialization", - "Subcomponent":"Form Framework (ext:form)", - "Affected":"8.7.16 - 8.5.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-004" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-003", - "Type":"Privilege Escalation & SQL Injection", - "Subcomponent":"Form Framework (ext:form)", - "Affected":"8.7.16 - 8.5.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-003" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-002", - "Type":"Insecure Deserialization & Arbitrary Code Execution", - "Subcomponent":"TYPO3 CMS", - "Affected":"8.7.16 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-002" - }, - { - "Advisory":"TYPO3-CORE-SA-2018-001", - "Type":"Authentication Bypass", - "Subcomponent":"Salted Passwords (ext:saltedpasswords)", - "Affected":"8.7.16 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2018-001" - }, - { - "Advisory":"TYPO3-CORE-SA-2017-007", - "Type":"Arbitrary Code Execution", - "Subcomponent":"TYPO3 CMS", - "Affected":"8.7.4 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2017-007" - }, - { - "Advisory":"TYPO3-CORE-SA-2017-005", - "Type":"Information Disclosure", - "Subcomponent":"TYPO3 CMS", - "Affected":"8.7.4 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2017-005" - }, - { - "Advisory":"TYPO3-CORE-SA-2017-006", - "Type":"Information Disclosure", - "Subcomponent":"TYPO3 CMS", - "Affected":"8.7.4 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2017-006" - }, - { - "Advisory":"TYPO3-CORE-SA-2017-004", - "Type":"Cross-Site Scripting", - "Subcomponent":"TYPO3 CMS", - "Affected":"8.7.4 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2017-004" - }, - { - "Advisory":"TYPO3-CORE-SA-2020-011", - "Type":"Sensitive Data Exposure", - "Subcomponent":"Session Storage (ext:core)", - "Affected":"8.7.37 - 8.7.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2020-011" - }, - { - "Advisory":"TYPO3-CORE-SA-2020-010", - "Type":"Cross-Site Scripting", - "Subcomponent":"Fluid (ext:fluid)", - "Affected":"8.7.37 - 8.7.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2020-010" - }, - { - "Advisory":"TYPO3-CORE-SA-2020-009", - "Type":"Cross-Site Scripting", - "Subcomponent":"Fluid Engine (package typo3fluid/fluid)", - "Affected":"8.7.37 - 8.7.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2020-009" - }, - { - "Advisory":"TYPO3-CORE-SA-2021-008", - "Type":"Cross-Site Scripting", - "Subcomponent":"Content Preview Renderer (ext:backend)", - "Affected":"8.7.39 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2021-008" - }, - { - "Advisory":"TYPO3-CORE-SA-2021-006", - "Type":"Sensitive Data Exposure", - "Subcomponent":"Session Storage (ext:core)", - "Affected":"8.7.39 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2021-006" - }, - { - "Advisory":"TYPO3-CORE-SA-2021-003", - "Type":"Broken Access Control", - "Subcomponent":"Form Framework (ext:form)", - "Affected":"8.7.39 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2021-003" - }, - { - "Advisory":"TYPO3-CORE-SA-2021-002", - "Type":"Unrestricted File Upload", - "Subcomponent":"Form Framework (ext:form)", - "Affected":"8.7.39 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2021-002" - }, - { - "Advisory":"TYPO3-CORE-SA-2021-001", - "Type":"Open Redirection", - "Subcomponent":"Login Handling (ext:core)", - "Affected":"8.7.39 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2021-001" - }, - { - "Advisory":"TYPO3-CORE-SA-2021-013", - "Type":"Cross-Site-Scripting", - "Subcomponent":"Content Rendering, HTML Parser (ext:frontend, ext:core)", - "Affected":"8.7.41 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2021-013" - }, - { - "Advisory":"TYPO3-CORE-SA-2021-012", - "Type":"Information Disclosure", - "Subcomponent":"User Authentication (ext:core)", - "Affected":"8.7.40 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2021-012" - }, - { - "Advisory":"TYPO3-CORE-SA-2021-011", - "Type":"Cross-Site Scripting", - "Subcomponent":"Backend Grid View (ext:backend)", - "Affected":"8.7.40 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2021-011" - }, - { - "Advisory":"TYPO3-CORE-SA-2021-010", - "Type":"Cross-Site Scripting", - "Subcomponent":"Query Generator & Query View (ext:lowlevel, ext:core)", - "Affected":"8.7.40 - 8.0.0", - "Advisory URL":"https://typo3.org/security/advisory/typo3-core-sa-2021-010" - } - ], - "Extensions":[ - { - "Name":"extbase", - "Title":"Log4Php", - "Repo":"https://extensions.typo3.org/extension/extbase", - "Current":"1.1.1 (alpha)", - "Url":"http://localhost:80/typo3/sysext/extbase/", - "Version":"unknown", - "Version File":"not found", - "Vulnerabilities":[ - - ] - }, - { - "Name":"feedit", - "Title":"Frontend Editing", - "Repo":"https://extensions.typo3.org/extension/feedit", - "Current":"10.0.2 (stable)", - "Url":"http://localhost:80/typo3/sysext/feedit/", - "Version":"unknown", - "Version File":"not found", - "Vulnerabilities":[ - - ] - }, - { - "Name":"func", - "Title":"WebFunc", - "Repo":"https://extensions.typo3.org/extension/func", - "Current":"9.0.1 (stable)", - "Url":"http://localhost:80/typo3/sysext/func/", - "Version":"unknown", - "Version File":"not found", - "Vulnerabilities":[ - - ] - }, - { - "Name":"rsaauth", - "Title":"RSA authentication for TYPO3", - "Repo":"https://extensions.typo3.org/extension/rsaauth", - "Current":"10.0.1 (deprecated)", - "Url":"http://localhost:80/typo3/sysext/rsaauth/", - "Version":"unknown", - "Version File":"not found", - "Vulnerabilities":[ - - ] - }, - { - "Name":"sys_action", - "Title":"UserTask Center, Actions", - "Repo":"https://extensions.typo3.org/extension/sys_action", - "Current":"10.0.0 (stable)", - "Url":"http://localhost:80/typo3/sysext/sys_action/", - "Version":"unknown", - "Version File":"not found", - "Vulnerabilities":[ - - ] - }, - { - "Name":"taskcenter", - "Title":"UserTask Center", - "Repo":"https://extensions.typo3.org/extension/taskcenter", - "Current":"10.0.0 (stable)", - "Url":"http://localhost:80/typo3/sysext/taskcenter/", - "Version":"unknown", - "Version File":"not found", - "Vulnerabilities":[ - - ] - }, - { - "Name":"tstemplate", - "Title":"WebTemplate", - "Repo":"https://extensions.typo3.org/extension/tstemplate", - "Current":"0.0.5 (stable)", - "Url":"http://localhost:80/typo3/sysext/tstemplate/", - "Version":"unknown", - "Version File":"not found", - "Vulnerabilities":[ - { - "Name":"news", - "Title":"News system", - "Repo":"https://extensions.typo3.org/extension/news", - "Current":"stable", - "Url":"http://localhost:80/typo3/sysext/news/", - "Version":"3.1.0", - "Version File":"http://localhost:80/typo3conf/ext/news/Documentation/Settings.yml", - "Vulnerabilities":[ - { - "Advisory":"TYPO3-EXT-SA-2017-001", - "Vulnerability Type":"SQL Injection", - "Affected":"3.2.6 - 0.0.0" - }, - { - "Advisory":"TYPO3-EXT-SA-2015-017", - "Vulnerability Type":"Cross-Site Scripting", - "Affected":"3.2.1 - 0.0.0" - } - ] - } - ] + "http://localhost:80": { + "Backend": "http://localhost:80/typo3/index.php", + "Version": "8.7", + "Vulnerabilities": [ + { + "Advisory": "TYPO3-CORE-SA-2019-026", + "Type": "Insecure Deserialization", + "Subcomponent": "Query Generator & Query View (ext:lowlevel, ext:core)", + "Affected": "8.7.29 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-026" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-025", + "Type": "SQL Injection", + "Subcomponent": "Query Generator (ext:lowlevel)", + "Affected": "8.7.29 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-025" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-024", + "Type": "Directory Traversal", + "Subcomponent": "Extension Manager (ext:extensionmanger)", + "Affected": "8.7.29 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-024" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-023", + "Type": "Cross-Site Scripting", + "Subcomponent": "Filelist Module (ext:filelist)", + "Affected": "8.7.29 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-023" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-022", + "Type": "Cross-Site Scripting", + "Subcomponent": "Link Handling (ext:core, ext:frontend)", + "Affected": "8.7.29 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-022" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-021", + "Type": "Cross-Site Scripting", + "Subcomponent": "Form Framework (ext:form)", + "Affected": "8.7.29 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-021" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-020", + "Type": "Insecure Deserialization", + "Subcomponent": "Backend & Core API (ext:backend, ext:core)", + "Affected": "8.7.26 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-020" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-019", + "Type": "Arbitrary Code Execution, Cross-Site Scripting", + "Subcomponent": "Backend API (ext:backend)", + "Affected": "8.7.26 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-019" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-018", + "Type": "Security Misconfiguration", + "Subcomponent": "Frontend Session Handling (ext:frontend)", + "Affected": "8.7.26 - 8.5.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-018" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-015", + "Type": "Cross-Site Scripting", + "Subcomponent": "Link Handling (ext:core)", + "Affected": "8.7.26 - 8.3.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-015" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-014", + "Type": "Information Disclosure", + "Subcomponent": "Backend User Interface (ext:backend)", + "Affected": "8.7.26 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-014" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-013", + "Type": "Cross-Site Scripting", + "Subcomponent": "Fluid Engine (package typo3fluid/fluid)", + "Affected": "8.7.24 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-013" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-012", + "Type": "Arbitrary Code Execution", + "Subcomponent": "Image Processing via ImageMagick (ext:core)", + "Affected": "8.7.24 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-012" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-011", + "Type": "Security Misconfiguration", + "Subcomponent": "User Session Handling (ext:core)", + "Affected": "8.7.24 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-011" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-008", + "Type": "Arbitrary Code Execution", + "Subcomponent": "File List (ext:filelist)", + "Affected": "8.7.22 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-008" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-007", + "Type": "Cross-Site Scripting", + "Subcomponent": "Form Framework (ext:form)", + "Affected": "8.7.22 - 8.5.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-007" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-006", + "Type": "Cross-Site Scripting", + "Subcomponent": "3rd party library Bootstrap CSS toolkit", + "Affected": "8.7.22 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-006" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-005", + "Type": "Cross-Site Scripting", + "Subcomponent": "Fluid (ext:fluid)", + "Affected": "8.7.22 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-005" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-003", + "Type": "Broken Access Control", + "Subcomponent": "Localization Handling", + "Affected": "8.7.22 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-003" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-002", + "Type": "Security Misconfiguration", + "Subcomponent": "Backend User Account Model (ext:core)", + "Affected": "8.7.22 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-002" + }, + { + "Advisory": "TYPO3-CORE-SA-2019-001", + "Type": "Information Disclosure", + "Subcomponent": "RequireJS package configuration", + "Affected": "8.7.22 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2019-001" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-012", + "Type": "Denial of Service", + "Subcomponent": "Frontend Session Handling", + "Affected": "8.7.20 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-012" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-011", + "Type": "Denial of Service", + "Subcomponent": "Online media asset handling", + "Affected": "8.7.20 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-011" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-010", + "Type": "Information Disclosure", + "Subcomponent": "Install Tool", + "Affected": "8.7.20 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-010" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-009", + "Type": "Security Misconfiguration", + "Subcomponent": "Install Tool Session Handling", + "Affected": "8.7.20 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-009" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-008", + "Type": "Cross-Site Scripting", + "Subcomponent": "Frontend user login", + "Affected": "8.7.20 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-008" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-007", + "Type": "Cross-Site Scripting", + "Subcomponent": "Backend modal component", + "Affected": "8.7.20 - 8.5.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-007" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-006", + "Type": "Cross-Site Scripting", + "Subcomponent": "Online media asset rendering", + "Affected": "8.7.20 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-006" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-005", + "Type": "Cross-Site Scripting", + "Subcomponent": "3rd party JavaScript library CKEditor", + "Affected": "8.7.20 - 8.5.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-005" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-004", + "Type": "Insecure Deserialization", + "Subcomponent": "Form Framework (ext:form)", + "Affected": "8.7.16 - 8.5.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-004" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-003", + "Type": "Privilege Escalation & SQL Injection", + "Subcomponent": "Form Framework (ext:form)", + "Affected": "8.7.16 - 8.5.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-003" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-002", + "Type": "Insecure Deserialization & Arbitrary Code Execution", + "Subcomponent": "TYPO3 CMS", + "Affected": "8.7.16 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-002" + }, + { + "Advisory": "TYPO3-CORE-SA-2018-001", + "Type": "Authentication Bypass", + "Subcomponent": "Salted Passwords (ext:saltedpasswords)", + "Affected": "8.7.16 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2018-001" + }, + { + "Advisory": "TYPO3-CORE-SA-2017-007", + "Type": "Arbitrary Code Execution", + "Subcomponent": "TYPO3 CMS", + "Affected": "8.7.4 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2017-007" + }, + { + "Advisory": "TYPO3-CORE-SA-2017-005", + "Type": "Information Disclosure", + "Subcomponent": "TYPO3 CMS", + "Affected": "8.7.4 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2017-005" + }, + { + "Advisory": "TYPO3-CORE-SA-2017-006", + "Type": "Information Disclosure", + "Subcomponent": "TYPO3 CMS", + "Affected": "8.7.4 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2017-006" + }, + { + "Advisory": "TYPO3-CORE-SA-2017-004", + "Type": "Cross-Site Scripting", + "Subcomponent": "TYPO3 CMS", + "Affected": "8.7.4 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2017-004" + }, + { + "Advisory": "TYPO3-CORE-SA-2020-011", + "Type": "Sensitive Data Exposure", + "Subcomponent": "Session Storage (ext:core)", + "Affected": "8.7.37 - 8.7.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2020-011" + }, + { + "Advisory": "TYPO3-CORE-SA-2020-010", + "Type": "Cross-Site Scripting", + "Subcomponent": "Fluid (ext:fluid)", + "Affected": "8.7.37 - 8.7.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2020-010" + }, + { + "Advisory": "TYPO3-CORE-SA-2020-009", + "Type": "Cross-Site Scripting", + "Subcomponent": "Fluid Engine (package typo3fluid/fluid)", + "Affected": "8.7.37 - 8.7.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2020-009" + }, + { + "Advisory": "TYPO3-CORE-SA-2021-008", + "Type": "Cross-Site Scripting", + "Subcomponent": "Content Preview Renderer (ext:backend)", + "Affected": "8.7.39 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2021-008" + }, + { + "Advisory": "TYPO3-CORE-SA-2021-006", + "Type": "Sensitive Data Exposure", + "Subcomponent": "Session Storage (ext:core)", + "Affected": "8.7.39 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2021-006" + }, + { + "Advisory": "TYPO3-CORE-SA-2021-003", + "Type": "Broken Access Control", + "Subcomponent": "Form Framework (ext:form)", + "Affected": "8.7.39 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2021-003" + }, + { + "Advisory": "TYPO3-CORE-SA-2021-002", + "Type": "Unrestricted File Upload", + "Subcomponent": "Form Framework (ext:form)", + "Affected": "8.7.39 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2021-002" + }, + { + "Advisory": "TYPO3-CORE-SA-2021-001", + "Type": "Open Redirection", + "Subcomponent": "Login Handling (ext:core)", + "Affected": "8.7.39 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2021-001" + }, + { + "Advisory": "TYPO3-CORE-SA-2021-013", + "Type": "Cross-Site-Scripting", + "Subcomponent": "Content Rendering, HTML Parser (ext:frontend, ext:core)", + "Affected": "8.7.41 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2021-013" + }, + { + "Advisory": "TYPO3-CORE-SA-2021-012", + "Type": "Information Disclosure", + "Subcomponent": "User Authentication (ext:core)", + "Affected": "8.7.40 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2021-012" + }, + { + "Advisory": "TYPO3-CORE-SA-2021-011", + "Type": "Cross-Site Scripting", + "Subcomponent": "Backend Grid View (ext:backend)", + "Affected": "8.7.40 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2021-011" + }, + { + "Advisory": "TYPO3-CORE-SA-2021-010", + "Type": "Cross-Site Scripting", + "Subcomponent": "Query Generator & Query View (ext:lowlevel, ext:core)", + "Affected": "8.7.40 - 8.0.0", + "Advisory URL": "https://typo3.org/security/advisory/typo3-core-sa-2021-010" + } + ], + "Extensions": [ + { + "Name": "extbase", + "Title": "Log4Php", + "Repo": "https://extensions.typo3.org/extension/extbase", + "Current": "1.1.1 (alpha)", + "Url": "http://localhost:80/typo3/sysext/extbase/", + "Version": "unknown", + "Version File": "not found", + "Vulnerabilities": [] + }, + { + "Name": "feedit", + "Title": "Frontend Editing", + "Repo": "https://extensions.typo3.org/extension/feedit", + "Current": "10.0.2 (stable)", + "Url": "http://localhost:80/typo3/sysext/feedit/", + "Version": "unknown", + "Version File": "not found", + "Vulnerabilities": [] + }, + { + "Name": "func", + "Title": "WebFunc", + "Repo": "https://extensions.typo3.org/extension/func", + "Current": "9.0.1 (stable)", + "Url": "http://localhost:80/typo3/sysext/func/", + "Version": "unknown", + "Version File": "not found", + "Vulnerabilities": [] + }, + { + "Name": "rsaauth", + "Title": "RSA authentication for TYPO3", + "Repo": "https://extensions.typo3.org/extension/rsaauth", + "Current": "10.0.1 (deprecated)", + "Url": "http://localhost:80/typo3/sysext/rsaauth/", + "Version": "unknown", + "Version File": "not found", + "Vulnerabilities": [] + }, + { + "Name": "sys_action", + "Title": "UserTask Center, Actions", + "Repo": "https://extensions.typo3.org/extension/sys_action", + "Current": "10.0.0 (stable)", + "Url": "http://localhost:80/typo3/sysext/sys_action/", + "Version": "unknown", + "Version File": "not found", + "Vulnerabilities": [] + }, + { + "Name": "taskcenter", + "Title": "UserTask Center", + "Repo": "https://extensions.typo3.org/extension/taskcenter", + "Current": "10.0.0 (stable)", + "Url": "http://localhost:80/typo3/sysext/taskcenter/", + "Version": "unknown", + "Version File": "not found", + "Vulnerabilities": [] + }, + { + "Name": "tstemplate", + "Title": "WebTemplate", + "Repo": "https://extensions.typo3.org/extension/tstemplate", + "Current": "0.0.5 (stable)", + "Url": "http://localhost:80/typo3/sysext/tstemplate/", + "Version": "unknown", + "Version File": "not found", + "Vulnerabilities": [ + { + "Name": "news", + "Title": "News system", + "Repo": "https://extensions.typo3.org/extension/news", + "Current": "stable", + "Url": "http://localhost:80/typo3/sysext/news/", + "Version": "3.1.0", + "Version File": "http://localhost:80/typo3conf/ext/news/Documentation/Settings.yml", + "Vulnerabilities": [ + { + "Advisory": "TYPO3-EXT-SA-2017-001", + "Vulnerability Type": "SQL Injection", + "Affected": "3.2.6 - 0.0.0" + }, + { + "Advisory": "TYPO3-EXT-SA-2015-017", + "Vulnerability Type": "Cross-Site Scripting", + "Affected": "3.2.1 - 0.0.0" + } + ] } - ] - } - } \ No newline at end of file + ] + } + ] + } +} diff --git a/scanners/whatweb/examples/example.com/findings.yaml b/scanners/whatweb/examples/example.com/findings.yaml index 3edcc884e0..48dcf1667a 100644 --- a/scanners/whatweb/examples/example.com/findings.yaml +++ b/scanners/whatweb/examples/example.com/findings.yaml @@ -1,25 +1,26 @@ [ - { - "name":"http://old-typo3.default.svc/", - "category":"WEB APPLICATION", - "description":"New TYPO3 site: Home", - "location":"http://old-typo3.default.svc/", - "osi_layer":"NETWORK", - "severity":"INFORMATIONAL", - "attributes":{ - "requestConfig":"WhatWeb/0.5.5", - "ipAddress":"10.96.137.239", - "country":"RESERVED/ZZ", - "HTML5":true, - "Apache":"", - "Content-Language":"en", - "HTTPServer":"Apache/2.4.25 (Debian)", - "MetaGenerator":"TYPO3 CMS", - "PHP":"", - "PoweredBy":"TYPO3", - "X-Powered-By":"PHP/7.2.34" - }, - "id":"78b495dd-a073-40b2-81e5-1a487b334fbe", - "parsed_at":"2021-12-08T10:13:54.735Z" - } - ] \ No newline at end of file + { + "name": "http://old-typo3.default.svc/", + "category": "WEB APPLICATION", + "description": "New TYPO3 site: Home", + "location": "http://old-typo3.default.svc/", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + "attributes": + { + "requestConfig": "WhatWeb/0.5.5", + "ipAddress": "10.96.137.239", + "country": "RESERVED/ZZ", + "HTML5": true, + "Apache": "", + "Content-Language": "en", + "HTTPServer": "Apache/2.4.25 (Debian)", + "MetaGenerator": "TYPO3 CMS", + "PHP": "", + "PoweredBy": "TYPO3", + "X-Powered-By": "PHP/7.2.34", + }, + "id": "78b495dd-a073-40b2-81e5-1a487b334fbe", + "parsed_at": "2021-12-08T10:13:54.735Z", + }, +] diff --git a/scanners/whatweb/parser/__testFiles__/example.com.json b/scanners/whatweb/parser/__testFiles__/example.com.json index 41ca1a5322..1c8df98c61 100644 --- a/scanners/whatweb/parser/__testFiles__/example.com.json +++ b/scanners/whatweb/parser/__testFiles__/example.com.json @@ -1,3 +1,14 @@ [ -{"target":"http://example.com","http_status":200,"request_config":{"headers":{"User-Agent":"WhatWeb/0.5.5"}},"plugins":{"Country":{"string":["EUROPEAN UNION"],"module":["EU"]},"HTML5":{},"HTTPServer":{"string":["ECS (dcb/7FA5)"]},"IP":{"string":["93.184.216.34"]},"Title":{"string":["Example Domain"]}}} + { + "target": "http://example.com", + "http_status": 200, + "request_config": { "headers": { "User-Agent": "WhatWeb/0.5.5" } }, + "plugins": { + "Country": { "string": ["EUROPEAN UNION"], "module": ["EU"] }, + "HTML5": {}, + "HTTPServer": { "string": ["ECS (dcb/7FA5)"] }, + "IP": { "string": ["93.184.216.34"] }, + "Title": { "string": ["Example Domain"] } + } + } ] diff --git a/scanners/whatweb/parser/__testFiles__/no-address.com.json b/scanners/whatweb/parser/__testFiles__/no-address.com.json index 0d4f101c7a..fe51488c70 100644 --- a/scanners/whatweb/parser/__testFiles__/no-address.com.json +++ b/scanners/whatweb/parser/__testFiles__/no-address.com.json @@ -1,2 +1 @@ -[ -] +[] diff --git a/scanners/whatweb/parser/__testFiles__/securecodebox.io.json b/scanners/whatweb/parser/__testFiles__/securecodebox.io.json index 02c9e891c2..e1c4b4bd5a 100644 --- a/scanners/whatweb/parser/__testFiles__/securecodebox.io.json +++ b/scanners/whatweb/parser/__testFiles__/securecodebox.io.json @@ -1,7 +1,54 @@ [ -{"target":"http://securecodebox.io","http_status":301,"request_config":{"headers":{"User-Agent":"WhatWeb/0.5.5"}},"plugins":{"HTTPServer":{"string":["GitHub.com"]},"IP":{"string":["185.199.109.153"]},"RedirectLocation":{"string":["https://www.securecodebox.io/"]},"Title":{"string":["301 Moved Permanently"]},"UncommonHeaders":{"string":["x-github-request-id,x-served-by,x-cache-hits,x-timer,x-fastly-request-id"]},"Via-Proxy":{"string":["1.1 varnish"]}}} -, -{"target":"https://www.securecodebox.io/","http_status":200,"request_config":{"headers":{"User-Agent":"WhatWeb/0.5.5"}},"plugins":{"HTML5":{},"HTTPServer":{"string":["GitHub.com"]},"IP":{"string":["185.199.110.153"]},"Meta-Refresh-Redirect":{"string":["https://docs.securecodebox.io/"]},"Strict-Transport-Security":{"string":["max-age=31556952"]},"Title":{"string":["secureCodeBox – Testing your Software Security"]},"UncommonHeaders":{"string":["access-control-allow-origin,x-proxy-cache,x-github-request-id,x-served-by,x-cache-hits,x-timer,x-fastly-request-id"]},"Via-Proxy":{"string":["1.1 varnish"]}}} -, -{"target":"https://docs.securecodebox.io/","http_status":200,"request_config":{"headers":{"User-Agent":"WhatWeb/0.5.5"}},"plugins":{"Country":{"string":["UNITED STATES"],"module":["US"]},"HTML5":{},"HTTPServer":{"string":["Netlify"]},"IP":{"string":["3.64.200.242"]},"MetaGenerator":{"string":["Docusaurus v2.0.0-beta.3"]},"Open-Graph-Protocol":{},"Script":{},"Strict-Transport-Security":{"string":["max-age=31536000"]},"UncommonHeaders":{"string":["x-nf-request-id"]}}} + { + "target": "http://securecodebox.io", + "http_status": 301, + "request_config": { "headers": { "User-Agent": "WhatWeb/0.5.5" } }, + "plugins": { + "HTTPServer": { "string": ["GitHub.com"] }, + "IP": { "string": ["185.199.109.153"] }, + "RedirectLocation": { "string": ["https://www.securecodebox.io/"] }, + "Title": { "string": ["301 Moved Permanently"] }, + "UncommonHeaders": { + "string": [ + "x-github-request-id,x-served-by,x-cache-hits,x-timer,x-fastly-request-id" + ] + }, + "Via-Proxy": { "string": ["1.1 varnish"] } + } + }, + { + "target": "https://www.securecodebox.io/", + "http_status": 200, + "request_config": { "headers": { "User-Agent": "WhatWeb/0.5.5" } }, + "plugins": { + "HTML5": {}, + "HTTPServer": { "string": ["GitHub.com"] }, + "IP": { "string": ["185.199.110.153"] }, + "Meta-Refresh-Redirect": { "string": ["https://docs.securecodebox.io/"] }, + "Strict-Transport-Security": { "string": ["max-age=31556952"] }, + "Title": { "string": ["secureCodeBox – Testing your Software Security"] }, + "UncommonHeaders": { + "string": [ + "access-control-allow-origin,x-proxy-cache,x-github-request-id,x-served-by,x-cache-hits,x-timer,x-fastly-request-id" + ] + }, + "Via-Proxy": { "string": ["1.1 varnish"] } + } + }, + { + "target": "https://docs.securecodebox.io/", + "http_status": 200, + "request_config": { "headers": { "User-Agent": "WhatWeb/0.5.5" } }, + "plugins": { + "Country": { "string": ["UNITED STATES"], "module": ["US"] }, + "HTML5": {}, + "HTTPServer": { "string": ["Netlify"] }, + "IP": { "string": ["3.64.200.242"] }, + "MetaGenerator": { "string": ["Docusaurus v2.0.0-beta.3"] }, + "Open-Graph-Protocol": {}, + "Script": {}, + "Strict-Transport-Security": { "string": ["max-age=31536000"] }, + "UncommonHeaders": { "string": ["x-nf-request-id"] } + } + } ] diff --git a/scanners/whatweb/parser/__testFiles__/two-domains.json b/scanners/whatweb/parser/__testFiles__/two-domains.json index 86569d984b..d4183ad42d 100644 --- a/scanners/whatweb/parser/__testFiles__/two-domains.json +++ b/scanners/whatweb/parser/__testFiles__/two-domains.json @@ -1,5 +1,34 @@ [ -{"target":"http://example.com","http_status":200,"request_config":{"headers":{"User-Agent":"WhatWeb/0.5.5"}},"plugins":{"Country":{"string":["EUROPEAN UNION"],"module":["EU"]},"HTML5":{},"HTTPServer":{"string":["ECS (dcb/7F39)"]},"IP":{"string":["93.184.216.34"]},"Title":{"string":["Example Domain"]}}} -, -{"target":"http://scanme.nmap.org","http_status":200,"request_config":{"headers":{"User-Agent":"WhatWeb/0.5.5"}},"plugins":{"Apache":{"version":["2.4.7"]},"Country":{"string":["RESERVED"],"module":["ZZ"]},"Google-Analytics":{"version":["Universal"],"account":["UA-11009417-1"]},"HTTPServer":{"os":["Ubuntu Linux"],"string":["Apache/2.4.7 (Ubuntu)"]},"IP":{"string":["45.33.32.156"]},"Script":{"string":["text/javascript"]},"Title":{"string":["Go ahead and ScanMe!"]}}} + { + "target": "http://example.com", + "http_status": 200, + "request_config": { "headers": { "User-Agent": "WhatWeb/0.5.5" } }, + "plugins": { + "Country": { "string": ["EUROPEAN UNION"], "module": ["EU"] }, + "HTML5": {}, + "HTTPServer": { "string": ["ECS (dcb/7F39)"] }, + "IP": { "string": ["93.184.216.34"] }, + "Title": { "string": ["Example Domain"] } + } + }, + { + "target": "http://scanme.nmap.org", + "http_status": 200, + "request_config": { "headers": { "User-Agent": "WhatWeb/0.5.5" } }, + "plugins": { + "Apache": { "version": ["2.4.7"] }, + "Country": { "string": ["RESERVED"], "module": ["ZZ"] }, + "Google-Analytics": { + "version": ["Universal"], + "account": ["UA-11009417-1"] + }, + "HTTPServer": { + "os": ["Ubuntu Linux"], + "string": ["Apache/2.4.7 (Ubuntu)"] + }, + "IP": { "string": ["45.33.32.156"] }, + "Script": { "string": ["text/javascript"] }, + "Title": { "string": ["Go ahead and ScanMe!"] } + } + } ] diff --git a/scanners/wpscan/examples/example.com/findings.yaml b/scanners/wpscan/examples/example.com/findings.yaml index dd1a2c5b23..6931d3e6cf 100644 --- a/scanners/wpscan/examples/example.com/findings.yaml +++ b/scanners/wpscan/examples/example.com/findings.yaml @@ -3,38 +3,29 @@ # SPDX-License-Identifier: Apache-2.0 { - "banner": { + "banner": + { "description": "WordPress Security Scanner by the WPScan Team", "version": "3.8.1", - "authors": [ - "@_WPScan_", - "@ethicalhack3r", - "@erwan_lr", - "@firefart" - ], - "sponsor": "Sponsored by Automattic - https://automattic.com/" + "authors": ["@_WPScan_", "@ethicalhack3r", "@erwan_lr", "@firefart"], + "sponsor": "Sponsored by Automattic - https://automattic.com/", }, - "start_time": 1591480247, - "start_memory": 41349120, - "target_url": "https://www.example.com/", - "target_ip": "192.168.200.100", - "effective_url": "https://www.example.com/", - "interesting_findings": [ + "start_time": 1591480247, + "start_memory": 41349120, + "target_url": "https://www.example.com/", + "target_ip": "192.168.200.100", + "effective_url": "https://www.example.com/", + "interesting_findings": + [ { "url": "https://www.example.com/", "to_s": "Headers", "type": "headers", "found_by": "Headers (Passive Detection)", "confidence": 100, - "confirmed_by": { - - }, - "references": { - - }, - "interesting_entries": [ - "Server: Apache/2.4.29 (Ubuntu)" - ] + "confirmed_by": {}, + "references": {}, + "interesting_entries": ["Server: Apache/2.4.29 (Ubuntu)"], }, { "url": "https://www.example.com/robots.txt", @@ -42,16 +33,9 @@ "type": "robots_txt", "found_by": "Robots Txt (Aggressive Detection)", "confidence": 100, - "confirmed_by": { - - }, - "references": { - - }, - "interesting_entries": [ - "/wp-admin/", - "/wp-admin/admin-ajax.php" - ] + "confirmed_by": {}, + "references": {}, + "interesting_entries": ["/wp-admin/", "/wp-admin/admin-ajax.php"], }, { "url": "https://www.example.com/readme.html", @@ -59,15 +43,9 @@ "type": "readme", "found_by": "Direct Access (Aggressive Detection)", "confidence": 100, - "confirmed_by": { - - }, - "references": { - - }, - "interesting_entries": [ - - ] + "confirmed_by": {}, + "references": {}, + "interesting_entries": [], }, { "url": "https://www.example.com/wp-content/mu-plugins/", @@ -75,17 +53,10 @@ "type": "mu_plugins", "found_by": "Direct Access (Aggressive Detection)", "confidence": 80, - "confirmed_by": { - - }, - "references": { - "url": [ - "http://codex.wordpress.org/Must_Use_Plugins" - ] - }, - "interesting_entries": [ - - ] + "confirmed_by": {}, + "references": + { "url": ["http://codex.wordpress.org/Must_Use_Plugins"] }, + "interesting_entries": [], }, { "url": "https://www.example.com/wp-cron.php", @@ -93,38 +64,35 @@ "type": "wp_cron", "found_by": "Direct Access (Aggressive Detection)", "confidence": 60, - "confirmed_by": { - - }, - "references": { - "url": [ - "https://www.iplocation.net/defend-wordpress-from-ddos", - "https://github.com/wpscanteam/wpscan/issues/1299" - ] - }, - "interesting_entries": [ - - ] - } + "confirmed_by": {}, + "references": + { + "url": + [ + "https://www.iplocation.net/defend-wordpress-from-ddos", + "https://github.com/wpscanteam/wpscan/issues/1299", + ], + }, + "interesting_entries": [], + }, ], - "version": { + "version": + { "number": "5.3.3", "release_date": "2020-04-29", "status": "latest", "found_by": "Rss Generator (Passive Detection)", "confidence": 100, - "interesting_entries": [ - "https://www.example.com/feed/, https://wordpress.org/?v=5.3.3", - "https://www.example.com/comments/feed/, https://wordpress.org/?v=5.3.3" - ], - "confirmed_by": { - - }, - "vulnerabilities": [ - - ] + "interesting_entries": + [ + "https://www.example.com/feed/, https://wordpress.org/?v=5.3.3", + "https://www.example.com/comments/feed/, https://wordpress.org/?v=5.3.3", + ], + "confirmed_by": {}, + "vulnerabilities": [], }, - "main_theme": { + "main_theme": + { "slug": "twentyseventeen", "location": "https://www.example.com/wp-content/themes/twentyseventeen/", "latest_version": "2.3", @@ -146,87 +114,79 @@ "text_domain": "twentyseventeen", "found_by": "Css Style In Homepage (Passive Detection)", "confidence": 100, - "interesting_entries": [ - - ], - "confirmed_by": { - "Css Style In 404 Page (Passive Detection)": { - "confidence": 70, - "interesting_entries": [ - - ] - } - }, - "vulnerabilities": [ - - ], - "version": { - "number": "2.2", - "confidence": 80, - "found_by": "Style (Passive Detection)", - "interesting_entries": [ - "https://www.example.com/wp-content/themes/twentyseventeen/style.css?ver=5.3.3, Match: 'Version: 2.2'" - ], - "confirmed_by": { - - } - }, - "parents": [ - - ] + "interesting_entries": [], + "confirmed_by": + { + "Css Style In 404 Page (Passive Detection)": + { "confidence": 70, "interesting_entries": [] }, + }, + "vulnerabilities": [], + "version": + { + "number": "2.2", + "confidence": 80, + "found_by": "Style (Passive Detection)", + "interesting_entries": + [ + "https://www.example.com/wp-content/themes/twentyseventeen/style.css?ver=5.3.3, Match: 'Version: 2.2'", + ], + "confirmed_by": {}, + }, + "parents": [], }, - "plugins": { - "akismet": { - "slug": "akismet", - "location": "https://www.example.com/wp-content/plugins/akismet/", - "latest_version": "4.1.6", - "last_updated": "2020-06-04T17:21:00.000Z", - "outdated": false, - "readme_url": false, - "directory_listing": false, - "error_log_url": null, - "found_by": "Known Locations (Aggressive Detection)", - "confidence": 80, - "interesting_entries": [ - "https://www.example.com/wp-content/plugins/akismet/, status: 403" - ], - "confirmed_by": { - + "plugins": + { + "akismet": + { + "slug": "akismet", + "location": "https://www.example.com/wp-content/plugins/akismet/", + "latest_version": "4.1.6", + "last_updated": "2020-06-04T17:21:00.000Z", + "outdated": false, + "readme_url": false, + "directory_listing": false, + "error_log_url": null, + "found_by": "Known Locations (Aggressive Detection)", + "confidence": 80, + "interesting_entries": + [ + "https://www.example.com/wp-content/plugins/akismet/, status: 403", + ], + "confirmed_by": {}, + "vulnerabilities": + [ + { + "title": "Akismet 2.5.0-3.1.4 - Unauthenticated Stored Cross-Site Scripting (XSS)", + "fixed_in": "3.1.5", + "references": + { + "cve": ["2015-9357"], + "url": + [ + "http://blog.akismet.com/2015/10/13/akismet-3-1-5-wordpress/", + "https://blog.sucuri.net/2015/10/security-advisory-stored-xss-in-akismet-wordpress-plugin.html", + ], + "wpvulndb": ["8215"], + }, + }, + ], + "version": null, }, - "vulnerabilities": [ - { - "title": "Akismet 2.5.0-3.1.4 - Unauthenticated Stored Cross-Site Scripting (XSS)", - "fixed_in": "3.1.5", - "references": { - "cve": [ - "2015-9357" - ], - "url": [ - "http://blog.akismet.com/2015/10/13/akismet-3-1-5-wordpress/", - "https://blog.sucuri.net/2015/10/security-advisory-stored-xss-in-akismet-wordpress-plugin.html" - ], - "wpvulndb": [ - "8215" - ] - } - } - ], - "version": null - } }, - "vuln_api": { + "vuln_api": + { "plan": "free", "requests_done_during_scan": 4, - "requests_remaining": 18 + "requests_remaining": 18, }, - "stop_time": 1591480342, - "elapsed": 94, - "requests_done": 2335, - "cached_requests": 9, - "data_sent": 631774, - "data_sent_humanised": "616.967 KB", - "data_received": 1093069, - "data_received_humanised": "1.042 MB", - "used_memory": 272867328, - "used_memory_humanised": "260.227 MB" - } + "stop_time": 1591480342, + "elapsed": 94, + "requests_done": 2335, + "cached_requests": 9, + "data_sent": 631774, + "data_sent_humanised": "616.967 KB", + "data_received": 1093069, + "data_received_humanised": "1.042 MB", + "used_memory": 272867328, + "used_memory_humanised": "260.227 MB", +} diff --git a/scanners/wpscan/examples/old-wordpress/findings.yaml b/scanners/wpscan/examples/old-wordpress/findings.yaml index aa775b0222..d991b38a20 100644 --- a/scanners/wpscan/examples/old-wordpress/findings.yaml +++ b/scanners/wpscan/examples/old-wordpress/findings.yaml @@ -12,28 +12,33 @@ "severity": "INFORMATIONAL", "reference": {}, "confidence": 100, - "attributes": { - "ip_address": "10.99.82.140", - "wpscan_version": "3.8.7", - "wpscan_requests": 4777, - "wp_version": "4.0.31", - "wp_release_date": "2020-06-10", - "wp_release_status": "latest", - "wp_interesting_entries": [ - "http://old-wordpress.demo-targets.svc.cluster.local/, Match: 'WordPress 4.0.31'" - ], - "wp_found_by": "Meta Generator (Passive Detection)", - "wp_confirmed_by": { - "Atom Generator (Aggressive Detection)": { - "confidence": 80, - "interesting_entries": [ - "http://old-wordpress.demo-targets.svc.cluster.local/?feed=atom, WordPress" - ] - } + "attributes": + { + "ip_address": "10.99.82.140", + "wpscan_version": "3.8.7", + "wpscan_requests": 4777, + "wp_version": "4.0.31", + "wp_release_date": "2020-06-10", + "wp_release_status": "latest", + "wp_interesting_entries": + [ + "http://old-wordpress.demo-targets.svc.cluster.local/, Match: 'WordPress 4.0.31'", + ], + "wp_found_by": "Meta Generator (Passive Detection)", + "wp_confirmed_by": + { + "Atom Generator (Aggressive Detection)": + { + "confidence": 80, + "interesting_entries": + [ + 'http://old-wordpress.demo-targets.svc.cluster.local/?feed=atom, WordPress', + ], + }, + }, + "wp_vulnerabilities": [], }, - "wp_vulnerabilities": [] - }, - "id": "35e61c23-d525-4509-a024-d1aef37a1623" + "id": "35e61c23-d525-4509-a024-d1aef37a1623", }, { "name": "WordPress finding 'headers'", @@ -44,15 +49,14 @@ "severity": "INFORMATIONAL", "confidence": 100, "reference": {}, - "attributes": { - "wp_interesting_entries": [ - "Server: nginx/1.7.7", - "X-Powered-By: PHP/5.4.34-0+deb7u1" - ], - "wp_found_by": "Headers (Passive Detection)", - "wp_confirmed_by": {} - }, - "id": "ca074030-2e55-4a10-bf8f-039c1b8978d9" + "attributes": + { + "wp_interesting_entries": + ["Server: nginx/1.7.7", "X-Powered-By: PHP/5.4.34-0+deb7u1"], + "wp_found_by": "Headers (Passive Detection)", + "wp_confirmed_by": {}, + }, + "id": "ca074030-2e55-4a10-bf8f-039c1b8978d9", }, { "name": "WordPress finding 'xmlrpc'", @@ -63,12 +67,13 @@ "severity": "INFORMATIONAL", "confidence": 100, "reference": {}, - "attributes": { - "wp_interesting_entries": [], - "wp_found_by": "Direct Access (Aggressive Detection)", - "wp_confirmed_by": {} - }, - "id": "9b521d88-4018-4069-971d-7a020eebab51" + "attributes": + { + "wp_interesting_entries": [], + "wp_found_by": "Direct Access (Aggressive Detection)", + "wp_confirmed_by": {}, + }, + "id": "9b521d88-4018-4069-971d-7a020eebab51", }, { "name": "WordPress finding 'readme'", @@ -79,12 +84,13 @@ "severity": "INFORMATIONAL", "confidence": 100, "reference": {}, - "attributes": { - "wp_interesting_entries": [], - "wp_found_by": "Direct Access (Aggressive Detection)", - "wp_confirmed_by": {} - }, - "id": "7160e807-b6bb-4994-9477-22cac8e2f549" + "attributes": + { + "wp_interesting_entries": [], + "wp_found_by": "Direct Access (Aggressive Detection)", + "wp_confirmed_by": {}, + }, + "id": "7160e807-b6bb-4994-9477-22cac8e2f549", }, { "name": "WordPress finding 'wp_cron'", @@ -95,11 +101,12 @@ "severity": "INFORMATIONAL", "confidence": 60, "reference": {}, - "attributes": { - "wp_interesting_entries": [], - "wp_found_by": "Direct Access (Aggressive Detection)", - "wp_confirmed_by": {} - }, - "id": "828bf907-da73-4076-994b-a46652b1f972" - } + "attributes": + { + "wp_interesting_entries": [], + "wp_found_by": "Direct Access (Aggressive Detection)", + "wp_confirmed_by": {}, + }, + "id": "828bf907-da73-4076-994b-a46652b1f972", + }, ] diff --git a/scanners/wpscan/examples/old-wordpress/wpscan-results.json b/scanners/wpscan/examples/old-wordpress/wpscan-results.json index 49c5427c23..aa17cdc79f 100644 --- a/scanners/wpscan/examples/old-wordpress/wpscan-results.json +++ b/scanners/wpscan/examples/old-wordpress/wpscan-results.json @@ -2,12 +2,7 @@ "banner": { "description": "WordPress Security Scanner by the WPScan Team", "version": "3.8.7", - "authors": [ - "@_WPScan_", - "@ethicalhack3r", - "@erwan_lr", - "@firefart" - ], + "authors": ["@_WPScan_", "@ethicalhack3r", "@erwan_lr", "@firefart"], "sponsor": "Sponsored by Automattic - https://automattic.com/" }, "start_time": 1600682567, @@ -22,12 +17,8 @@ "type": "headers", "found_by": "Headers (Passive Detection)", "confidence": 100, - "confirmed_by": { - - }, - "references": { - - }, + "confirmed_by": {}, + "references": {}, "interesting_entries": [ "Server: nginx/1.7.7", "X-Powered-By: PHP/5.4.34-0+deb7u1" @@ -39,13 +30,9 @@ "type": "xmlrpc", "found_by": "Direct Access (Aggressive Detection)", "confidence": 100, - "confirmed_by": { - - }, + "confirmed_by": {}, "references": { - "url": [ - "http://codex.wordpress.org/XML-RPC_Pingback_API" - ], + "url": ["http://codex.wordpress.org/XML-RPC_Pingback_API"], "metasploit": [ "auxiliary/scanner/http/wordpress_ghost_scanner", "auxiliary/dos/http/wordpress_xmlrpc_dos", @@ -53,9 +40,7 @@ "auxiliary/scanner/http/wordpress_pingback_access" ] }, - "interesting_entries": [ - - ] + "interesting_entries": [] }, { "url": "http://old-wordpress.demo-targets.svc.cluster.local/readme.html", @@ -63,15 +48,9 @@ "type": "readme", "found_by": "Direct Access (Aggressive Detection)", "confidence": 100, - "confirmed_by": { - - }, - "references": { - - }, - "interesting_entries": [ - - ] + "confirmed_by": {}, + "references": {}, + "interesting_entries": [] }, { "url": "http://old-wordpress.demo-targets.svc.cluster.local/wp-cron.php", @@ -79,18 +58,14 @@ "type": "wp_cron", "found_by": "Direct Access (Aggressive Detection)", "confidence": 60, - "confirmed_by": { - - }, + "confirmed_by": {}, "references": { "url": [ "https://www.iplocation.net/defend-wordpress-from-ddos", "https://github.com/wpscanteam/wpscan/issues/1299" ] }, - "interesting_entries": [ - - ] + "interesting_entries": [] } ], "version": { @@ -110,14 +85,10 @@ ] } }, - "vulnerabilities": [ - - ] + "vulnerabilities": [] }, "main_theme": null, - "plugins": { - - }, + "plugins": {}, "vuln_api": { "error": "No WPVulnDB API Token given, as a result vulnerability data has not been output.\nYou can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up" }, diff --git a/scanners/wpscan/parser/__testFiles__/empty-localhost.json b/scanners/wpscan/parser/__testFiles__/empty-localhost.json index 7a73a41bfd..0967ef424b 100644 --- a/scanners/wpscan/parser/__testFiles__/empty-localhost.json +++ b/scanners/wpscan/parser/__testFiles__/empty-localhost.json @@ -1,2 +1 @@ -{ -} \ No newline at end of file +{} diff --git a/scanners/wpscan/parser/__testFiles__/example-latest.json b/scanners/wpscan/parser/__testFiles__/example-latest.json index 76fb9f2a36..5a11c19bbd 100644 --- a/scanners/wpscan/parser/__testFiles__/example-latest.json +++ b/scanners/wpscan/parser/__testFiles__/example-latest.json @@ -1,228 +1,174 @@ { - "banner": { - "description": "WordPress Security Scanner by the WPScan Team", - "version": "3.8.1", - "authors": [ - "@_WPScan_", - "@ethicalhack3r", - "@erwan_lr", - "@firefart" - ], - "sponsor": "Sponsored by Automattic - https://automattic.com/" + "banner": { + "description": "WordPress Security Scanner by the WPScan Team", + "version": "3.8.1", + "authors": ["@_WPScan_", "@ethicalhack3r", "@erwan_lr", "@firefart"], + "sponsor": "Sponsored by Automattic - https://automattic.com/" + }, + "start_time": 1591480247, + "start_memory": 41349120, + "target_url": "https://www.example.com/", + "target_ip": "192.168.200.100", + "effective_url": "https://www.example.com/", + "interesting_findings": [ + { + "url": "https://www.example.com/", + "to_s": "Headers", + "type": "headers", + "found_by": "Headers (Passive Detection)", + "confidence": 100, + "confirmed_by": {}, + "references": {}, + "interesting_entries": ["Server: Apache/2.4.29 (Ubuntu)"] }, - "start_time": 1591480247, - "start_memory": 41349120, - "target_url": "https://www.example.com/", - "target_ip": "192.168.200.100", - "effective_url": "https://www.example.com/", - "interesting_findings": [ - { - "url": "https://www.example.com/", - "to_s": "Headers", - "type": "headers", - "found_by": "Headers (Passive Detection)", - "confidence": 100, - "confirmed_by": { - - }, - "references": { - - }, - "interesting_entries": [ - "Server: Apache/2.4.29 (Ubuntu)" - ] - }, - { - "url": "https://www.example.com/robots.txt", - "to_s": "https://www.example.com/robots.txt", - "type": "robots_txt", - "found_by": "Robots Txt (Aggressive Detection)", - "confidence": 100, - "confirmed_by": { - - }, - "references": { - - }, - "interesting_entries": [ - "/wp-admin/", - "/wp-admin/admin-ajax.php" - ] - }, - { - "url": "https://www.example.com/readme.html", - "to_s": "https://www.example.com/readme.html", - "type": "readme", - "found_by": "Direct Access (Aggressive Detection)", - "confidence": 100, - "confirmed_by": { - - }, - "references": { - - }, - "interesting_entries": [ - - ] + { + "url": "https://www.example.com/robots.txt", + "to_s": "https://www.example.com/robots.txt", + "type": "robots_txt", + "found_by": "Robots Txt (Aggressive Detection)", + "confidence": 100, + "confirmed_by": {}, + "references": {}, + "interesting_entries": ["/wp-admin/", "/wp-admin/admin-ajax.php"] + }, + { + "url": "https://www.example.com/readme.html", + "to_s": "https://www.example.com/readme.html", + "type": "readme", + "found_by": "Direct Access (Aggressive Detection)", + "confidence": 100, + "confirmed_by": {}, + "references": {}, + "interesting_entries": [] + }, + { + "url": "https://www.example.com/wp-content/mu-plugins/", + "to_s": "This site has 'Must Use Plugins': https://www.example.com/wp-content/mu-plugins/", + "type": "mu_plugins", + "found_by": "Direct Access (Aggressive Detection)", + "confidence": 80, + "confirmed_by": {}, + "references": { + "url": ["http://codex.wordpress.org/Must_Use_Plugins"] }, - { - "url": "https://www.example.com/wp-content/mu-plugins/", - "to_s": "This site has 'Must Use Plugins': https://www.example.com/wp-content/mu-plugins/", - "type": "mu_plugins", - "found_by": "Direct Access (Aggressive Detection)", - "confidence": 80, - "confirmed_by": { - - }, - "references": { - "url": [ - "http://codex.wordpress.org/Must_Use_Plugins" - ] - }, - "interesting_entries": [ - + "interesting_entries": [] + }, + { + "url": "https://www.example.com/wp-cron.php", + "to_s": "The external WP-Cron seems to be enabled: https://www.example.com/wp-cron.php", + "type": "wp_cron", + "found_by": "Direct Access (Aggressive Detection)", + "confidence": 60, + "confirmed_by": {}, + "references": { + "url": [ + "https://www.iplocation.net/defend-wordpress-from-ddos", + "https://github.com/wpscanteam/wpscan/issues/1299" ] }, - { - "url": "https://www.example.com/wp-cron.php", - "to_s": "The external WP-Cron seems to be enabled: https://www.example.com/wp-cron.php", - "type": "wp_cron", - "found_by": "Direct Access (Aggressive Detection)", - "confidence": 60, - "confirmed_by": { - - }, - "references": { - "url": [ - "https://www.iplocation.net/defend-wordpress-from-ddos", - "https://github.com/wpscanteam/wpscan/issues/1299" - ] - }, - "interesting_entries": [ - - ] - } + "interesting_entries": [] + } + ], + "version": { + "number": "5.3.3", + "release_date": "2020-04-29", + "status": "latest", + "found_by": "Rss Generator (Passive Detection)", + "confidence": 100, + "interesting_entries": [ + "https://www.example.com/feed/, https://wordpress.org/?v=5.3.3", + "https://www.example.com/comments/feed/, https://wordpress.org/?v=5.3.3" ], + "confirmed_by": {}, + "vulnerabilities": [] + }, + "main_theme": { + "slug": "twentyseventeen", + "location": "https://www.example.com/wp-content/themes/twentyseventeen/", + "latest_version": "2.3", + "last_updated": "2020-03-31T00:00:00.000Z", + "outdated": true, + "readme_url": "https://www.example.com/wp-content/themes/twentyseventeen/README.txt", + "directory_listing": false, + "error_log_url": null, + "style_url": "https://www.example.com/wp-content/themes/twentyseventeen/style.css?ver=5.3.3", + "style_name": "Twenty Seventeen", + "style_uri": "https://wordpress.org/themes/twentyseventeen/", + "description": "Twenty Seventeen brings your site to life with header video and immersive featured images. With a focus on business sites, it features multiple sections on the front page as well as widgets, navigation and social menus, a logo, and more. Personalize its asymmetrical grid with a custom color scheme and showcase your multimedia content with post formats. Our default theme for 2017 works great in many languages, for any abilities, and on any device.", + "author": "the WordPress team", + "author_uri": "https://wordpress.org/", + "template": null, + "license": "GNU General Public License v2 or later", + "license_uri": "http://www.gnu.org/licenses/gpl-2.0.html", + "tags": "one-column, two-columns, right-sidebar, flexible-header, accessibility-ready, custom-colors, custom-header, custom-menu, custom-logo, editor-style, featured-images, footer-widgets, post-formats, rtl-language-support, sticky-post, theme-options, threaded-comments, translation-ready", + "text_domain": "twentyseventeen", + "found_by": "Css Style In Homepage (Passive Detection)", + "confidence": 100, + "interesting_entries": [], + "confirmed_by": { + "Css Style In 404 Page (Passive Detection)": { + "confidence": 70, + "interesting_entries": [] + } + }, + "vulnerabilities": [], "version": { - "number": "5.3.3", - "release_date": "2020-04-29", - "status": "latest", - "found_by": "Rss Generator (Passive Detection)", - "confidence": 100, + "number": "2.2", + "confidence": 80, + "found_by": "Style (Passive Detection)", "interesting_entries": [ - "https://www.example.com/feed/, https://wordpress.org/?v=5.3.3", - "https://www.example.com/comments/feed/, https://wordpress.org/?v=5.3.3" + "https://www.example.com/wp-content/themes/twentyseventeen/style.css?ver=5.3.3, Match: 'Version: 2.2'" ], - "confirmed_by": { - - }, - "vulnerabilities": [ - - ] + "confirmed_by": {} }, - "main_theme": { - "slug": "twentyseventeen", - "location": "https://www.example.com/wp-content/themes/twentyseventeen/", - "latest_version": "2.3", - "last_updated": "2020-03-31T00:00:00.000Z", - "outdated": true, - "readme_url": "https://www.example.com/wp-content/themes/twentyseventeen/README.txt", + "parents": [] + }, + "plugins": { + "akismet": { + "slug": "akismet", + "location": "https://www.example.com/wp-content/plugins/akismet/", + "latest_version": "4.1.6", + "last_updated": "2020-06-04T17:21:00.000Z", + "outdated": false, + "readme_url": false, "directory_listing": false, "error_log_url": null, - "style_url": "https://www.example.com/wp-content/themes/twentyseventeen/style.css?ver=5.3.3", - "style_name": "Twenty Seventeen", - "style_uri": "https://wordpress.org/themes/twentyseventeen/", - "description": "Twenty Seventeen brings your site to life with header video and immersive featured images. With a focus on business sites, it features multiple sections on the front page as well as widgets, navigation and social menus, a logo, and more. Personalize its asymmetrical grid with a custom color scheme and showcase your multimedia content with post formats. Our default theme for 2017 works great in many languages, for any abilities, and on any device.", - "author": "the WordPress team", - "author_uri": "https://wordpress.org/", - "template": null, - "license": "GNU General Public License v2 or later", - "license_uri": "http://www.gnu.org/licenses/gpl-2.0.html", - "tags": "one-column, two-columns, right-sidebar, flexible-header, accessibility-ready, custom-colors, custom-header, custom-menu, custom-logo, editor-style, featured-images, footer-widgets, post-formats, rtl-language-support, sticky-post, theme-options, threaded-comments, translation-ready", - "text_domain": "twentyseventeen", - "found_by": "Css Style In Homepage (Passive Detection)", - "confidence": 100, + "found_by": "Known Locations (Aggressive Detection)", + "confidence": 80, "interesting_entries": [ - + "https://www.example.com/wp-content/plugins/akismet/, status: 403" ], - "confirmed_by": { - "Css Style In 404 Page (Passive Detection)": { - "confidence": 70, - "interesting_entries": [ - - ] - } - }, + "confirmed_by": {}, "vulnerabilities": [ - - ], - "version": { - "number": "2.2", - "confidence": 80, - "found_by": "Style (Passive Detection)", - "interesting_entries": [ - "https://www.example.com/wp-content/themes/twentyseventeen/style.css?ver=5.3.3, Match: 'Version: 2.2'" - ], - "confirmed_by": { - - } - }, - "parents": [ - - ] - }, - "plugins": { - "akismet": { - "slug": "akismet", - "location": "https://www.example.com/wp-content/plugins/akismet/", - "latest_version": "4.1.6", - "last_updated": "2020-06-04T17:21:00.000Z", - "outdated": false, - "readme_url": false, - "directory_listing": false, - "error_log_url": null, - "found_by": "Known Locations (Aggressive Detection)", - "confidence": 80, - "interesting_entries": [ - "https://www.example.com/wp-content/plugins/akismet/, status: 403" - ], - "confirmed_by": { - - }, - "vulnerabilities": [ - { - "title": "Akismet 2.5.0-3.1.4 - Unauthenticated Stored Cross-Site Scripting (XSS)", - "fixed_in": "3.1.5", - "references": { - "cve": [ - "2015-9357" - ], - "url": [ - "http://blog.akismet.com/2015/10/13/akismet-3-1-5-wordpress/", - "https://blog.sucuri.net/2015/10/security-advisory-stored-xss-in-akismet-wordpress-plugin.html" - ], - "wpvulndb": [ - "8215" - ] - } + { + "title": "Akismet 2.5.0-3.1.4 - Unauthenticated Stored Cross-Site Scripting (XSS)", + "fixed_in": "3.1.5", + "references": { + "cve": ["2015-9357"], + "url": [ + "http://blog.akismet.com/2015/10/13/akismet-3-1-5-wordpress/", + "https://blog.sucuri.net/2015/10/security-advisory-stored-xss-in-akismet-wordpress-plugin.html" + ], + "wpvulndb": ["8215"] } - ], - "version": null - } - }, - "vuln_api": { - "plan": "free", - "requests_done_during_scan": 4, - "requests_remaining": 18 - }, - "stop_time": 1591480342, - "elapsed": 94, - "requests_done": 2335, - "cached_requests": 9, - "data_sent": 631774, - "data_sent_humanised": "616.967 KB", - "data_received": 1093069, - "data_received_humanised": "1.042 MB", - "used_memory": 272867328, - "used_memory_humanised": "260.227 MB" - } \ No newline at end of file + } + ], + "version": null + } + }, + "vuln_api": { + "plan": "free", + "requests_done_during_scan": 4, + "requests_remaining": 18 + }, + "stop_time": 1591480342, + "elapsed": 94, + "requests_done": 2335, + "cached_requests": 9, + "data_sent": 631774, + "data_sent_humanised": "616.967 KB", + "data_received": 1093069, + "data_received_humanised": "1.042 MB", + "used_memory": 272867328, + "used_memory_humanised": "260.227 MB" +} diff --git a/scanners/wpscan/parser/__testFiles__/example-old.json b/scanners/wpscan/parser/__testFiles__/example-old.json index 7f927e3202..dcee8e7ead 100644 --- a/scanners/wpscan/parser/__testFiles__/example-old.json +++ b/scanners/wpscan/parser/__testFiles__/example-old.json @@ -1,243 +1,192 @@ { - "banner": { - "description": "WordPress Security Scanner by the WPScan Team", - "version": "3.8.1", - "authors": [ - "@_WPScan_", - "@ethicalhack3r", - "@erwan_lr", - "@firefart" - ], - "sponsor": "Sponsored by Automattic - https://automattic.com/" + "banner": { + "description": "WordPress Security Scanner by the WPScan Team", + "version": "3.8.1", + "authors": ["@_WPScan_", "@ethicalhack3r", "@erwan_lr", "@firefart"], + "sponsor": "Sponsored by Automattic - https://automattic.com/" + }, + "start_time": 1591480670, + "start_memory": 41410560, + "target_url": "https://www.example.com/", + "target_ip": "192.168.0.123", + "effective_url": "https://www.example.com/", + "interesting_findings": [ + { + "url": "https://www.example.com/", + "to_s": "Headers", + "type": "headers", + "found_by": "Headers (Passive Detection)", + "confidence": 100, + "confirmed_by": {}, + "references": {}, + "interesting_entries": ["server: Apache", "x-cache-handler: php"] }, - "start_time": 1591480670, - "start_memory": 41410560, - "target_url": "https://www.example.com/", - "target_ip": "192.168.0.123", - "effective_url": "https://www.example.com/", - "interesting_findings": [ - { - "url": "https://www.example.com/", - "to_s": "Headers", - "type": "headers", - "found_by": "Headers (Passive Detection)", - "confidence": 100, - "confirmed_by": { - - }, - "references": { - - }, - "interesting_entries": [ - "server: Apache", - "x-cache-handler: php" - ] - }, - { - "url": "https://www.example.com/robots.txt", - "to_s": "https://www.example.com/robots.txt", - "type": "robots_txt", - "found_by": "Robots Txt (Aggressive Detection)", - "confidence": 100, - "confirmed_by": { - - }, - "references": { - - }, - "interesting_entries": [ - "/wp-admin/", - "/wp-admin/admin-ajax.php" - ] + { + "url": "https://www.example.com/robots.txt", + "to_s": "https://www.example.com/robots.txt", + "type": "robots_txt", + "found_by": "Robots Txt (Aggressive Detection)", + "confidence": 100, + "confirmed_by": {}, + "references": {}, + "interesting_entries": ["/wp-admin/", "/wp-admin/admin-ajax.php"] + }, + { + "url": "https://www.example.com/xmlrpc.php", + "to_s": "XML-RPC seems to be enabled: https://www.example.com/xmlrpc.php", + "type": "xmlrpc", + "found_by": "Headers (Passive Detection)", + "confidence": 100, + "confirmed_by": { + "Direct Access (Aggressive Detection)": { + "confidence": 100 + } }, - { - "url": "https://www.example.com/xmlrpc.php", - "to_s": "XML-RPC seems to be enabled: https://www.example.com/xmlrpc.php", - "type": "xmlrpc", - "found_by": "Headers (Passive Detection)", - "confidence": 100, - "confirmed_by": { - "Direct Access (Aggressive Detection)": { - "confidence": 100 - } - }, - "references": { - "url": [ - "http://codex.wordpress.org/XML-RPC_Pingback_API" - ], - "metasploit": [ - "auxiliary/scanner/http/wordpress_ghost_scanner", - "auxiliary/dos/http/wordpress_xmlrpc_dos", - "auxiliary/scanner/http/wordpress_xmlrpc_login", - "auxiliary/scanner/http/wordpress_pingback_access" - ] - }, - "interesting_entries": [ - + "references": { + "url": ["http://codex.wordpress.org/XML-RPC_Pingback_API"], + "metasploit": [ + "auxiliary/scanner/http/wordpress_ghost_scanner", + "auxiliary/dos/http/wordpress_xmlrpc_dos", + "auxiliary/scanner/http/wordpress_xmlrpc_login", + "auxiliary/scanner/http/wordpress_pingback_access" ] }, - { - "url": "https://www.example.com/liesmich.html", - "to_s": "https://www.example.com/liesmich.html", - "type": "readme", - "found_by": "Direct Access (Aggressive Detection)", - "confidence": 100, - "confirmed_by": { - - }, - "references": { - - }, - "interesting_entries": [ - + "interesting_entries": [] + }, + { + "url": "https://www.example.com/liesmich.html", + "to_s": "https://www.example.com/liesmich.html", + "type": "readme", + "found_by": "Direct Access (Aggressive Detection)", + "confidence": 100, + "confirmed_by": {}, + "references": {}, + "interesting_entries": [] + }, + { + "url": "https://www.example.com/wp-cron.php", + "to_s": "The external WP-Cron seems to be enabled: https://www.example.com/wp-cron.php", + "type": "wp_cron", + "found_by": "Direct Access (Aggressive Detection)", + "confidence": 60, + "confirmed_by": {}, + "references": { + "url": [ + "https://www.iplocation.net/defend-wordpress-from-ddos", + "https://github.com/wpscanteam/wpscan/issues/1299" ] }, - { - "url": "https://www.example.com/wp-cron.php", - "to_s": "The external WP-Cron seems to be enabled: https://www.example.com/wp-cron.php", - "type": "wp_cron", - "found_by": "Direct Access (Aggressive Detection)", - "confidence": 60, - "confirmed_by": { - - }, - "references": { - "url": [ - "https://www.iplocation.net/defend-wordpress-from-ddos", - "https://github.com/wpscanteam/wpscan/issues/1299" - ] - }, + "interesting_entries": [] + } + ], + "version": { + "number": "4.8.13", + "release_date": "2020-04-29", + "status": "latest", + "found_by": "Style Etag (Aggressive Detection)", + "confidence": 100, + "interesting_entries": [ + "https://www.example.com/wp-admin/load-styles.php, Match: '4.8.13'" + ], + "confirmed_by": { + "Query Parameter In Install Page (Aggressive Detection)": { + "confidence": 90, "interesting_entries": [ - + "https://www.example.com/wp-includes/css/buttons.min.css?ver=4.8.13", + "https://www.example.com/wp-admin/css/install.min.css?ver=4.8.13", + "https://www.example.com/wp-includes/css/dashicons.min.css?ver=4.8.13" ] } - ], + }, + "vulnerabilities": [] + }, + "main_theme": { + "slug": "jupiter", + "location": "https://www.example.com/wp-content/themes/jupiter/", + "latest_version": null, + "last_updated": null, + "outdated": false, + "readme_url": false, + "directory_listing": false, + "error_log_url": null, + "style_url": "https://www.example.com/wp-content/themes/jupiter/style.css", + "style_name": "Jupiter", + "style_uri": "http://demos.artbees.net/jupiter5", + "description": "A Beautiful, Professional and Ultimate Wordpress Theme Made by Artbees. Jupiter is a Clean, Flexible, fully responsive and retina ready Wordpress theme. Its smart and hand crafted environment allows you to Build outstanding websites easy and fast.", + "author": "Artbees", + "author_uri": "http://themeforest.net/user/artbees", + "template": null, + "license": "GNU General Public License v2.0", + "license_uri": "http://www.gnu.org/licenses/gpl-2.0.html", + "tags": null, + "text_domain": "mk_framework", + "found_by": "Urls In Homepage (Passive Detection)", + "confidence": 22, + "interesting_entries": [], + "confirmed_by": { + "Urls In 404 Page (Passive Detection)": { + "confidence": 10, + "interesting_entries": [] + } + }, + "vulnerabilities": [], "version": { - "number": "4.8.13", - "release_date": "2020-04-29", - "status": "latest", - "found_by": "Style Etag (Aggressive Detection)", - "confidence": 100, + "number": "5.9.5", + "confidence": 80, + "found_by": "Style (Passive Detection)", "interesting_entries": [ - "https://www.example.com/wp-admin/load-styles.php, Match: '4.8.13'" + "https://www.example.com/wp-content/themes/jupiter/style.css, Match: 'Version: 5.9.5'" ], - "confirmed_by": { - "Query Parameter In Install Page (Aggressive Detection)": { - "confidence": 90, - "interesting_entries": [ - "https://www.example.com/wp-includes/css/buttons.min.css?ver=4.8.13", - "https://www.example.com/wp-admin/css/install.min.css?ver=4.8.13", - "https://www.example.com/wp-includes/css/dashicons.min.css?ver=4.8.13" - ] - } - }, - "vulnerabilities": [ - - ] + "confirmed_by": {} }, - "main_theme": { - "slug": "jupiter", - "location": "https://www.example.com/wp-content/themes/jupiter/", - "latest_version": null, - "last_updated": null, + "parents": [] + }, + "plugins": { + "akismet": { + "slug": "akismet", + "location": "https://www.example.com/wp-content/plugins/akismet/", + "latest_version": "4.1.6", + "last_updated": "2020-06-04T17:21:00.000Z", "outdated": false, "readme_url": false, "directory_listing": false, "error_log_url": null, - "style_url": "https://www.example.com/wp-content/themes/jupiter/style.css", - "style_name": "Jupiter", - "style_uri": "http://demos.artbees.net/jupiter5", - "description": "A Beautiful, Professional and Ultimate Wordpress Theme Made by Artbees. Jupiter is a Clean, Flexible, fully responsive and retina ready Wordpress theme. Its smart and hand crafted environment allows you to Build outstanding websites easy and fast.", - "author": "Artbees", - "author_uri": "http://themeforest.net/user/artbees", - "template": null, - "license": "GNU General Public License v2.0", - "license_uri": "http://www.gnu.org/licenses/gpl-2.0.html", - "tags": null, - "text_domain": "mk_framework", - "found_by": "Urls In Homepage (Passive Detection)", - "confidence": 22, + "found_by": "Known Locations (Aggressive Detection)", + "confidence": 80, "interesting_entries": [ - + "https://www.example.com/wp-content/plugins/akismet/, status: 403" ], - "confirmed_by": { - "Urls In 404 Page (Passive Detection)": { - "confidence": 10, - "interesting_entries": [ - - ] - } - }, + "confirmed_by": {}, "vulnerabilities": [ - - ], - "version": { - "number": "5.9.5", - "confidence": 80, - "found_by": "Style (Passive Detection)", - "interesting_entries": [ - "https://www.example.com/wp-content/themes/jupiter/style.css, Match: 'Version: 5.9.5'" - ], - "confirmed_by": { - - } - }, - "parents": [ - - ] - }, - "plugins": { - "akismet": { - "slug": "akismet", - "location": "https://www.example.com/wp-content/plugins/akismet/", - "latest_version": "4.1.6", - "last_updated": "2020-06-04T17:21:00.000Z", - "outdated": false, - "readme_url": false, - "directory_listing": false, - "error_log_url": null, - "found_by": "Known Locations (Aggressive Detection)", - "confidence": 80, - "interesting_entries": [ - "https://www.example.com/wp-content/plugins/akismet/, status: 403" - ], - "confirmed_by": { - - }, - "vulnerabilities": [ - { - "title": "Akismet 2.5.0-3.1.4 - Unauthenticated Stored Cross-Site Scripting (XSS)", - "fixed_in": "3.1.5", - "references": { - "cve": [ - "2015-9357" - ], - "url": [ - "http://blog.akismet.com/2015/10/13/akismet-3-1-5-wordpress/", - "https://blog.sucuri.net/2015/10/security-advisory-stored-xss-in-akismet-wordpress-plugin.html" - ], - "wpvulndb": [ - "8215" - ] - } + { + "title": "Akismet 2.5.0-3.1.4 - Unauthenticated Stored Cross-Site Scripting (XSS)", + "fixed_in": "3.1.5", + "references": { + "cve": ["2015-9357"], + "url": [ + "http://blog.akismet.com/2015/10/13/akismet-3-1-5-wordpress/", + "https://blog.sucuri.net/2015/10/security-advisory-stored-xss-in-akismet-wordpress-plugin.html" + ], + "wpvulndb": ["8215"] } - ], - "version": null - } - }, - "vuln_api": { - "plan": "free", - "requests_done_during_scan": 26, - "requests_remaining": 0 - }, - "stop_time": 1591481357, - "elapsed": 687, - "requests_done": 2442, - "cached_requests": 33, - "data_sent": 621290, - "data_sent_humanised": "606.729 KB", - "data_received": 2969029, - "data_received_humanised": "2.831 MB", - "used_memory": 265818112, - "used_memory_humanised": "253.504 MB" - } \ No newline at end of file + } + ], + "version": null + } + }, + "vuln_api": { + "plan": "free", + "requests_done_during_scan": 26, + "requests_remaining": 0 + }, + "stop_time": 1591481357, + "elapsed": 687, + "requests_done": 2442, + "cached_requests": 33, + "data_sent": 621290, + "data_sent_humanised": "606.729 KB", + "data_received": 2969029, + "data_received_humanised": "2.831 MB", + "used_memory": 265818112, + "used_memory_humanised": "253.504 MB" +} diff --git a/scanners/wpscan/parser/__testFiles__/no-version-detected.json b/scanners/wpscan/parser/__testFiles__/no-version-detected.json index c1b8d457cf..aca70eb1c9 100644 --- a/scanners/wpscan/parser/__testFiles__/no-version-detected.json +++ b/scanners/wpscan/parser/__testFiles__/no-version-detected.json @@ -1,176 +1,131 @@ { - "banner": { - "description": "WordPress Security Scanner by the WPScan Team", - "version": "3.8.17", - "authors": [ - "@_WPScan_", - "@ethicalhack3r", - "@erwan_lr", - "@firefart" - ], - "sponsor": "Sponsored by Automattic - https://automattic.com/" + "banner": { + "description": "WordPress Security Scanner by the WPScan Team", + "version": "3.8.17", + "authors": ["@_WPScan_", "@ethicalhack3r", "@erwan_lr", "@firefart"], + "sponsor": "Sponsored by Automattic - https://automattic.com/" + }, + "start_time": 1621260955, + "start_memory": 45334528, + "target_url": "https://wp.example.com/", + "target_ip": "203.0.113.42", + "effective_url": "https://wp.example.com/", + "interesting_findings": [ + { + "url": "https://wp.example.com/", + "to_s": "Headers", + "type": "headers", + "found_by": "Headers (Passive Detection)", + "confidence": 100, + "confirmed_by": {}, + "references": {}, + "interesting_entries": [ + "Server: Apache", + "Expect-CT: max-age=86400, enforce" + ] }, - "start_time": 1621260955, - "start_memory": 45334528, - "target_url": "https://wp.example.com/", - "target_ip": "203.0.113.42", - "effective_url": "https://wp.example.com/", - "interesting_findings": [ - { - "url": "https://wp.example.com/", - "to_s": "Headers", - "type": "headers", - "found_by": "Headers (Passive Detection)", - "confidence": 100, - "confirmed_by": { - - }, - "references": { - - }, - "interesting_entries": [ - "Server: Apache", - "Expect-CT: max-age=86400, enforce" - ] - }, - { - "url": "https://wp.example.com/robots.txt", - "to_s": "robots.txt found: https://wp.example.com/robots.txt", - "type": "robots_txt", - "found_by": "Robots Txt (Aggressive Detection)", - "confidence": 100, - "confirmed_by": { - - }, - "references": { - - }, - "interesting_entries": [ - "/wp-admin/", - "/wp-admin/admin-ajax.php" - ] - }, - { - "url": "https://wp.example.com/readme.html", - "to_s": "WordPress readme found: https://wp.example.com/readme.html", - "type": "readme", - "found_by": "Direct Access (Aggressive Detection)", - "confidence": 100, - "confirmed_by": { - - }, - "references": { - - }, - "interesting_entries": [ - - ] + { + "url": "https://wp.example.com/robots.txt", + "to_s": "robots.txt found: https://wp.example.com/robots.txt", + "type": "robots_txt", + "found_by": "Robots Txt (Aggressive Detection)", + "confidence": 100, + "confirmed_by": {}, + "references": {}, + "interesting_entries": ["/wp-admin/", "/wp-admin/admin-ajax.php"] + }, + { + "url": "https://wp.example.com/readme.html", + "to_s": "WordPress readme found: https://wp.example.com/readme.html", + "type": "readme", + "found_by": "Direct Access (Aggressive Detection)", + "confidence": 100, + "confirmed_by": {}, + "references": {}, + "interesting_entries": [] + }, + { + "url": "https://wp.example.com/wp-content/mu-plugins/", + "to_s": "This site has 'Must Use Plugins': https://wp.example.com/wp-content/mu-plugins/", + "type": "mu_plugins", + "found_by": "Direct Access (Aggressive Detection)", + "confidence": 80, + "confirmed_by": {}, + "references": { + "url": ["http://codex.wordpress.org/Must_Use_Plugins"] }, - { - "url": "https://wp.example.com/wp-content/mu-plugins/", - "to_s": "This site has 'Must Use Plugins': https://wp.example.com/wp-content/mu-plugins/", - "type": "mu_plugins", - "found_by": "Direct Access (Aggressive Detection)", - "confidence": 80, - "confirmed_by": { - - }, - "references": { - "url": [ - "http://codex.wordpress.org/Must_Use_Plugins" - ] - }, - "interesting_entries": [ - + "interesting_entries": [] + }, + { + "url": "https://wp.example.com/wp-cron.php", + "to_s": "The external WP-Cron seems to be enabled: https://wp.example.com/wp-cron.php", + "type": "wp_cron", + "found_by": "Direct Access (Aggressive Detection)", + "confidence": 60, + "confirmed_by": {}, + "references": { + "url": [ + "https://www.iplocation.net/defend-wordpress-from-ddos", + "https://github.com/wpscanteam/wpscan/issues/1299" ] }, - { - "url": "https://wp.example.com/wp-cron.php", - "to_s": "The external WP-Cron seems to be enabled: https://wp.example.com/wp-cron.php", - "type": "wp_cron", - "found_by": "Direct Access (Aggressive Detection)", - "confidence": 60, - "confirmed_by": { - - }, - "references": { - "url": [ - "https://www.iplocation.net/defend-wordpress-from-ddos", - "https://github.com/wpscanteam/wpscan/issues/1299" - ] - }, - "interesting_entries": [ - - ] + "interesting_entries": [] + } + ], + "version": null, + "main_theme": { + "slug": "twentyseventeen", + "location": "https://wp.example.com/wp-content/themes/twentyseventeen/", + "latest_version": "2.6", + "last_updated": "2021-03-09T00:00:00.000Z", + "outdated": true, + "readme_url": "https://wp.example.com/wp-content/themes/twentyseventeen/README.txt", + "directory_listing": false, + "error_log_url": null, + "style_url": "https://wp.example.com/wp-content/themes/twentyseventeen/style.css?ver=5.3.8", + "style_name": "Twenty Seventeen", + "style_uri": "https://wordpress.org/themes/twentyseventeen/", + "description": "Twenty Seventeen brings your site to life with header video and immersive featured images. With a focus on business sites, it features multiple sections on the front page as well as widgets, navigation and social menus, a logo, and more. Personalize its asymmetrical grid with a custom color scheme and showcase your multimedia content with post formats. Our default theme for 2017 works great in many languages, for any abilities, and on any device.", + "author": "the WordPress team", + "author_uri": "https://wordpress.org/", + "template": null, + "license": "GNU General Public License v2 or later", + "license_uri": "http://www.gnu.org/licenses/gpl-2.0.html", + "tags": "one-column, two-columns, right-sidebar, flexible-header, accessibility-ready, custom-colors, custom-header, custom-menu, custom-logo, editor-style, featured-images, footer-widgets, post-formats, rtl-language-support, sticky-post, theme-options, threaded-comments, translation-ready", + "text_domain": "twentyseventeen", + "found_by": "Css Style In Homepage (Passive Detection)", + "confidence": 100, + "interesting_entries": [], + "confirmed_by": { + "Css Style In 404 Page (Passive Detection)": { + "confidence": 70, + "interesting_entries": [] } - ], - "version": null, - "main_theme": { - "slug": "twentyseventeen", - "location": "https://wp.example.com/wp-content/themes/twentyseventeen/", - "latest_version": "2.6", - "last_updated": "2021-03-09T00:00:00.000Z", - "outdated": true, - "readme_url": "https://wp.example.com/wp-content/themes/twentyseventeen/README.txt", - "directory_listing": false, - "error_log_url": null, - "style_url": "https://wp.example.com/wp-content/themes/twentyseventeen/style.css?ver=5.3.8", - "style_name": "Twenty Seventeen", - "style_uri": "https://wordpress.org/themes/twentyseventeen/", - "description": "Twenty Seventeen brings your site to life with header video and immersive featured images. With a focus on business sites, it features multiple sections on the front page as well as widgets, navigation and social menus, a logo, and more. Personalize its asymmetrical grid with a custom color scheme and showcase your multimedia content with post formats. Our default theme for 2017 works great in many languages, for any abilities, and on any device.", - "author": "the WordPress team", - "author_uri": "https://wordpress.org/", - "template": null, - "license": "GNU General Public License v2 or later", - "license_uri": "http://www.gnu.org/licenses/gpl-2.0.html", - "tags": "one-column, two-columns, right-sidebar, flexible-header, accessibility-ready, custom-colors, custom-header, custom-menu, custom-logo, editor-style, featured-images, footer-widgets, post-formats, rtl-language-support, sticky-post, theme-options, threaded-comments, translation-ready", - "text_domain": "twentyseventeen", - "found_by": "Css Style In Homepage (Passive Detection)", - "confidence": 100, + }, + "vulnerabilities": [], + "version": { + "number": "2.2", + "confidence": 80, + "found_by": "Style (Passive Detection)", "interesting_entries": [ - + "https://wp.example.com/wp-content/themes/twentyseventeen/style.css?ver=5.3.8, Match: 'Version: 2.2'" ], - "confirmed_by": { - "Css Style In 404 Page (Passive Detection)": { - "confidence": 70, - "interesting_entries": [ - - ] - } - }, - "vulnerabilities": [ - - ], - "version": { - "number": "2.2", - "confidence": 80, - "found_by": "Style (Passive Detection)", - "interesting_entries": [ - "https://wp.example.com/wp-content/themes/twentyseventeen/style.css?ver=5.3.8, Match: 'Version: 2.2'" - ], - "confirmed_by": { - - } - }, - "parents": [ - - ] - }, - "plugins": { - - }, - "vuln_api": { - "error": "No WPScan API Token given, as a result vulnerability data has not been output.\nYou can get a free API token with 25 daily requests by registering at https://wpscan.com/register" + "confirmed_by": {} }, - "stop_time": 1621261086, - "elapsed": 130, - "requests_done": 3734, - "cached_requests": 9, - "data_sent": 1110616, - "data_sent_humanised": "1.059 MB", - "data_received": 20758381, - "data_received_humanised": "19.797 MB", - "used_memory": 256139264, - "used_memory_humanised": "244.273 MB" - } - \ No newline at end of file + "parents": [] + }, + "plugins": {}, + "vuln_api": { + "error": "No WPScan API Token given, as a result vulnerability data has not been output.\nYou can get a free API token with 25 daily requests by registering at https://wpscan.com/register" + }, + "stop_time": 1621261086, + "elapsed": 130, + "requests_done": 3734, + "cached_requests": 9, + "data_sent": 1110616, + "data_sent_humanised": "1.059 MB", + "data_received": 20758381, + "data_received_humanised": "19.797 MB", + "used_memory": 256139264, + "used_memory_humanised": "244.273 MB" +} diff --git a/scanners/wpscan/scanner/wrapper.sh b/scanners/wpscan/scanner/wrapper.sh index 4d6ee8e807..801c408fef 100644 --- a/scanners/wpscan/scanner/wrapper.sh +++ b/scanners/wpscan/scanner/wrapper.sh @@ -9,11 +9,10 @@ echo "wpscan exited with $wpscan_exit" # wpscan returns a non zero exit code when it finds vulnerabilitys # exit codes 1, 2 ,3 and 4 are errors, 5 means vulnerabilitys were found # see https://github.com/wpscanteam/CMSScanner/blob/master/lib/cms_scanner/exit_code.rb -if [[ $wpscan_exit -eq 1 ]] || [[ $wpscan_exit -eq 2 ]] || [[ $wpscan_exit -eq 3 ]] || [[ $wpscan_exit -eq 4 ]] -then - fake_exit_code=$wpscan_exit +if [[ $wpscan_exit -eq 1 ]] || [[ $wpscan_exit -eq 2 ]] || [[ $wpscan_exit -eq 3 ]] || [[ $wpscan_exit -eq 4 ]]; then + fake_exit_code=$wpscan_exit else - fake_exit_code=0 + fake_exit_code=0 fi -exit $fake_exit_code \ No newline at end of file +exit $fake_exit_code diff --git a/scanners/zap-advanced/examples/demo-bodgeit-scan-authenticated/scan.yaml b/scanners/zap-advanced/examples/demo-bodgeit-scan-authenticated/scan.yaml index ce5e04ec07..c089be246c 100644 --- a/scanners/zap-advanced/examples/demo-bodgeit-scan-authenticated/scan.yaml +++ b/scanners/zap-advanced/examples/demo-bodgeit-scan-authenticated/scan.yaml @@ -118,4 +118,4 @@ spec: volumes: - name: zap-advanced-scan-config configMap: - name: zap-advanced-scan-config \ No newline at end of file + name: zap-advanced-scan-config diff --git a/scanners/zap-advanced/examples/demo-bodgeit-scan-unauthenticated/scan.yaml b/scanners/zap-advanced/examples/demo-bodgeit-scan-unauthenticated/scan.yaml index edf8535d63..51a9422557 100644 --- a/scanners/zap-advanced/examples/demo-bodgeit-scan-unauthenticated/scan.yaml +++ b/scanners/zap-advanced/examples/demo-bodgeit-scan-unauthenticated/scan.yaml @@ -68,4 +68,3 @@ spec: - name: zap-advanced-scan-config configMap: name: zap-advanced-scan-config - diff --git a/scanners/zap-advanced/examples/demo-juiceshop-scan-authenticated/scan.yaml b/scanners/zap-advanced/examples/demo-juiceshop-scan-authenticated/scan.yaml index 7345b240be..b70954de38 100644 --- a/scanners/zap-advanced/examples/demo-juiceshop-scan-authenticated/scan.yaml +++ b/scanners/zap-advanced/examples/demo-juiceshop-scan-authenticated/scan.yaml @@ -132,4 +132,4 @@ spec: volumes: - name: zap-advanced-scan-config configMap: - name: zap-advanced-scan-config \ No newline at end of file + name: zap-advanced-scan-config diff --git a/scanners/zap-advanced/examples/demo-petstoreapi-scan-authenticated-no-hardcoded-urls/scan.yaml b/scanners/zap-advanced/examples/demo-petstoreapi-scan-authenticated-no-hardcoded-urls/scan.yaml index e703bf5d37..69e4fd8b98 100644 --- a/scanners/zap-advanced/examples/demo-petstoreapi-scan-authenticated-no-hardcoded-urls/scan.yaml +++ b/scanners/zap-advanced/examples/demo-petstoreapi-scan-authenticated-no-hardcoded-urls/scan.yaml @@ -47,7 +47,6 @@ data: # Int: The max number of threads per host, default: 2 threadPerHost: 5 - --- apiVersion: "execution.securecodebox.io/v1" kind: Scan diff --git a/scanners/zap-advanced/scanner/docker-compose.demo-apps.yaml b/scanners/zap-advanced/scanner/docker-compose.demo-apps.yaml index 783ef71980..cdae4af962 100644 --- a/scanners/zap-advanced/scanner/docker-compose.demo-apps.yaml +++ b/scanners/zap-advanced/scanner/docker-compose.demo-apps.yaml @@ -46,10 +46,10 @@ services: condition: on-failure ports: - "8000:8080" - environment: - - SWAGGER_BASE_PATH=/v2 - - SWAGGER_HOST=http://localhost:8000 - - SWAGGER_URL=http://localhost:8000 + environment: + - SWAGGER_BASE_PATH=/v2 + - SWAGGER_HOST=http://localhost:8000 + - SWAGGER_URL=http://localhost:8000 # healthcheck: # interval: 1m # retries: 3 @@ -58,4 +58,4 @@ services: # - wget # - --spider # - http://petstore/ - # timeout: 10s \ No newline at end of file + # timeout: 10s diff --git a/scanners/zap-advanced/scanner/docker-compose.test.yaml b/scanners/zap-advanced/scanner/docker-compose.test.yaml index b391e09107..f39b6109ba 100644 --- a/scanners/zap-advanced/scanner/docker-compose.test.yaml +++ b/scanners/zap-advanced/scanner/docker-compose.test.yaml @@ -46,10 +46,10 @@ services: condition: on-failure ports: - "8000:8080" - environment: - - SWAGGER_BASE_PATH=/v2 - - SWAGGER_HOST=http://localhost:8000 - - SWAGGER_URL=http://localhost:8000 + environment: + - SWAGGER_BASE_PATH=/v2 + - SWAGGER_HOST=http://localhost:8000 + - SWAGGER_URL=http://localhost:8000 # healthcheck: # interval: 1m # retries: 3 @@ -71,26 +71,26 @@ services: - "bodgeit:bodgeit" - "juiceshop:juiceshop" - "petstore:petstore" - depends_on: + depends_on: - "bodgeit" - "juiceshop" - "petstore" - volumes: + volumes: - ./scripts/authentication:/home/zap/.ZAP_D/scripts/scripts/authentication - ./scripts/session:/home/zap/.ZAP_D/scripts/scripts/session entrypoint: - - 'zap.sh' - - '-daemon' - - '-port' - - '8090' - - '-host' - - '0.0.0.0' - - '-config' - - 'api.addrs.addr.name=.*' - - '-config' - - 'api.addrs.addr.regex=true' - - '-config' - - 'api.disablekey=true' + - "zap.sh" + - "-daemon" + - "-port" + - "8090" + - "-host" + - "0.0.0.0" + - "-config" + - "api.addrs.addr.name=.*" + - "-config" + - "api.addrs.addr.regex=true" + - "-config" + - "api.disablekey=true" #- '-addonupdate' #- '-addoninstall' #- 'pscanrulesBeta' diff --git a/scanners/zap-advanced/scanner/docker-compose.yaml b/scanners/zap-advanced/scanner/docker-compose.yaml index 036babae32..2769d5539f 100644 --- a/scanners/zap-advanced/scanner/docker-compose.yaml +++ b/scanners/zap-advanced/scanner/docker-compose.yaml @@ -46,10 +46,10 @@ services: condition: on-failure ports: - "8000:8080" - environment: - - SWAGGER_BASE_PATH=/v2 - - SWAGGER_HOST=http://localhost:8000 - - SWAGGER_URL=http://localhost:8000 + environment: + - SWAGGER_BASE_PATH=/v2 + - SWAGGER_HOST=http://localhost:8000 + - SWAGGER_URL=http://localhost:8000 # healthcheck: # interval: 1m # retries: 3 @@ -71,26 +71,26 @@ services: - "bodgeit:bodgeit" - "juiceshop:juiceshop" - "petstore:petstore" - depends_on: + depends_on: - "bodgeit" - "juiceshop" - "petstore" - volumes: + volumes: - ./scripts/authentication:/home/zap/.ZAP_D/scripts/scripts/authentication - ./scripts/session:/home/zap/.ZAP_D/scripts/scripts/session entrypoint: - - 'zap.sh' - - '-daemon' - - '-port' - - '8090' - - '-host' - - '0.0.0.0' - - '-config' - - 'api.addrs.addr.name=.*' - - '-config' - - 'api.addrs.addr.regex=true' - - '-config' - - 'api.disablekey=true' + - "zap.sh" + - "-daemon" + - "-port" + - "8090" + - "-host" + - "0.0.0.0" + - "-config" + - "api.addrs.addr.name=.*" + - "-config" + - "api.addrs.addr.regex=true" + - "-config" + - "api.disablekey=true" #- '-addonupdate' #- '-addoninstall' #- 'pscanrulesBeta' @@ -118,24 +118,31 @@ services: condition: none links: - "zap:zap" - depends_on: + depends_on: - "bodgeit" - "juiceshop" - "zap" - # environment: + # environment: # - SCB_ZAP_CONFIG_DIR="/zap/secureCodeBox-extensions/configs/" - volumes: + volumes: - ./tests/mocks/scan-full-petstore-docker/:/home/securecodebox/configs/ - ./tests/results/:/home/securecodebox/results/ - entrypoint: ['python3', - '-m', 'zapclient', - '--report-type', 'XML', - '--zap-url', 'zap:8090', - '--output-folder', - '/home/securecodebox/results/', - '--config-folder', - '/home/securecodebox/configs/', - '-t', 'http://petstore:8080/'] + entrypoint: + [ + "python3", + "-m", + "zapclient", + "--report-type", + "XML", + "--zap-url", + "zap:8090", + "--output-folder", + "/home/securecodebox/results/", + "--config-folder", + "/home/securecodebox/configs/", + "-t", + "http://petstore:8080/", + ] # healthcheck: # interval: 1m30s # retries: 3 diff --git a/scanners/zap-advanced/scanner/tests/mocks/cascading-scan-full-local/1_zap-advanced-scan-config.yaml b/scanners/zap-advanced/scanner/tests/mocks/cascading-scan-full-local/1_zap-advanced-scan-config.yaml index b156308f89..8c878c09f7 100644 --- a/scanners/zap-advanced/scanner/tests/mocks/cascading-scan-full-local/1_zap-advanced-scan-config.yaml +++ b/scanners/zap-advanced/scanner/tests/mocks/cascading-scan-full-local/1_zap-advanced-scan-config.yaml @@ -14,7 +14,7 @@ global: - pscanrulesBeta - ascanrulesBeta # Sets the mode, which may be one of [safe, protect, standard, attack] - mode: standard + mode: standard # Sets the user agent that ZAP should use when creating HTTP messages (for example, spider messages or CONNECT requests to outgoing proxy). defaultUserAgent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/92.0.4515.159 secureCodeBox/3.1.0" @@ -25,44 +25,44 @@ contexts: # The top level url, mandatory, everything under this will be included # An optional list of regexes to exclude excludePaths: - - ".*socket\\.io.*" - - ".*\\.png" - - ".*\\.jpeg" - - ".*\\.jpg" - - ".*\\.woff" - - ".*\\.woff2" - - ".*\\.ttf" - - ".*\\.ico" + - ".*socket\\.io.*" + - ".*\\.png" + - ".*\\.jpeg" + - ".*\\.jpg" + - ".*\\.woff" + - ".*\\.woff2" + - ".*\\.ttf" + - ".*\\.ico" apis: [] # ZAP Spiders Configuration spiders: -- name: scb-test-spider - # String: Name of the context to spider, default: first context - context: scb-test-context - # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited - maxDuration: 10 - # Int: The maximum tree depth to explore, default 5 - maxDepth: 5 - # Int: The maximum number of children to add to each node in the tree - maxChildren: 10 - # -- Bool: Whether to use the ZAP ajax spider, default: false - ajax: true - # -- Int: Fail if spider finds less than the specified number of URLs, default: 0 - failIfFoundUrlsLessThan: 0 - # -- Int: Warn if spider finds less than the specified number of URLs, default: 0 - warnIfFoundUrlsLessThan: 0 - # -- Bool: Whether the spider will accept cookies, default: true - acceptCookies: true - # -- Bool: Whether the spider will handle OData responses, default: false - handleODataParametersVisited: false - # -- Enum [ignore_completely, ignore_value, use_all]: How query string parameters are used when checking if a URI has already been visited, default: use_all - handleParameters: use_all - # -- Int: The max size of a response that will be parsed, default: 2621440 - 2.5 Mb - maxParseSizeBytes: 2621440 - # -- Bool: Whether the spider will parse HTML comments in order to find URLs, default: true - parseComments: true + - name: scb-test-spider + # String: Name of the context to spider, default: first context + context: scb-test-context + # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited + maxDuration: 10 + # Int: The maximum tree depth to explore, default 5 + maxDepth: 5 + # Int: The maximum number of children to add to each node in the tree + maxChildren: 10 + # -- Bool: Whether to use the ZAP ajax spider, default: false + ajax: true + # -- Int: Fail if spider finds less than the specified number of URLs, default: 0 + failIfFoundUrlsLessThan: 0 + # -- Int: Warn if spider finds less than the specified number of URLs, default: 0 + warnIfFoundUrlsLessThan: 0 + # -- Bool: Whether the spider will accept cookies, default: true + acceptCookies: true + # -- Bool: Whether the spider will handle OData responses, default: false + handleODataParametersVisited: false + # -- Enum [ignore_completely, ignore_value, use_all]: How query string parameters are used when checking if a URI has already been visited, default: use_all + handleParameters: use_all + # -- Int: The max size of a response that will be parsed, default: 2621440 - 2.5 Mb + maxParseSizeBytes: 2621440 + # -- Bool: Whether the spider will parse HTML comments in order to find URLs, default: true + parseComments: true # ZAP ActiveScans Configuration scanners: @@ -71,7 +71,7 @@ scanners: context: scb-test-context # Int: The max time in minutes any individual rule will be allowed to run for, default: 0 unlimited maxRuleDurationInMins: 5 - # Int: The max time in minutes the active scanner will be allowed to run for, default: 0 unlimited + # Int: The max time in minutes the active scanner will be allowed to run for, default: 0 unlimited maxScanDurationInMins: 120 # Int: The max number of threads per host, default: 2 threadPerHost: 2 @@ -81,7 +81,7 @@ scanners: addQueryParam: false # Bool: If set then automatically handle anti CSRF tokens, default: false handleAntiCSRFTokens: false - # Bool: If set then the relevant rule Id will be injected into the X-ZAP-Scan-ID header of each request, default: false + # Bool: If set then the relevant rule Id will be injected into the X-ZAP-Scan-ID header of each request, default: false injectPluginIdInHeader: false # Bool: If set then the headers of requests that do not include any parameters will be scanned, default: false - scanHeadersAllRequests: false \ No newline at end of file + scanHeadersAllRequests: false diff --git a/scanners/zap-advanced/scanner/tests/mocks/context-with-overlay-secrets/1_zap-advanced-scan-type-config.yaml b/scanners/zap-advanced/scanner/tests/mocks/context-with-overlay-secrets/1_zap-advanced-scan-type-config.yaml index a4f16b21b1..db4de5c096 100644 --- a/scanners/zap-advanced/scanner/tests/mocks/context-with-overlay-secrets/1_zap-advanced-scan-type-config.yaml +++ b/scanners/zap-advanced/scanner/tests/mocks/context-with-overlay-secrets/1_zap-advanced-scan-type-config.yaml @@ -5,7 +5,7 @@ --- # List of 1 or more contexts, mandatory contexts: -# Name to be used to refer to this context in other jobs, mandatory + # Name to be used to refer to this context in other jobs, mandatory - name: secureCodeBoxScan-Script-Based # The top level url, mandatory, everything under this will be included url: https://www.secureCodeBox.io/ diff --git a/scanners/zap-advanced/scanner/tests/mocks/context-with-overlay-secrets/2_zap-advanced-scan-type-secret.yaml b/scanners/zap-advanced/scanner/tests/mocks/context-with-overlay-secrets/2_zap-advanced-scan-type-secret.yaml index c6ee3f2595..5c40a62c2b 100644 --- a/scanners/zap-advanced/scanner/tests/mocks/context-with-overlay-secrets/2_zap-advanced-scan-type-secret.yaml +++ b/scanners/zap-advanced/scanner/tests/mocks/context-with-overlay-secrets/2_zap-advanced-scan-type-secret.yaml @@ -5,7 +5,7 @@ --- # List of 1 or more contexts, mandatory contexts: -# Name to be used to refer to this context in other jobs, mandatory + # Name to be used to refer to this context in other jobs, mandatory - name: secureCodeBoxScan-Script-Based users: - name: "script-based-user-1" diff --git a/scanners/zap-advanced/scanner/tests/mocks/context-with-overlay/2_zap-advanced-scan-config.yaml b/scanners/zap-advanced/scanner/tests/mocks/context-with-overlay/2_zap-advanced-scan-config.yaml index 275ed891d4..ca95bdfd91 100644 --- a/scanners/zap-advanced/scanner/tests/mocks/context-with-overlay/2_zap-advanced-scan-config.yaml +++ b/scanners/zap-advanced/scanner/tests/mocks/context-with-overlay/2_zap-advanced-scan-config.yaml @@ -188,4 +188,3 @@ contexts: username: "json-based-user-2" password: "json-based-password-2" forced: true - diff --git a/scanners/zap-advanced/scanner/tests/mocks/global/1_zap-advanced-scan-config.yaml b/scanners/zap-advanced/scanner/tests/mocks/global/1_zap-advanced-scan-config.yaml index ab9c1e7439..3b36702284 100644 --- a/scanners/zap-advanced/scanner/tests/mocks/global/1_zap-advanced-scan-config.yaml +++ b/scanners/zap-advanced/scanner/tests/mocks/global/1_zap-advanced-scan-config.yaml @@ -8,7 +8,7 @@ global: # Sets the ZAP Session name sessionName: SCB # Sets the connection time out, in seconds. - timeoutInSeconds: + timeoutInSeconds: # Sets the mode, which may be one of [safe, protect, standard, attack] mode: attack # Sets the user agent that ZAP should use when creating HTTP messages (for example, spider messages or CONNECT requests to outgoing proxy). @@ -29,15 +29,15 @@ global: - localhost # MANDATORY only if proxy.enabled is True. Ignored otherwise. Define if proxy server needs authentication authentication: - # Define if an outgoing proxy server is used with special authentication credentials. - enabled: false - username: "proxy-username" - password: "proxy-password" - realm: "proxy-realm" + # Define if an outgoing proxy server is used with special authentication credentials. + enabled: false + username: "proxy-username" + password: "proxy-password" + realm: "proxy-realm" socks: # Define whether or not the SOCKS proxy should be used. enabled: false - + # Determine if a proxy script must be loaded. Proxy scripts are executed for every request traversing ZAP scripts: - name: "Alert on HTTP Response Code Errors.js" diff --git a/scanners/zap-advanced/scanner/tests/mocks/scan-full-petstore-alert-filter-docker/1_zap-advanced-scan-config.yaml b/scanners/zap-advanced/scanner/tests/mocks/scan-full-petstore-alert-filter-docker/1_zap-advanced-scan-config.yaml index 860e5b40ef..e7fc74dbac 100644 --- a/scanners/zap-advanced/scanner/tests/mocks/scan-full-petstore-alert-filter-docker/1_zap-advanced-scan-config.yaml +++ b/scanners/zap-advanced/scanner/tests/mocks/scan-full-petstore-alert-filter-docker/1_zap-advanced-scan-config.yaml @@ -54,7 +54,7 @@ contexts: newLevel: "False Positive" apis: - # -- The name of the spider configuration + # -- The name of the spider configuration - name: scb-petstore-api # -- The Name of the context (zapConfiguration.contexts[x].name) to spider, default: first context available. context: scb-petstore-context @@ -79,7 +79,7 @@ spiders: maxDuration: 1 # Int: The maximum tree depth to explore, default 5 maxDepth: 5 - # Int: The maximum number of children to add to each node in the tree + # Int: The maximum number of children to add to each node in the tree maxChildren: 10 # # Int: The max size of a response that will be parsed, default: 2621440 - 2.5 Mb # maxParseSizeBytes: 2621440 @@ -107,9 +107,9 @@ spiders: requestWaitTime: 200 # Bool: Whether the spider will send the referer header, default: true sendRefererHeader: true - # Int: The number of spider threads, default: 2 + # Int: The number of spider threads, default: 2 threadCount: 5 - # String: The user agent to use in requests, default: '' - use the default ZAP one + # String: The user agent to use in requests, default: '' - use the default ZAP one userAgent: "secureCodeBox / ZAP Spider" scanners: @@ -122,7 +122,7 @@ scanners: policy: "API-Minimal" # Int: The max time in minutes any individual rule will be allowed to run for, default: 0 unlimited maxRuleDurationInMins: 1 - # Int: The max time in minutes the active scanner will be allowed to run for, default: 0 unlimited + # Int: The max time in minutes the active scanner will be allowed to run for, default: 0 unlimited maxScanDurationInMins: 5 # Int: The max number of threads per host, default: 2 threadPerHost: 5 @@ -132,7 +132,7 @@ scanners: addQueryParam: false # Bool: If set then automatically handle anti CSRF tokens, default: false handleAntiCSRFTokens: false - # Bool: If set then the relevant rule Id will be injected into the X-ZAP-Scan-ID header of each request, default: false + # Bool: If set then the relevant rule Id will be injected into the X-ZAP-Scan-ID header of each request, default: false injectPluginIdInHeader: false # Bool: If set then the headers of requests that do not include any parameters will be scanned, default: false scanHeadersAllRequests: false diff --git a/scanners/zap-advanced/scanner/tests/mocks/scan-full-petstore-docker/1_zap-advanced-scan-config.yaml b/scanners/zap-advanced/scanner/tests/mocks/scan-full-petstore-docker/1_zap-advanced-scan-config.yaml index 63e76f4f73..3ba16f5c8e 100644 --- a/scanners/zap-advanced/scanner/tests/mocks/scan-full-petstore-docker/1_zap-advanced-scan-config.yaml +++ b/scanners/zap-advanced/scanner/tests/mocks/scan-full-petstore-docker/1_zap-advanced-scan-config.yaml @@ -40,7 +40,7 @@ contexts: - ".*\\.jpeg" apis: - # -- The name of the spider configuration + # -- The name of the spider configuration - name: scb-petstore-api # -- The Name of the context (zapConfiguration.contexts[x].name) to spider, default: first context available. context: scb-petstore-context @@ -52,9 +52,9 @@ apis: hostOverride: http://petstore:8080 # -- Assumes that the OpenAPI Spec has been saved to a configmap in the namespace of the scan / this release. Should be null if not used. #configMap: null - # Object with two keys: "name" name of the config map, and "key" which is the key / property in the configmap which holds the openapi spec file. - # name: my-configmap-with-openapi-spec - # key: openapi.yaml + # Object with two keys: "name" name of the config map, and "key" which is the key / property in the configmap which holds the openapi spec file. + # name: my-configmap-with-openapi-spec + # key: openapi.yaml # -- Allows to embed the entire yaml / json OpenAPI spec in the values. Should be null if not used. #spec: null scripts: @@ -77,7 +77,7 @@ spiders: maxDuration: 1 # Int: The maximum tree depth to explore, default 5 maxDepth: 5 - # Int: The maximum number of children to add to each node in the tree + # Int: The maximum number of children to add to each node in the tree maxChildren: 10 # # Int: The max size of a response that will be parsed, default: 2621440 - 2.5 Mb # maxParseSizeBytes: 2621440 @@ -105,9 +105,9 @@ spiders: requestWaitTime: 200 # Bool: Whether the spider will send the referer header, default: true sendRefererHeader: true - # Int: The number of spider threads, default: 2 + # Int: The number of spider threads, default: 2 threadCount: 5 - # String: The user agent to use in requests, default: '' - use the default ZAP one + # String: The user agent to use in requests, default: '' - use the default ZAP one userAgent: "secureCodeBox / ZAP Spider" scanners: @@ -120,7 +120,7 @@ scanners: policy: "API-Minimal" # Int: The max time in minutes any individual rule will be allowed to run for, default: 0 unlimited maxRuleDurationInMins: 1 - # Int: The max time in minutes the active scanner will be allowed to run for, default: 0 unlimited + # Int: The max time in minutes the active scanner will be allowed to run for, default: 0 unlimited maxScanDurationInMins: 5 # Int: The max number of threads per host, default: 2 threadPerHost: 5 @@ -130,7 +130,7 @@ scanners: addQueryParam: false # Bool: If set then automatically handle anti CSRF tokens, default: false handleAntiCSRFTokens: false - # Bool: If set then the relevant rule Id will be injected into the X-ZAP-Scan-ID header of each request, default: false + # Bool: If set then the relevant rule Id will be injected into the X-ZAP-Scan-ID header of each request, default: false injectPluginIdInHeader: false # Bool: If set then the headers of requests that do not include any parameters will be scanned, default: false scanHeadersAllRequests: false diff --git a/scanners/zap-advanced/scanner/tests/mocks/scan-full-petstore-local/1_zap-advanced-scan-config.yaml b/scanners/zap-advanced/scanner/tests/mocks/scan-full-petstore-local/1_zap-advanced-scan-config.yaml index 6863017d3b..eddfbd46fc 100644 --- a/scanners/zap-advanced/scanner/tests/mocks/scan-full-petstore-local/1_zap-advanced-scan-config.yaml +++ b/scanners/zap-advanced/scanner/tests/mocks/scan-full-petstore-local/1_zap-advanced-scan-config.yaml @@ -32,7 +32,7 @@ contexts: - ".*\\.jpeg" apis: - # -- The name of the spider configuration + # -- The name of the spider configuration - name: scb-petstore-api # -- The Name of the context (zapConfiguration.contexts[x].name) to spider, default: first context available. context: scb-petstore-context @@ -44,9 +44,9 @@ apis: hostOverride: http://localhost:8000 # -- Assumes that the OpenAPI Spec has been saved to a configmap in the namespace of the scan / this release. Should be null if not used. #configMap: null - # Object with two keys: "name" name of the config map, and "key" which is the key / property in the configmap which holds the openapi spec file. - # name: my-configmap-with-openapi-spec - # key: openapi.yaml + # Object with two keys: "name" name of the config map, and "key" which is the key / property in the configmap which holds the openapi spec file. + # name: my-configmap-with-openapi-spec + # key: openapi.yaml # -- Allows to embed the entire yaml / json OpenAPI spec in the values. Should be null if not used. #spec: null @@ -64,7 +64,7 @@ spiders: maxDuration: 1 # Int: The maximum tree depth to explore, default 5 maxDepth: 5 - # Int: The maximum number of children to add to each node in the tree + # Int: The maximum number of children to add to each node in the tree maxChildren: 10 # # Int: The max size of a response that will be parsed, default: 2621440 - 2.5 Mb # maxParseSizeBytes: 2621440 @@ -92,9 +92,9 @@ spiders: requestWaitTime: 200 # Bool: Whether the spider will send the referer header, default: true sendRefererHeader: true - # Int: The number of spider threads, default: 2 + # Int: The number of spider threads, default: 2 threadCount: 5 - # String: The user agent to use in requests, default: '' - use the default ZAP one + # String: The user agent to use in requests, default: '' - use the default ZAP one userAgent: "secureCodeBox / ZAP Spider" scanners: @@ -107,7 +107,7 @@ scanners: policy: "Default Policy" # Int: The max time in minutes any individual rule will be allowed to run for, default: 0 unlimited maxRuleDurationInMins: 1 - # Int: The max time in minutes the active scanner will be allowed to run for, default: 0 unlimited + # Int: The max time in minutes the active scanner will be allowed to run for, default: 0 unlimited maxScanDurationInMins: 5 # Int: The max number of threads per host, default: 2 threadPerHost: 5 @@ -117,7 +117,7 @@ scanners: addQueryParam: false # Bool: If set then automatically handle anti CSRF tokens, default: false handleAntiCSRFTokens: false - # Bool: If set then the relevant rule Id will be injected into the X-ZAP-Scan-ID header of each request, default: false + # Bool: If set then the relevant rule Id will be injected into the X-ZAP-Scan-ID header of each request, default: false injectPluginIdInHeader: false # Bool: If set then the headers of requests that do not include any parameters will be scanned, default: false scanHeadersAllRequests: false diff --git a/scanners/zap-advanced/scanner/tests/mocks/scan-full-petstore-relative/1_zap-advanced-scan-config.yaml b/scanners/zap-advanced/scanner/tests/mocks/scan-full-petstore-relative/1_zap-advanced-scan-config.yaml index 7909c7d10d..b897e08cb3 100644 --- a/scanners/zap-advanced/scanner/tests/mocks/scan-full-petstore-relative/1_zap-advanced-scan-config.yaml +++ b/scanners/zap-advanced/scanner/tests/mocks/scan-full-petstore-relative/1_zap-advanced-scan-config.yaml @@ -54,7 +54,7 @@ spiders: maxDuration: 1 # Int: The maximum tree depth to explore, default 5 maxDepth: 5 - # Int: The maximum number of children to add to each node in the tree + # Int: The maximum number of children to add to each node in the tree maxChildren: 10 # # Int: The max size of a response that will be parsed, default: 2621440 - 2.5 Mb # maxParseSizeBytes: 2621440 @@ -82,9 +82,9 @@ spiders: requestWaitTime: 200 # Bool: Whether the spider will send the referer header, default: true sendRefererHeader: true - # Int: The number of spider threads, default: 2 + # Int: The number of spider threads, default: 2 threadCount: 5 - # String: The user agent to use in requests, default: '' - use the default ZAP one + # String: The user agent to use in requests, default: '' - use the default ZAP one userAgent: "secureCodeBox / ZAP Spider" scanners: @@ -95,7 +95,7 @@ scanners: policy: "Default Policy" # Int: The max time in minutes any individual rule will be allowed to run for, default: 0 unlimited maxRuleDurationInMins: 1 - # Int: The max time in minutes the active scanner will be allowed to run for, default: 0 unlimited + # Int: The max time in minutes the active scanner will be allowed to run for, default: 0 unlimited maxScanDurationInMins: 5 # Int: The max number of threads per host, default: 2 threadPerHost: 5 @@ -105,7 +105,7 @@ scanners: addQueryParam: false # Bool: If set then automatically handle anti CSRF tokens, default: false handleAntiCSRFTokens: false - # Bool: If set then the relevant rule Id will be injected into the X-ZAP-Scan-ID header of each request, default: false + # Bool: If set then the relevant rule Id will be injected into the X-ZAP-Scan-ID header of each request, default: false injectPluginIdInHeader: false # Bool: If set then the headers of requests that do not include any parameters will be scanned, default: false scanHeadersAllRequests: false diff --git a/scanners/zap-advanced/scanner/tests/mocks/scan-full-secureCodeBox.io/1_zap-advanced-scan-config.yaml b/scanners/zap-advanced/scanner/tests/mocks/scan-full-secureCodeBox.io/1_zap-advanced-scan-config.yaml index 604afe3524..287175cc05 100644 --- a/scanners/zap-advanced/scanner/tests/mocks/scan-full-secureCodeBox.io/1_zap-advanced-scan-config.yaml +++ b/scanners/zap-advanced/scanner/tests/mocks/scan-full-secureCodeBox.io/1_zap-advanced-scan-config.yaml @@ -34,7 +34,7 @@ spiders: maxDuration: 0 # Int: The maximum tree depth to explore, default 5 maxDepth: 5 - # Int: The maximum number of children to add to each node in the tree + # Int: The maximum number of children to add to each node in the tree maxChildren: 10 # Bool: Whether the spider will accept cookies, default: true acceptCookies: true @@ -62,9 +62,9 @@ spiders: requestWaitTime: 200 # Bool: Whether the spider will send the referer header, default: true sendRefererHeader: true - # Int: The number of spider threads, default: 2 + # Int: The number of spider threads, default: 2 threadCount: 2 - # String: The user agent to use in requests, default: '' - use the default ZAP one + # String: The user agent to use in requests, default: '' - use the default ZAP one userAgent: "secureCodeBox / ZAP Spider" scanners: @@ -77,7 +77,7 @@ scanners: policy: "Default Policy" # Int: The max time in minutes any individual rule will be allowed to run for, default: 0 unlimited maxRuleDurationInMins: 0 - # Int: The max time in minutes the active scanner will be allowed to run for, default: 0 unlimited + # Int: The max time in minutes the active scanner will be allowed to run for, default: 0 unlimited maxScanDurationInMins: 0 # Bool: If set will add an extra query parameter to requests that do not have one, default: false addQueryParam: false @@ -87,9 +87,9 @@ scanners: delayInMs: 0 # Bool: If set then automatically handle anti CSRF tokens, default: false handleAntiCSRFTokens: false - # Bool: If set then the relevant rule Id will be injected into the X-ZAP-Scan-ID header of each request, default: false + # Bool: If set then the relevant rule Id will be injected into the X-ZAP-Scan-ID header of each request, default: false injectPluginIdInHeader: false # Bool: If set then the headers of requests that do not include any parameters will be scanned, default: false scanHeadersAllRequests: false # Int: The max number of threads per host, default: 2 - threadPerHost: 2 \ No newline at end of file + threadPerHost: 2 diff --git a/scanners/zap-advanced/scanner/tests/test_integration_docker_local.py b/scanners/zap-advanced/scanner/tests/test_integration_docker_local.py index 3f335f53cc..710d744edf 100644 --- a/scanners/zap-advanced/scanner/tests/test_integration_docker_local.py +++ b/scanners/zap-advanced/scanner/tests/test_integration_docker_local.py @@ -6,16 +6,15 @@ # -*- coding: utf-8 -*- +import logging import os + import pytest import requests -import logging -import pytest - -from zapv2 import ZAPv2 from requests.exceptions import ConnectionError - from zapclient.zap_automation import ZapAutomation +from zapv2 import ZAPv2 + def is_responsive(url): try: @@ -25,10 +24,12 @@ def is_responsive(url): except ConnectionError: return False + @pytest.fixture(scope="session") def docker_compose_file(pytestconfig): return os.path.join(str(pytestconfig.rootdir), "", "docker-compose.test.yaml") + @pytest.fixture(scope="session") def get_bodgeit_url(docker_ip, docker_services): """Ensure that HTTP service is up and responsive.""" @@ -41,6 +42,7 @@ def get_bodgeit_url(docker_ip, docker_services): ) return url + @pytest.fixture(scope="session") def get_juiceshop_url(docker_ip, docker_services): """Ensure that HTTP service is up and responsive.""" @@ -53,6 +55,7 @@ def get_juiceshop_url(docker_ip, docker_services): ) return url + @pytest.fixture(scope="session") def get_petstore_url(docker_ip, docker_services): """Ensure that HTTP service is up and responsive.""" @@ -65,6 +68,7 @@ def get_petstore_url(docker_ip, docker_services): ) return url + @pytest.fixture(scope="session") def get_zap_url(docker_ip, docker_services): """Ensure that HTTP service is up and responsive.""" @@ -77,29 +81,30 @@ def get_zap_url(docker_ip, docker_services): ) return url + @pytest.fixture(scope="session") -def get_zap_instance(get_zap_url) -> ZAPv2: - +def get_zap_instance(get_zap_url) -> ZAPv2: + # MANDATORY. Define the API key generated by ZAP and used to verify actions. - apiKey = 'eor898q1luuq8054e0e5r9s3jh' + apiKey = "eor898q1luuq8054e0e5r9s3jh" # MANDATORY. Define the listening address of ZAP instance - localProxy = { - "http": get_zap_url, - "https": get_zap_url.replace("http", "https") - } + localProxy = {"http": get_zap_url, "https": get_zap_url.replace("http", "https")} - logging.info('Configuring ZAP Instance with %s', localProxy) + logging.info("Configuring ZAP Instance with %s", localProxy) # Connect ZAP API client to the listening address of ZAP instance zap = ZAPv2(proxies=localProxy, apikey=apiKey) return zap + @pytest.mark.integrationtest -def test_all_services_available(get_bodgeit_url, get_juiceshop_url, get_zap_url, get_petstore_url): +def test_all_services_available( + get_bodgeit_url, get_juiceshop_url, get_zap_url, get_petstore_url +): response = requests.get(get_bodgeit_url + "/bodgeit/") assert response.status_code == 200 - + response = requests.get(get_juiceshop_url + "/#/") assert response.status_code == 200 @@ -109,6 +114,7 @@ def test_all_services_available(get_bodgeit_url, get_juiceshop_url, get_zap_url, response = requests.get(get_zap_url + "/UI/core/") assert response.status_code == 200 + # @pytest.mark.integrationtest # def test_bodgeit_scan_without_config(get_bodgeit_url, get_zap_instance: ZAPv2): @@ -119,13 +125,14 @@ def test_all_services_available(get_bodgeit_url, get_juiceshop_url, get_zap_url, # zap_automation = ZapAutomation(zap=zap, config_dir="", target=test_target) # zap_automation.scan_target(target=test_target) - + # alerts = zap_automation.get_zap_scanner.get_alerts(test_target, [], []) # logging.info('Found ZAP Alerts: %d', len(alerts)) # assert int(len(alerts)) >= 4 + @pytest.mark.integrationtest def test_bodgeit_scan_with_config(get_bodgeit_url, get_zap_instance: ZAPv2): @@ -135,91 +142,106 @@ def test_bodgeit_scan_with_config(get_bodgeit_url, get_zap_instance: ZAPv2): logging.warning("get_bodgeit_url: %s", get_bodgeit_url) - zap_automation = ZapAutomation(zap=zap, config_dir=test_config_yaml, target=test_target) + zap_automation = ZapAutomation( + zap=zap, config_dir=test_config_yaml, target=test_target + ) zap_automation.scan_target(target=test_target) - + alerts = zap_automation.get_zap_scanner.get_alerts(test_target, [], []) - logging.info('Found ZAP Alerts: %d', len(alerts)) + logging.info("Found ZAP Alerts: %d", len(alerts)) assert int(len(alerts)) >= 4 - + + # @pytest.mark.integrationtest # def test_juiceshop_scan_without_config(get_juiceshop_url, get_zap_instance: ZAPv2): - + # zap = get_zap_instance # test_target = "http://juiceshop:3000/" # zap_automation = ZapAutomation(zap=zap, config_dir="", target=test_target) # zap_automation.scan_target(target=test_target) - + # alerts = zap_automation.get_zap_scanner.get_alerts(test_target, [], []) # logging.info('Found ZAP Alerts: %d', len(alerts)) # assert int(len(alerts)) >= 2 + @pytest.mark.integrationtest def test_juiceshop_scan_with_config(get_juiceshop_url, get_zap_instance: ZAPv2): - + zap = get_zap_instance test_config_yaml = "./tests/mocks/scan-full-juiceshop-docker/" test_target = "http://juiceshop:3000/" - zap_automation = ZapAutomation(zap=zap, config_dir=test_config_yaml, target=test_target) + zap_automation = ZapAutomation( + zap=zap, config_dir=test_config_yaml, target=test_target + ) zap_automation.scan_target(target=test_target) - + alerts = zap_automation.get_zap_scanner.get_alerts(test_target, [], []) - logging.info('Found ZAP Alerts: %d', len(alerts)) + logging.info("Found ZAP Alerts: %d", len(alerts)) assert int(len(alerts)) >= 2 + @pytest.mark.integrationtest def test_petstore_scan_with_config(get_petstore_url, get_zap_instance: ZAPv2): zap = get_zap_instance test_config_yaml = "./tests/mocks/scan-full-petstore-docker/" test_target = "http://petstore:8080/" - - zap_automation = ZapAutomation(zap=zap, config_dir=test_config_yaml, target=test_target) + + zap_automation = ZapAutomation( + zap=zap, config_dir=test_config_yaml, target=test_target + ) zap_automation.scan_target(target=test_target) - + alerts = zap_automation.get_zap_scanner.get_alerts(test_target, [], []) - logging.info('Found ZAP Alerts: %d', len(alerts)) + logging.info("Found ZAP Alerts: %d", len(alerts)) assert int(len(alerts)) >= 1 + @pytest.mark.integrationtest def test_petstore_scan_with_relative_config(get_petstore_url, get_zap_instance: ZAPv2): zap = get_zap_instance test_config_yaml = "./tests/mocks/scan-full-petstore-relative/" test_target = "http://petstore:8080/" - - zap_automation = ZapAutomation(zap=zap, config_dir=test_config_yaml, target=test_target) + + zap_automation = ZapAutomation( + zap=zap, config_dir=test_config_yaml, target=test_target + ) zap_automation.scan_target(target=test_target) - + alerts = zap_automation.get_zap_scanner.get_alerts(test_target, [], []) - logging.info('Found ZAP Alerts: %d', len(alerts)) + logging.info("Found ZAP Alerts: %d", len(alerts)) assert int(len(alerts)) >= 1 + @pytest.mark.integrationtest def test_petstore_scan_with_alert_filters(get_petstore_url, get_zap_instance: ZAPv2): zap = get_zap_instance test_config_yaml = "./tests/mocks/scan-full-petstore-alert-filter-docker/" test_target = "http://petstore:8080/" - - zap_automation = ZapAutomation(zap=zap, config_dir=test_config_yaml, target=test_target) + + zap_automation = ZapAutomation( + zap=zap, config_dir=test_config_yaml, target=test_target + ) zap_automation.scan_target(target=test_target) - + alerts = zap_automation.get_zap_scanner.get_alerts(test_target, [], []) - logging.info('Found ZAP Alerts: %d', len(alerts)) + logging.info("Found ZAP Alerts: %d", len(alerts)) # should normally be 13 alerts but most of them are ignored using alertFilters in the scan config assert int(len(alerts)) > 1 and int(len(alerts)) < 10 diff --git a/scanners/zap-advanced/scanner/tests/test_integration_zap_local.py b/scanners/zap-advanced/scanner/tests/test_integration_zap_local.py index 46176250e7..4f4a6813c5 100644 --- a/scanners/zap-advanced/scanner/tests/test_integration_zap_local.py +++ b/scanners/zap-advanced/scanner/tests/test_integration_zap_local.py @@ -6,16 +6,15 @@ # -*- coding: utf-8 -*- +import logging import os + import pytest import requests -import logging -import pytest - -from zapv2 import ZAPv2 from requests.exceptions import ConnectionError - from zapclient.zap_automation import ZapAutomation +from zapv2 import ZAPv2 + def is_responsive(url): try: @@ -25,10 +24,12 @@ def is_responsive(url): except ConnectionError: return False + @pytest.fixture(scope="session") def docker_compose_file(pytestconfig): return os.path.join(str(pytestconfig.rootdir), "", "docker-compose.test.yaml") + @pytest.fixture(scope="session") def get_bodgeit_url(docker_ip, docker_services): """Ensure that HTTP service is up and responsive.""" @@ -41,6 +42,7 @@ def get_bodgeit_url(docker_ip, docker_services): ) return url + @pytest.fixture(scope="session") def get_juiceshop_url(docker_ip, docker_services): """Ensure that HTTP service is up and responsive.""" @@ -53,6 +55,7 @@ def get_juiceshop_url(docker_ip, docker_services): ) return url + @pytest.fixture(scope="session") def get_petstore_url(docker_ip, docker_services): """Ensure that HTTP service is up and responsive.""" @@ -65,6 +68,7 @@ def get_petstore_url(docker_ip, docker_services): ) return url + @pytest.fixture(scope="session") def get_zap_url(docker_ip, docker_services): """Ensure that HTTP service is up and responsive.""" @@ -77,29 +81,30 @@ def get_zap_url(docker_ip, docker_services): ) return url + @pytest.fixture(scope="session") -def get_zap_instance(docker_ip, docker_services, get_zap_url) -> ZAPv2: - +def get_zap_instance(docker_ip, docker_services, get_zap_url) -> ZAPv2: + # MANDATORY. Define the API key generated by ZAP and used to verify actions. - apiKey = 'eor898q1luuq8054e0e5r9s3jh' + apiKey = "eor898q1luuq8054e0e5r9s3jh" # MANDATORY. Define the listening address of ZAP instance - localProxy = { - "http": "http://127.0.0.1:8010", - "https": "http://127.0.0.1:8010" - } + localProxy = {"http": "http://127.0.0.1:8010", "https": "http://127.0.0.1:8010"} - logging.info('Configuring ZAP Instance with %s', localProxy) + logging.info("Configuring ZAP Instance with %s", localProxy) # Connect ZAP API client to the listening address of ZAP instance zap = ZAPv2(proxies=localProxy, apikey=apiKey) return zap + @pytest.mark.integrationtest -def test_all_services_available(get_bodgeit_url, get_juiceshop_url, get_petstore_url, get_zap_url): +def test_all_services_available( + get_bodgeit_url, get_juiceshop_url, get_petstore_url, get_zap_url +): response = requests.get(get_bodgeit_url + "/bodgeit/") assert response.status_code == 200 - + response = requests.get(get_juiceshop_url + "/#/") assert response.status_code == 200 @@ -109,22 +114,26 @@ def test_all_services_available(get_bodgeit_url, get_juiceshop_url, get_petstore response = requests.get(get_zap_url + "/UI/core/") assert response.status_code == 200 + @pytest.mark.integrationtest def test_global_config(get_zap_instance: ZAPv2): zap = get_zap_instance test_target = "http://www.secureCodeBox.io/" test_config_yaml = "./tests/mocks/global/" - - zap_automation = ZapAutomation(zap=zap, config_dir=test_config_yaml, target=test_target) + + zap_automation = ZapAutomation( + zap=zap, config_dir=test_config_yaml, target=test_target + ) zap_automation.scan_target(target=test_target) - + alerts = zap_automation.get_zap_scanner.get_alerts(test_target, [], []) - logging.info('Found ZAP Alerts: %d', len(alerts)) + logging.info("Found ZAP Alerts: %d", len(alerts)) assert int(len(alerts)) >= 1 + @pytest.mark.integrationtest def test_scan_target_without_config(get_zap_instance: ZAPv2): @@ -134,85 +143,97 @@ def test_scan_target_without_config(get_zap_instance: ZAPv2): zap_automation = ZapAutomation(zap=zap, config_dir="", target=test_target) zap_automation.scan_target(target=test_target) + # @pytest.mark.integrationtest # def test_bodgeit_scan_without_config(get_bodgeit_url, get_zap_instance: ZAPv2): # zap = get_zap_instance # test_target = "http://localhost:8080/bodgeit/" - + # zap_automation = ZapAutomation(zap=zap, config_dir="", target=test_target) # zap_automation.scan_target(target=test_target) - + # alerts = zap_automation.get_zap_scanner.get_alerts(test_target, [], []) # logging.info('Found ZAP Alerts: %s', str(len(alerts))) # assert int(len(alerts)) >= 4 + @pytest.mark.integrationtest def test_bodgeit_scan_with_config(get_bodgeit_url, get_zap_instance: ZAPv2): zap = get_zap_instance test_config_yaml = "./tests/mocks/scan-full-bodgeit-local/" test_target = "http://localhost:8080/bodgeit/" - - zap_automation = ZapAutomation(zap=zap, config_dir=test_config_yaml, target=test_target) + + zap_automation = ZapAutomation( + zap=zap, config_dir=test_config_yaml, target=test_target + ) zap_automation.scan_target(target=test_target) - + alerts = zap_automation.get_zap_scanner.get_alerts(test_target, [], []) - logging.info('Found ZAP Alerts: %s', str(len(alerts))) + logging.info("Found ZAP Alerts: %s", str(len(alerts))) assert int(len(alerts)) >= 4 - + + # @pytest.mark.integrationtest # def test_juiceshop_scan_without_config(get_juiceshop_url, get_zap_instance: ZAPv2): - + # zap = get_zap_instance # test_config_yaml = "./tests/mocks/scan-full-juiceshop-local/" # test_target = "http://localhost:3000/" - + # zap_automation = ZapAutomation(zap=zap, config_dir="", target=test_target) # zap_automation.scan_target(target=test_target) - + # alerts = zap_automation.get_zap_scanner.get_alerts(test_target, [], []) # logging.info('Found ZAP Alerts: %s', str(len(alerts))) - + # assert int(len(alerts)) >= 2 + @pytest.mark.integrationtest def test_juiceshop_scan_with_config(get_juiceshop_url, get_zap_instance: ZAPv2): - + zap = get_zap_instance test_config_yaml = "./tests/mocks/scan-full-juiceshop-local/" test_target = "http://localhost:3000/" - - zap_automation = ZapAutomation(zap=zap, config_dir=test_config_yaml, target=test_target) + + zap_automation = ZapAutomation( + zap=zap, config_dir=test_config_yaml, target=test_target + ) zap_automation.scan_target(target=test_target) - + alerts = zap_automation.get_zap_scanner.get_alerts(test_target, [], []) - logging.info('Found ZAP Alerts: %s', str(len(alerts))) - + logging.info("Found ZAP Alerts: %s", str(len(alerts))) + assert int(len(alerts)) >= 2 + @pytest.mark.integrationtest def test_petstore_scan_with_config(get_petstore_url, get_zap_instance: ZAPv2): zap = get_zap_instance test_config_yaml = "./tests/mocks/scan-full-petstore-local/" test_target = "http://localhost:8000/" - - zap_automation = ZapAutomation(zap=zap, config_dir=test_config_yaml, target=test_target) + + zap_automation = ZapAutomation( + zap=zap, config_dir=test_config_yaml, target=test_target + ) zap_automation.scan_target(target=test_target) - + alerts = zap_automation.get_zap_scanner.get_alerts(test_target, [], []) - logging.info('Found ZAP Alerts: %s', str(len(alerts))) + logging.info("Found ZAP Alerts: %s", str(len(alerts))) assert int(len(alerts)) >= 1 + @pytest.mark.integrationtest def test_petstore_scan_with_relative_config(get_petstore_url, get_zap_instance: ZAPv2): @@ -220,16 +241,22 @@ def test_petstore_scan_with_relative_config(get_petstore_url, get_zap_instance: test_config_yaml = "./tests/mocks/scan-full-petstore-relative/" test_target = "http://localhost:8000/" test_context = "scb-petstore-context" - - zap_automation = ZapAutomation(zap=zap, config_dir=test_config_yaml, target=test_target, forced_context=test_context) + + zap_automation = ZapAutomation( + zap=zap, + config_dir=test_config_yaml, + target=test_target, + forced_context=test_context, + ) zap_automation.scan_target(target=test_target) - + alerts = zap_automation.get_zap_scanner.get_alerts(test_target, [], []) - logging.info('Found ZAP Alerts: %s', str(len(alerts))) + logging.info("Found ZAP Alerts: %s", str(len(alerts))) assert int(len(alerts)) >= 1 + @pytest.mark.integrationtest def test_cascading_scan_config(get_zap_instance: ZAPv2): @@ -237,12 +264,17 @@ def test_cascading_scan_config(get_zap_instance: ZAPv2): test_target = "http://localhost:8080/bodgeit/" test_config_yaml = "./tests/mocks/cascading-scan-full-local/" test_context = "scb-test-context" - - zap_automation = ZapAutomation(zap=zap, config_dir=test_config_yaml, target=test_target, forced_context=test_context) + + zap_automation = ZapAutomation( + zap=zap, + config_dir=test_config_yaml, + target=test_target, + forced_context=test_context, + ) zap_automation.scan_target(target=test_target) - + alerts = zap_automation.get_zap_scanner.get_alerts(test_target, [], []) - logging.info('Found ZAP Alerts: %d', len(alerts)) + logging.info("Found ZAP Alerts: %d", len(alerts)) - assert int(len(alerts)) >= 1 \ No newline at end of file + assert int(len(alerts)) >= 1 diff --git a/scanners/zap-advanced/scanner/tests/test_zap_configuration.py b/scanners/zap-advanced/scanner/tests/test_zap_configuration.py index 3b1ec7a059..7dca9787c8 100644 --- a/scanners/zap-advanced/scanner/tests/test_zap_configuration.py +++ b/scanners/zap-advanced/scanner/tests/test_zap_configuration.py @@ -6,19 +6,18 @@ # -*- coding: utf-8 -*- -import pytest - -from unittest.mock import MagicMock, Mock from unittest import TestCase +from unittest.mock import MagicMock, Mock +import pytest from zapclient.configuration.zap_configuration import ZapConfiguration -class ZapConfigurationTests(TestCase): +class ZapConfigurationTests(TestCase): @pytest.mark.unit def test_always_passes(self): self.assertTrue(True) - + @pytest.mark.unit def test_empty_config_path(self): config = ZapConfiguration("", "https://example.com") @@ -31,53 +30,73 @@ def test_corrupt_config_path(self): @pytest.mark.unit def test_existing_config_path(self): - config = ZapConfiguration("./tests/mocks/context-with-overlay/", "https://www.secureCodeBox.io/") + config = ZapConfiguration( + "./tests/mocks/context-with-overlay/", "https://www.secureCodeBox.io/" + ) self.assertIsNotNone(config.get_active_context_config) - + @pytest.mark.unit def test_empty_config_folder(self): - config = ZapConfiguration("./tests/mocks/empty/", "https://www.secureCodeBox.io/") + config = ZapConfiguration( + "./tests/mocks/empty/", "https://www.secureCodeBox.io/" + ) self.assertIsNone(config.get_active_context_config) - + @pytest.mark.unit def test_empty_config_file(self): - config = ZapConfiguration("./tests/mocks/empty-files/", "https://www.secureCodeBox.io/") + config = ZapConfiguration( + "./tests/mocks/empty-files/", "https://www.secureCodeBox.io/" + ) self.assertIsNone(config.get_active_context_config) - + @pytest.mark.unit def test_config_context_without_overlay(self): - config = ZapConfiguration("./tests/mocks/context-without-overlay/", "https://www.secureCodeBox.io/") + config = ZapConfiguration( + "./tests/mocks/context-without-overlay/", "https://www.secureCodeBox.io/" + ) self.assertIsNotNone(config.get_active_context_config) - + @pytest.mark.unit def test_config_context_with_overlay(self): - config = ZapConfiguration("./tests/mocks/context-with-overlay/", "https://www.secureCodeBox.io/") + config = ZapConfiguration( + "./tests/mocks/context-with-overlay/", "https://www.secureCodeBox.io/" + ) self.assertIsNotNone(config.get_active_context_config) @pytest.mark.unit def test_returns_the_current_context_correctly(self): - config = ZapConfiguration("./tests/mocks/context-with-overlay/", "https://www.secureCodeBox.io/") + config = ZapConfiguration( + "./tests/mocks/context-with-overlay/", "https://www.secureCodeBox.io/" + ) context = config.get_active_context_config self.assertIsNotNone(context) self.assertEqual(context["name"], "secureCodeBoxScanType-NoAuth") - + @pytest.mark.unit def test_has_spider_configurations(self): - config = ZapConfiguration("./tests/mocks/context-with-overlay/", "https://www.secureCodeBox.io/") + config = ZapConfiguration( + "./tests/mocks/context-with-overlay/", "https://www.secureCodeBox.io/" + ) self.assertIsNotNone(config.get_active_context_config) self.assertIsNone(config.get_active_spider_config) - config = ZapConfiguration("./tests/mocks/scan-full-bodgeit-docker/", "http://bodgeit:8080/bodgeit/") + config = ZapConfiguration( + "./tests/mocks/scan-full-bodgeit-docker/", "http://bodgeit:8080/bodgeit/" + ) self.assertIsNotNone(config.get_active_context_config) self.assertIsNotNone(config.get_active_spider_config) - + @pytest.mark.unit def test_has_scan_configurations(self): - config = ZapConfiguration("./tests/mocks/context-with-overlay/", "https://www.secureCodeBox.io/") + config = ZapConfiguration( + "./tests/mocks/context-with-overlay/", "https://www.secureCodeBox.io/" + ) self.assertIsNotNone(config.get_active_context_config) self.assertIsNone(config.get_active_spider_config) - - config = ZapConfiguration("./tests/mocks/scan-full-bodgeit-docker/", "http://bodgeit:8080/bodgeit/") + + config = ZapConfiguration( + "./tests/mocks/scan-full-bodgeit-docker/", "http://bodgeit:8080/bodgeit/" + ) self.assertIsNotNone(config.get_active_context_config) self.assertIsNotNone(config.get_active_spider_config) @@ -86,7 +105,8 @@ def test_has_scan_configurations(self): config = ZapConfiguration( "./tests/mocks/context-using-forced-context/", "http://test.example.com", - forced_context="scb-test-context") + forced_context="scb-test-context", + ) self.assertIsNotNone(config.get_active_context_config) self.assertEqual("scb-test-context", config.get_active_context_config["name"]) diff --git a/scanners/zap-advanced/scanner/tests/test_zap_context.py b/scanners/zap-advanced/scanner/tests/test_zap_context.py index c9fb74eb94..68733ac700 100644 --- a/scanners/zap-advanced/scanner/tests/test_zap_context.py +++ b/scanners/zap-advanced/scanner/tests/test_zap_context.py @@ -6,18 +6,16 @@ # -*- coding: utf-8 -*- -import pytest - -from unittest.mock import MagicMock, Mock, patch from unittest import TestCase +from unittest.mock import MagicMock, Mock, patch -from zapv2 import ZAPv2 - +import pytest from zapclient.configuration import ZapConfiguration from zapclient.context.zap_context import ZapConfigureContext +from zapv2 import ZAPv2 -class ZapScannerTests(TestCase): +class ZapScannerTests(TestCase): @pytest.mark.unit def test_context_empty(self): pass @@ -28,4 +26,3 @@ def test_context_empty(self): # testobject = ZapConfigureContext(mock_zap, mock_config) # testobject.configure_contexts() - diff --git a/scanners/zap-advanced/scanner/tests/test_zap_scanner_active.py b/scanners/zap-advanced/scanner/tests/test_zap_scanner_active.py index 394b86f52d..0df3b89748 100644 --- a/scanners/zap-advanced/scanner/tests/test_zap_scanner_active.py +++ b/scanners/zap-advanced/scanner/tests/test_zap_scanner_active.py @@ -6,20 +6,23 @@ # -*- coding: utf-8 -*- -import pytest - -from unittest.mock import MagicMock, Mock from unittest import TestCase +from unittest.mock import MagicMock, Mock +import pytest from zapclient.configuration import ZapConfiguration from zapclient.scanner.zap_scanner_active import ZapConfigureActiveScanner -class ZapConfigurationTests(TestCase): +class ZapConfigurationTests(TestCase): @pytest.mark.unit def test_has_scan_configurations(self): - config = ZapConfiguration("./tests/mocks/context-with-overlay/", "https://www.secureCodeBox.io/") + config = ZapConfiguration( + "./tests/mocks/context-with-overlay/", "https://www.secureCodeBox.io/" + ) self.assertIsNone(config.get_active_scanner_config) - - config = ZapConfiguration("./tests/mocks/scan-full-bodgeit-docker/", "http://bodgeit:8080/") + + config = ZapConfiguration( + "./tests/mocks/scan-full-bodgeit-docker/", "http://bodgeit:8080/" + ) self.assertIsNotNone(config.get_active_scanner_config) diff --git a/scanners/zap-advanced/scanner/tests/test_zap_spider_ajax.py b/scanners/zap-advanced/scanner/tests/test_zap_spider_ajax.py index 622635fdf2..cdbb6d572e 100644 --- a/scanners/zap-advanced/scanner/tests/test_zap_spider_ajax.py +++ b/scanners/zap-advanced/scanner/tests/test_zap_spider_ajax.py @@ -6,20 +6,23 @@ # -*- coding: utf-8 -*- -import pytest - -from unittest.mock import MagicMock, Mock from unittest import TestCase +from unittest.mock import MagicMock, Mock +import pytest from zapclient.configuration import ZapConfiguration from zapclient.spider.zap_spider_ajax import ZapConfigureSpiderAjax -class ZapSpiderAjaxTests(TestCase): +class ZapSpiderAjaxTests(TestCase): @pytest.mark.unit def test_has_spider_configurations(self): - config = ZapConfiguration("./tests/mocks/context-with-overlay/", "https://www.secureCodeBox.io/") + config = ZapConfiguration( + "./tests/mocks/context-with-overlay/", "https://www.secureCodeBox.io/" + ) self.assertIsNone(config.get_active_spider_config) - config = ZapConfiguration("./tests/mocks/scan-full-juiceshop-docker/", "http://juiceshop:3000/") + config = ZapConfiguration( + "./tests/mocks/scan-full-juiceshop-docker/", "http://juiceshop:3000/" + ) self.assertIsNotNone(config.get_active_spider_config) diff --git a/scanners/zap-advanced/scanner/tests/test_zap_spider_http.py b/scanners/zap-advanced/scanner/tests/test_zap_spider_http.py index 6e7b6db828..43ce4efa99 100644 --- a/scanners/zap-advanced/scanner/tests/test_zap_spider_http.py +++ b/scanners/zap-advanced/scanner/tests/test_zap_spider_http.py @@ -6,19 +6,22 @@ # -*- coding: utf-8 -*- -import pytest - -from unittest.mock import MagicMock, Mock from unittest import TestCase +from unittest.mock import MagicMock, Mock +import pytest from zapclient.configuration import ZapConfiguration -class ZapSpiderHttpTests(TestCase): +class ZapSpiderHttpTests(TestCase): @pytest.mark.unit def test_has_spider_configurations(self): - config = ZapConfiguration("./tests/mocks/context-with-overlay/", "https://www.secureCodeBox.io/") + config = ZapConfiguration( + "./tests/mocks/context-with-overlay/", "https://www.secureCodeBox.io/" + ) self.assertIsNone(config.get_active_spider_config) - config = ZapConfiguration("./tests/mocks/scan-full-bodgeit-docker/", "http://bodgeit:8080/") + config = ZapConfiguration( + "./tests/mocks/scan-full-bodgeit-docker/", "http://bodgeit:8080/" + ) self.assertIsNotNone(config.get_active_spider_config) diff --git a/scanners/zap-advanced/scanner/zapclient/__init__.py b/scanners/zap-advanced/scanner/zapclient/__init__.py index ffac4e0e09..2295d64dd1 100644 --- a/scanners/zap-advanced/scanner/zapclient/__init__.py +++ b/scanners/zap-advanced/scanner/zapclient/__init__.py @@ -7,6 +7,6 @@ A Python package containing secureCodeBox specific ZAPv2 Client extensions to automate ZAP. """ -__all__ = ['zap_abstract_client'] +__all__ = ["zap_abstract_client"] -from .zap_abstract_client import ZapClient \ No newline at end of file +from .zap_abstract_client import ZapClient diff --git a/scanners/zap-advanced/scanner/zapclient/__main__.py b/scanners/zap-advanced/scanner/zapclient/__main__.py index 138b0badd7..3569df17e9 100644 --- a/scanners/zap-advanced/scanner/zapclient/__main__.py +++ b/scanners/zap-advanced/scanner/zapclient/__main__.py @@ -13,23 +13,26 @@ # set up logging to file - see previous section for more details logging.basicConfig( level=logging.INFO, - format='%(asctime)s %(name)-12s %(levelname)-8s: %(message)s', - datefmt='%Y-%m-%d %H:%M') + format="%(asctime)s %(name)-12s %(levelname)-8s: %(message)s", + datefmt="%Y-%m-%d %H:%M", +) + +logging = logging.getLogger("zapclient") -logging = logging.getLogger('zapclient') def main(): args = get_parser_args() if args.target is None or len(args.target) <= 0: - logging.info('Argument error: No target specified!') + logging.info("Argument error: No target specified!") sys.exit(1) process(args) # logging.info('Write findings to file...') # write_findings_to_file(args.output_folder, findings) - logging.info('Finished :-) !') + logging.info("Finished :-) !") + def process(args): @@ -38,88 +41,108 @@ def process(args): api_key = args.api_key # MANDATORY. Define the listening address of ZAP instance - zap_proxy = { - "http": "http://127.0.0.1:8080", - "https": "http://127.0.0.1:8080" - } + zap_proxy = {"http": "http://127.0.0.1:8080", "https": "http://127.0.0.1:8080"} if args.zap_url is not None and len(args.zap_url) > 0: zap_proxy = { "http": "http://" + args.zap_url, - "https": "http://" + args.zap_url + "https": "http://" + args.zap_url, } - - logging.info(':: Configuring ZAP Instance with %s', zap_proxy) + + logging.info(":: Configuring ZAP Instance with %s", zap_proxy) # Connect ZAP API client to the listening address of ZAP instance zap = ZAPv2(proxies=zap_proxy, apikey=api_key) - logging.info(':: Starting SCB ZAP Automation Framework with config %s', args.config_folder) + logging.info( + ":: Starting SCB ZAP Automation Framework with config %s", args.config_folder + ) zap_automation = ZapAutomation( zap=zap, config_dir=args.config_folder, target=args.target, - forced_context=args.context) - + forced_context=args.context, + ) + try: - logging.info(':: Starting SCB ZAP Scan with target %s', args.target) + logging.info(":: Starting SCB ZAP Scan with target %s", args.target) zap_automation.scan_target(target=args.target) alerts = zap_automation.get_zap_scanner.get_alerts(args.target, [], []) - logging.info(':: Found ZAP Alerts: %s', str(len(alerts))) + logging.info(":: Found ZAP Alerts: %s", str(len(alerts))) summary = zap.alert.alerts_summary(baseurl=args.target) - logging.info(':: ZAP Alerts Summary: %s', str(summary)) + logging.info(":: ZAP Alerts Summary: %s", str(summary)) - zap_automation.generate_report_file(file_path=args.output_folder, report_type=args.report_type) + zap_automation.generate_report_file( + file_path=args.output_folder, report_type=args.report_type + ) zap_automation.zap_shutdown() - logging.info(':: Finished !') + logging.info(":: Finished !") except argparse.ArgumentError as e: - logging.exception(f'Argument error: {e}') + logging.exception(f"Argument error: {e}") sys.exit(1) except Exception as e: - logging.exception(f'Unexpected error: {e}') + logging.exception(f"Unexpected error: {e}") zap_automation.zap_shutdown() sys.exit(3) + def get_parser_args(args=None): - parser = argparse.ArgumentParser(prog='zap-client', - description='OWASP secureCodeBox OWASP ZAP Client (can be used to automate OWASP ZAP instances based on YAML configuration files.)') - parser.add_argument("-z", - "--zap-url", - help='The ZAP API Url used to call the ZAP API.', - default=None, - required=True), - parser.add_argument("-a", - "--api-key", - help='The ZAP API Key used to call the ZAP API.', - default=None, - required=False), - parser.add_argument("-c", - "--config-folder", - help='The path to a local folder containing the additional ZAP configuration YAMLs used to configure OWASP ZAP.', - default='/home/securecodebox/configs/', - required=False) - parser.add_argument("-t", - "--target", - help="The target to scan with OWASP ZAP.", - default=None, - required=True), - parser.add_argument("--context", - help="The name of the context to use. Has to be included in the config file(s).", - default=None), - parser.add_argument("-o", - "--output-folder", - help='The path to a local folder used to store the output files, eg. the ZAP Report or logfiles.', - default='./', - required=False) - parser.add_argument("-r", - "--report-type", - help='The OWASP ZAP Report Type.', - choices=['XML', 'JSON', 'HTML', 'MD'], - default=None, - required=False) + parser = argparse.ArgumentParser( + prog="zap-client", + description="OWASP secureCodeBox OWASP ZAP Client (can be used to automate OWASP ZAP instances based on YAML configuration files.)", + ) + parser.add_argument( + "-z", + "--zap-url", + help="The ZAP API Url used to call the ZAP API.", + default=None, + required=True, + ), + parser.add_argument( + "-a", + "--api-key", + help="The ZAP API Key used to call the ZAP API.", + default=None, + required=False, + ), + parser.add_argument( + "-c", + "--config-folder", + help="The path to a local folder containing the additional ZAP configuration YAMLs used to configure OWASP ZAP.", + default="/home/securecodebox/configs/", + required=False, + ) + parser.add_argument( + "-t", + "--target", + help="The target to scan with OWASP ZAP.", + default=None, + required=True, + ), + parser.add_argument( + "--context", + help="The name of the context to use. Has to be included in the config file(s).", + default=None, + ), + parser.add_argument( + "-o", + "--output-folder", + help="The path to a local folder used to store the output files, eg. the ZAP Report or logfiles.", + default="./", + required=False, + ) + parser.add_argument( + "-r", + "--report-type", + help="The OWASP ZAP Report Type.", + choices=["XML", "JSON", "HTML", "MD"], + default=None, + required=False, + ) return parser.parse_args(args) -if __name__ == '__main__': + +if __name__ == "__main__": main() diff --git a/scanners/zap-advanced/scanner/zapclient/api/__init__.py b/scanners/zap-advanced/scanner/zapclient/api/__init__.py index 3bba5e4a74..d67f40c134 100644 --- a/scanners/zap-advanced/scanner/zapclient/api/__init__.py +++ b/scanners/zap-advanced/scanner/zapclient/api/__init__.py @@ -7,6 +7,6 @@ A Python package containing secureCodeBox specific ZAPv2 Client extensions to automate ZAP API scans. """ -__all__ = ['zap_api'] +__all__ = ["zap_api"] -from .zap_api import ZapConfigureApi \ No newline at end of file +from .zap_api import ZapConfigureApi diff --git a/scanners/zap-advanced/scanner/zapclient/api/zap_api.py b/scanners/zap-advanced/scanner/zapclient/api/zap_api.py index 4e01e96c74..93bbd10873 100644 --- a/scanners/zap-advanced/scanner/zapclient/api/zap_api.py +++ b/scanners/zap-advanced/scanner/zapclient/api/zap_api.py @@ -6,14 +6,13 @@ # -*- coding: utf-8 -*- +import collections import json +import logging import urllib +from urllib.parse import urlparse import requests -import collections -import logging - -from urllib.parse import urlparse from zapv2 import ZAPv2 from .. import ZapClient @@ -22,22 +21,23 @@ # set up logging to file - see previous section for more details logging.basicConfig( level=logging.INFO, - format='%(asctime)s %(name)-12s %(levelname)-8s: %(message)s', - datefmt='%Y-%m-%d %H:%M') + format="%(asctime)s %(name)-12s %(levelname)-8s: %(message)s", + datefmt="%Y-%m-%d %H:%M", +) -logging = logging.getLogger('ZapConfigureApi') +logging = logging.getLogger("ZapConfigureApi") class ZapConfigureApi(ZapClient): """This class configures a Api scan in a running ZAP instance, based on a ZAP Configuration. - + Based on this opensource ZAP Python example: - https://github.com/zaproxy/zap-api-python/blob/9bab9bf1862df389a32aab15ea4a910551ba5bfc/src/examples/zap_example_api_script.py """ def __init__(self, zap: ZAPv2, config: ZapConfiguration): """Initial constructor used for this class. - + Parameters ---------- zap : ZAPv2 @@ -47,26 +47,36 @@ def __init__(self, zap: ZAPv2, config: ZapConfiguration): """ super().__init__(zap, config) - + self.__api_config = None # if at least one ZAP Context is defined start to configure the running ZAP instance (`zap`) accordingly - if self.get_config.has_configurations and self.get_config.get_active_api_config is not None: + if ( + self.get_config.has_configurations + and self.get_config.get_active_api_config is not None + ): logging.debug( - 'Configure API Import with: %s', - self.get_config.get_active_api_config + "Configure API Import with: %s", self.get_config.get_active_api_config ) else: - logging.warning("No valid ZAP configuration object found: %s! It seems there is something important missing.", config) + logging.warning( + "No valid ZAP configuration object found: %s! It seems there is something important missing.", + config, + ) @property def get_api_config(self) -> collections.OrderedDict: - """ Returns the spider config of the currently running ZAP instance. """ + """Returns the spider config of the currently running ZAP instance.""" return self.__api_config - - def start_api_import(self, url: str, context: collections.OrderedDict, api_config: collections.OrderedDict): - """ Starts a ZAP Api scan for the given target, based on the given configuration and ZAP instance. - + + def start_api_import( + self, + url: str, + context: collections.OrderedDict, + api_config: collections.OrderedDict, + ): + """Starts a ZAP Api scan for the given target, based on the given configuration and ZAP instance. + Parameters ---------- url: str @@ -77,19 +87,26 @@ def start_api_import(self, url: str, context: collections.OrderedDict, api_confi Active api_config that should be used for the api import """ - logging.debug('Trying to configure the API Scan') + logging.debug("Trying to configure the API Scan") self.configure_scripts(config=api_config) logging.info("Trying to start API Import with target url: '%s'", url) - if (api_config is None) or "format" not in api_config or api_config["format"] != 'openapi': - logging.info("No complete API definition configured (format: openapi): %s!", api_config) + if ( + (api_config is None) + or "format" not in api_config + or api_config["format"] != "openapi" + ): + logging.info( + "No complete API definition configured (format: openapi): %s!", + api_config, + ) return if "url" not in api_config and "path" not in api_config: logging.warning( "API Config section '%s' has neither a 'url' or a 'path' configured. It will be skipped", - api_config["name"] + api_config["name"], ) return @@ -98,16 +115,27 @@ def start_api_import(self, url: str, context: collections.OrderedDict, api_confi if "url" in api_config: api_spec_url = api_config["url"] elif "path" in api_config: - logging.info('Building OpenAPI Spec from path (%s) and the target url (%s)', api_config["path"], url) - api_spec_url = urllib.parse.urlparse(url)._replace(path=api_config["path"]).geturl() + logging.info( + "Building OpenAPI Spec from path (%s) and the target url (%s)", + api_config["path"], + url, + ) + api_spec_url = ( + urllib.parse.urlparse(url)._replace(path=api_config["path"]).geturl() + ) - logging.info('Import OpenAPI Spec from (%s)', api_spec_url) + logging.info("Import OpenAPI Spec from (%s)", api_spec_url) if "hostOverride" in api_config: - result = self.get_zap.openapi.import_url(api_spec_url, api_config["hostOverride"]) + result = self.get_zap.openapi.import_url( + api_spec_url, api_config["hostOverride"] + ) else: - logging.warning("No 'hostOverride' configured for target %s. Defaulting for target as override.", url) + logging.warning( + "No 'hostOverride' configured for target %s. Defaulting for target as override.", + url, + ) result = self.get_zap.openapi.import_url(api_spec_url, url) urls = self.get_zap.core.urls() - logging.info('Number of Imported URLs: %d', len(urls)) - logging.debug('Import warnings: %s', str(result)) + logging.info("Number of Imported URLs: %d", len(urls)) + logging.debug("Import warnings: %s", str(result)) diff --git a/scanners/zap-advanced/scanner/zapclient/configuration/__init__.py b/scanners/zap-advanced/scanner/zapclient/configuration/__init__.py index 125e6202b4..e30976aa1c 100644 --- a/scanners/zap-advanced/scanner/zapclient/configuration/__init__.py +++ b/scanners/zap-advanced/scanner/zapclient/configuration/__init__.py @@ -7,6 +7,6 @@ A Python package containing secureCodeBox specific ZAPv2 Client configuration parsing based on a YAML format. """ -__all__ = ['zap_configuration'] +__all__ = ["zap_configuration"] from .zap_configuration import ZapConfiguration diff --git a/scanners/zap-advanced/scanner/zapclient/configuration/helpers/__init__.py b/scanners/zap-advanced/scanner/zapclient/configuration/helpers/__init__.py index 9f130a741e..deb792a856 100644 --- a/scanners/zap-advanced/scanner/zapclient/configuration/helpers/__init__.py +++ b/scanners/zap-advanced/scanner/zapclient/configuration/helpers/__init__.py @@ -2,6 +2,6 @@ # # SPDX-License-Identifier: Apache-2.0 -__all__ = ['zap_configuration_context_users'] +__all__ = ["zap_configuration_context_users"] from .zap_configuration_context_users import ZapConfigurationContextUsers diff --git a/scanners/zap-advanced/scanner/zapclient/configuration/helpers/zap_configuration_context_users.py b/scanners/zap-advanced/scanner/zapclient/configuration/helpers/zap_configuration_context_users.py index 61906710ad..4bf42a0b8e 100644 --- a/scanners/zap-advanced/scanner/zapclient/configuration/helpers/zap_configuration_context_users.py +++ b/scanners/zap-advanced/scanner/zapclient/configuration/helpers/zap_configuration_context_users.py @@ -13,7 +13,9 @@ class ZapConfigurationContextUsers: """Helper class to grab user related configs from a context""" @staticmethod - def get_context_user_by_name(context: collections.OrderedDict, name: str) -> collections.OrderedDict: + def get_context_user_by_name( + context: collections.OrderedDict, name: str + ) -> collections.OrderedDict: """Returns the ZAP Context Users configuration object with the given name. Parameters @@ -24,4 +26,4 @@ def get_context_user_by_name(context: collections.OrderedDict, name: str) -> col The name of the context to return from the list of contexts. """ users = context["users"] if "users" in context else [] - return next((user for user in users if user['name'] == name), None) + return next((user for user in users if user["name"] == name), None) diff --git a/scanners/zap-advanced/scanner/zapclient/configuration/zap_configuration.py b/scanners/zap-advanced/scanner/zapclient/configuration/zap_configuration.py index 07367fe4f8..e6cf5a4e3c 100644 --- a/scanners/zap-advanced/scanner/zapclient/configuration/zap_configuration.py +++ b/scanners/zap-advanced/scanner/zapclient/configuration/zap_configuration.py @@ -7,19 +7,20 @@ # -*- coding: utf-8 -*- import collections -import logging import glob -import hiyapyco - +import logging from typing import List +import hiyapyco + # set up logging to file - see previous section for more details logging.basicConfig( level=logging.INFO, - format='%(asctime)s %(name)-12s %(levelname)-8s: %(message)s', - datefmt='%Y-%m-%d %H:%M') + format="%(asctime)s %(name)-12s %(levelname)-8s: %(message)s", + datefmt="%Y-%m-%d %H:%M", +) -logging = logging.getLogger('ZapClient') +logging = logging.getLogger("ZapClient") class ZapConfiguration: @@ -27,7 +28,7 @@ class ZapConfiguration: def __init__(self, config_dir: str, target: str, forced_context: str = None): """Initial constructor used for this class - + Parameters ---------- config_dir : str @@ -39,7 +40,6 @@ def __init__(self, config_dir: str, target: str, forced_context: str = None): self.target = target self.forced_context = forced_context - self.__config = collections.OrderedDict() self.__read_config_files() @@ -50,16 +50,28 @@ def __read_config_files(self): logging.debug("ZAP YAML config dir: '%s'", self.config_dir) config_files = glob.glob(self.config_dir_glob) else: - logging.warning("YAML config dir not found! This is no problem but possibly not intendend here.") + logging.warning( + "YAML config dir not found! This is no problem but possibly not intendend here." + ) config_files = [] - logging.info("Importing YAML files for ZAP configuration at dir: '%s'", config_files) - if (len(config_files) > 0): + logging.info( + "Importing YAML files for ZAP configuration at dir: '%s'", config_files + ) + if len(config_files) > 0: config_files.sort() - self.__config = hiyapyco.load(*config_files, method=hiyapyco.METHOD_MERGE, interpolate=True, mergelists=True, failonmissingfiles=False) + self.__config = hiyapyco.load( + *config_files, + method=hiyapyco.METHOD_MERGE, + interpolate=True, + mergelists=True, + failonmissingfiles=False + ) logging.debug("Finished importing YAML: %s", self.__config) else: - logging.warning("No ZAP YAML Configuration files found :-/ This is no problem but possibly not intendend here.") + logging.warning( + "No ZAP YAML Configuration files found :-/ This is no problem but possibly not intendend here." + ) self.__config = collections.OrderedDict() @property @@ -114,10 +126,7 @@ def _get_active_config_from(self, configs: collections.OrderedDict, key: str): ) return None if key not in configs: - logging.warning( - "No %s config found in the config.!", - key - ) + logging.warning("No %s config found in the config.!", key) return None if self.forced_context is not None: @@ -125,23 +134,28 @@ def _get_active_config_from(self, configs: collections.OrderedDict, key: str): # search for the "name" key to match. Otherwise search for for the "context" attribute look_for = "name" if key == "contexts" else "context" for configuration in configs[key]: - if look_for in configuration and configuration[look_for] == self.forced_context: + if ( + look_for in configuration + and configuration[look_for] == self.forced_context + ): return configuration logging.warning( "No %s specific configuration found using for the configured context (%s)!", key, - self.forced_context + self.forced_context, ) else: for configuration in configs[key]: - if "url" in configuration and configuration["url"].startswith(self.target): + if "url" in configuration and configuration["url"].startswith( + self.target + ): return configuration logging.warning( "No %s specific configuration found using the given target url (%s)!", key, - self.target + self.target, ) return None diff --git a/scanners/zap-advanced/scanner/zapclient/context/__init__.py b/scanners/zap-advanced/scanner/zapclient/context/__init__.py index a88d78bd1e..2bbfc63813 100644 --- a/scanners/zap-advanced/scanner/zapclient/context/__init__.py +++ b/scanners/zap-advanced/scanner/zapclient/context/__init__.py @@ -7,7 +7,7 @@ A Python package containing secureCodeBox specific ZAPv2 Client extensions to configure ZAP API contexts. """ -__all__ = ['zap_context', 'zap_context_authentication'] +__all__ = ["zap_context", "zap_context_authentication"] from .zap_context import ZapConfigureContext -from .zap_context_authentication import ZapConfigureContextAuthentication \ No newline at end of file +from .zap_context_authentication import ZapConfigureContextAuthentication diff --git a/scanners/zap-advanced/scanner/zapclient/context/zap_context.py b/scanners/zap-advanced/scanner/zapclient/context/zap_context.py index 91eb8d8a20..6c12aa9f28 100644 --- a/scanners/zap-advanced/scanner/zapclient/context/zap_context.py +++ b/scanners/zap-advanced/scanner/zapclient/context/zap_context.py @@ -8,9 +8,9 @@ import collections import logging +from typing import List from zapv2 import ZAPv2 -from typing import List from .. import ZapClient from ..configuration import ZapConfiguration @@ -19,23 +19,24 @@ # set up logging to file - see previous section for more details logging.basicConfig( level=logging.INFO, - format='%(asctime)s %(name)-12s %(levelname)-8s: %(message)s', - datefmt='%Y-%m-%d %H:%M') + format="%(asctime)s %(name)-12s %(levelname)-8s: %(message)s", + datefmt="%Y-%m-%d %H:%M", +) -logging = logging.getLogger('ZapConfigureContext') +logging = logging.getLogger("ZapConfigureContext") class ZapConfigureContext(ZapClient): """This class configures the context in running ZAP instance, based on a given ZAP Configuration. - + Based on this opensource ZAP Python example: - https://github.com/zaproxy/zap-api-python/blob/9bab9bf1862df389a32aab15ea4a910551ba5bfc/src/examples/zap_example_api_script.py - + """ def __init__(self, zap: ZAPv2, config: ZapConfiguration): """Initial constructor used for this class - + Parameters ---------- zap : ZAPv2 @@ -43,60 +44,86 @@ def __init__(self, zap: ZAPv2, config: ZapConfiguration): config : ZapConfiguration The configuration object containing all ZAP configs (based on the class ZapConfiguration). """ - - super().__init__(zap, config) - + + super().__init__(zap, config) + def configure_contexts(self): - """ Configures the ZAP instance with the given list of contexts.""" + """Configures the ZAP instance with the given list of contexts.""" if self.get_config.has_configurations: contexts = self.get_config.get_all_contexts - logging.debug('Configuring the List of #%s context(s) with: %s', len(contexts), contexts) - - # Remove all existing ZAP contexts - logging.info("Existing Contexts will be removed: %s", self.get_zap.context.context_list) + logging.debug( + "Configuring the List of #%s context(s) with: %s", + len(contexts), + contexts, + ) + + # Remove all existing ZAP contexts + logging.info( + "Existing Contexts will be removed: %s", + self.get_zap.context.context_list, + ) for remove_context in self.get_zap.context.context_list: self.get_zap.context.remove_context(contextname=remove_context) # Add all new ZAP contexts for context in contexts: self._configure_context(context) - + else: - logging.warning("No valid ZAP configuration object found: %s! It seems there is something important missing.", self.get_config) - + logging.warning( + "No valid ZAP configuration object found: %s! It seems there is something important missing.", + self.get_config, + ) + def _configure_context(self, context: collections.OrderedDict): - """ Configures the ZAP instance with the context. - + """Configures the ZAP instance with the context. + Parameters ---------- context : collections.OrderedDict The zap configuration object containing a single context configuration (based on the class ZapConfiguration). """ - + context_name = context["name"] - logging.info('Configuring a new ZAP Context with name: ' + context_name) + logging.info("Configuring a new ZAP Context with name: " + context_name) context_id = self.get_zap.context.new_context(context_name) context["id"] = context_id if self._is_not_empty("includePaths", context): self._configure_context_include(context) - + if self._is_not_empty("excludePaths", context): self._configure_context_exclude(context) - - if self._is_not_empty("authentication", context) and self._is_not_empty_string("type", context["authentication"]): - configure_authenication = ZapConfigureContextAuthentication(zap=self.get_zap, config=self.get_config) - configure_authenication.configure_context_authentication(context, context_id) - - if self._is_not_empty("users", context) and self._is_not_empty_string("type", context["authentication"]): - self._configure_context_create_users(users=context["users"], auth_type=context["authentication"]["type"], context_id=context_id) - - if self._is_not_empty("session", context) and self._is_not_empty_string("type", context["session"]): - self._configure_context_session_management(sessions_config=context["session"], context_id=context_id) - + + if self._is_not_empty("authentication", context) and self._is_not_empty_string( + "type", context["authentication"] + ): + configure_authenication = ZapConfigureContextAuthentication( + zap=self.get_zap, config=self.get_config + ) + configure_authenication.configure_context_authentication( + context, context_id + ) + + if self._is_not_empty("users", context) and self._is_not_empty_string( + "type", context["authentication"] + ): + self._configure_context_create_users( + users=context["users"], + auth_type=context["authentication"]["type"], + context_id=context_id, + ) + + if self._is_not_empty("session", context) and self._is_not_empty_string( + "type", context["session"] + ): + self._configure_context_session_management( + sessions_config=context["session"], context_id=context_id + ) + if self._is_not_empty("technologies", context): # TODO: Open a new ZAP GH Issue: Why (or) is this difference (context_id vs. context_name) here really necessary? self._configure_context_technologies(context["technologies"], context_name) @@ -106,7 +133,7 @@ def _configure_context(self, context: collections.OrderedDict): def _configure_context_include(self, context: collections.OrderedDict): """Protected method to configure the ZAP 'Context / Include Settings' based on a given ZAP config. - + Parameters ---------- contexts : collections.OrderedDict @@ -116,11 +143,13 @@ def _configure_context_include(self, context: collections.OrderedDict): if "includePaths" in context: for regex in context["includePaths"]: logging.debug("Including regex '%s' from context", regex) - self.get_zap.context.include_in_context(contextname=context["name"], regex=regex) + self.get_zap.context.include_in_context( + contextname=context["name"], regex=regex + ) def _configure_context_exclude(self, context: collections.OrderedDict): """Protected method to configure the ZAP 'Context / Exclude Settings' based on a given ZAP config. - + Parameters ---------- contexts : collections.OrderedDict @@ -130,11 +159,15 @@ def _configure_context_exclude(self, context: collections.OrderedDict): if "excludePaths" in context: for regex in context["excludePaths"]: logging.debug("Excluding regex '%s' from context", regex) - self.get_zap.context.exclude_from_context(contextname=context["name"], regex=regex) + self.get_zap.context.exclude_from_context( + contextname=context["name"], regex=regex + ) - def _configure_context_create_users(self, users: collections.OrderedDict, auth_type: str, context_id: int): + def _configure_context_create_users( + self, users: collections.OrderedDict, auth_type: str, context_id: int + ): """Protected method to configure the ZAP 'Context / Users Settings' based on a given ZAP config. - + Parameters ---------- users : collections.OrderedDict @@ -153,10 +186,12 @@ def _configure_context_create_users(self, users: collections.OrderedDict, auth_t # Add all new ZAP Users to given context for user in users: self._configure_context_create_user(user, auth_type, context_id) - - def _configure_context_create_user(self, user: collections.OrderedDict, auth_type: str, context_id: int): + + def _configure_context_create_user( + self, user: collections.OrderedDict, auth_type: str, context_id: int + ): """Protected method to adds anew User to the ZAP Context. - + Parameters ---------- user : collections.OrderedDict @@ -168,32 +203,45 @@ def _configure_context_create_user(self, user: collections.OrderedDict, auth_typ """ logging.debug("Adding ZAP User '%s', to context(%s)", user, context_id) - user_name = user['username'] - user_password = user['password'] - + user_name = user["username"] + user_password = user["password"] + user_id = self.get_zap.users.new_user(contextid=context_id, name=user_name) logging.debug("Created ZAP User(%s), for context(%s)", user_id, context_id) user["id"] = user_id - + self.get_zap.users.set_user_name( - contextid=context_id, - userid=user_id, - name=user_name) + contextid=context_id, userid=user_id, name=user_name + ) self.get_zap.users.set_authentication_credentials( contextid=context_id, userid=user_id, - authcredentialsconfigparams='username=' + user_name + '&password=' + user_password) - self.get_zap.users.set_user_enabled(contextid=context_id, userid=user_id, enabled=True) - - if ("forced" in user and user["forced"]): - logging.debug("Configuring a forced user '%s' with id, for context(%s)'", user_id, context_id) - self.get_zap.forcedUser.set_forced_user(contextid=context_id, userid=user_id) + authcredentialsconfigparams="username=" + + user_name + + "&password=" + + user_password, + ) + self.get_zap.users.set_user_enabled( + contextid=context_id, userid=user_id, enabled=True + ) + + if "forced" in user and user["forced"]: + logging.debug( + "Configuring a forced user '%s' with id, for context(%s)'", + user_id, + context_id, + ) + self.get_zap.forcedUser.set_forced_user( + contextid=context_id, userid=user_id + ) self.get_zap.forcedUser.set_forced_user_mode_enabled(True) - def _configure_context_session_management(self, sessions_config: collections.OrderedDict, context_id: int): + def _configure_context_session_management( + self, sessions_config: collections.OrderedDict, context_id: int + ): """Protected method to configure the ZAP 'Context / Session Mannagement' Settings based on a given ZAP config. - + Parameters ---------- sessions : collections.OrderedDict @@ -203,29 +251,35 @@ def _configure_context_session_management(self, sessions_config: collections.Ord """ sessions_type = sessions_config["type"] - + logging.info("Configuring the ZAP session management (type=%s)", sessions_type) if sessions_type == "cookieBasedSessionManagement": logging.debug("Configuring cookieBasedSessionManagement") self.get_zap.sessionManagement.set_session_management_method( - contextid=context_id, - methodname='cookieBasedSessionManagement') + contextid=context_id, methodname="cookieBasedSessionManagement" + ) elif sessions_type == "httpAuthSessionManagement": logging.debug("Configuring httpAuthSessionManagement") self.get_zap.sessionManagement.set_session_management_method( - contextid=context_id, - methodname='httpAuthSessionManagement') + contextid=context_id, methodname="httpAuthSessionManagement" + ) elif sessions_type == "scriptBasedSessionManagement": logging.debug("Configuring scriptBasedSessionManagement()") - if("scriptBasedSessionManagement" in sessions_config): + if "scriptBasedSessionManagement" in sessions_config: script_config = sessions_config["scriptBasedSessionManagement"] - self._configure_context_session_management_scriptbased(script_config=script_config, context_id=context_id) + self._configure_context_session_management_scriptbased( + script_config=script_config, context_id=context_id + ) else: - logging.warning("The 'scriptBasedSessionManagement' configuration section is missing but you have activated it (type: scriptBasedSessionManagement)! Ignoring the script configuration for session management. Please check your YAML configuration.") + logging.warning( + "The 'scriptBasedSessionManagement' configuration section is missing but you have activated it (type: scriptBasedSessionManagement)! Ignoring the script configuration for session management. Please check your YAML configuration." + ) - def _configure_context_session_management_scriptbased(self, script_config: collections.OrderedDict, context_id: int): + def _configure_context_session_management_scriptbased( + self, script_config: collections.OrderedDict, context_id: int + ): """Protected method to configure the ZAP 'Context / Session Mannagement' Settings based on script. - + Parameters ---------- script_config : collections.OrderedDict @@ -241,17 +295,22 @@ def _configure_context_session_management_scriptbased(self, script_config: colle # Here they say that only "cookieBasedSessionManagement"; "httpAuthSessionManagement" # is possible, but maybe this is outdated and it works anyway, hopefully: # https://github.com/zaproxy/zap-api-python/blob/9bab9bf1862df389a32aab15ea4a910551ba5bfc/src/examples/zap_example_api_script.py#L97 - session_params = ('scriptName=' + script_config["name"]) + session_params = "scriptName=" + script_config["name"] self.get_zap.sessionManagement.set_session_management_method( contextid=context_id, - methodname='scriptBasedSessionManagement', - methodconfigparams=session_params) + methodname="scriptBasedSessionManagement", + methodconfigparams=session_params, + ) else: - logging.warning("Important script authentication configs (script name) are missing! Ignoring the authenication script configuration. Please check your YAML configuration.") - - def _configure_context_technologies(self, technology: collections.OrderedDict, context_name: str): + logging.warning( + "Important script authentication configs (script name) are missing! Ignoring the authenication script configuration. Please check your YAML configuration." + ) + + def _configure_context_technologies( + self, technology: collections.OrderedDict, context_name: str + ): """Protected method to configure the ZAP 'Context / Technology' Settings based on a given ZAP config. - + Parameters ---------- technology : collections.OrderedDict @@ -260,20 +319,32 @@ def _configure_context_technologies(self, technology: collections.OrderedDict, c The zap context id tot configure the ZAP authentication for (based on the class ZapConfiguration). """ - if(technology): + if technology: # Remove all existing ZAP Users for given context - #logging.warning("Existing technologies ' %s' will be removed for context: %s", zap.context.technology_list, context_name) - #zap.context.exclude_all_context_technologies(contextname=context_name) - + # logging.warning("Existing technologies ' %s' will be removed for context: %s", zap.context.technology_list, context_name) + # zap.context.exclude_all_context_technologies(contextname=context_name) + if "included" in technology: technologies = ", ".join(technology["included"]) - logging.debug("Include technologies '%s' in context with name %s", technologies, context_name) - self.get_zap.context.include_context_technologies(contextname=context_name, technologynames=technologies) - + logging.debug( + "Include technologies '%s' in context with name %s", + technologies, + context_name, + ) + self.get_zap.context.include_context_technologies( + contextname=context_name, technologynames=technologies + ) + if "excluded" in technology: technologies = ", ".join(technology["included"]) - logging.debug("Exclude technologies '%s' in context with name %s", technologies, context_name) - self.get_zap.context.exclude_context_technologies(contextname=context_name, technologynames=technologies) + logging.debug( + "Exclude technologies '%s' in context with name %s", + technologies, + context_name, + ) + self.get_zap.context.exclude_context_technologies( + contextname=context_name, technologynames=technologies + ) def _get_or_none(self, dict: collections.OrderedDict, key: str): if dict == None or not isinstance(dict, collections.OrderedDict): @@ -283,7 +354,7 @@ def _get_or_none(self, dict: collections.OrderedDict, key: str): return dict[key] else: return None - + def _get_or_none_stringified(self, dict: collections.OrderedDict, key: str): value = self._get_or_none(dict, key) @@ -306,12 +377,17 @@ def _get_level(self, level: str): elif level == "high": return 3 - logging.warn("AlertFilter configured with unknown level: '%s'. This rule will be ignored!", level) + logging.warn( + "AlertFilter configured with unknown level: '%s'. This rule will be ignored!", + level, + ) return None - def _configure_alert_filters(self, alert_filters: List[collections.OrderedDict], context_id: int): + def _configure_alert_filters( + self, alert_filters: List[collections.OrderedDict], context_id: int + ): """Protected method to configure the ZAP 'Context / Alert Filters' Settings based on a given ZAP config. - + Parameters ---------- alert_filters : collections.OrderedDict @@ -320,22 +396,36 @@ def _configure_alert_filters(self, alert_filters: List[collections.OrderedDict], The zap context id to configure the ZAP alert filters for (based on the class ZapConfiguration). """ - if(alert_filters): + if alert_filters: for alert_filter in alert_filters: - logging.debug("Adding AlertFilter for rule '%d' in context with id %s", alert_filter["ruleId"], context_id) - - matches = alert_filter["matches"] if "matches" in alert_filter else collections.OrderedDict() + logging.debug( + "Adding AlertFilter for rule '%d' in context with id %s", + alert_filter["ruleId"], + context_id, + ) + + matches = ( + alert_filter["matches"] + if "matches" in alert_filter + else collections.OrderedDict() + ) self.get_zap.alertFilter.add_alert_filter( - contextid = context_id, - ruleid = str(alert_filter["ruleId"]), - newlevel = str(self._get_level(alert_filter["newLevel"])), + contextid=context_id, + ruleid=str(alert_filter["ruleId"]), + newlevel=str(self._get_level(alert_filter["newLevel"])), # optional matchers - url = self._get_or_none(matches, "url"), - urlisregex = self._get_or_none_stringified(matches, "urlIsRegex"), - parameter = self._get_or_none(matches, "parameter"), - parameterisregex = self._get_or_none_stringified(matches, "parameterIsRegex"), - attack = self._get_or_none(matches, "attack"), - attackisregex = self._get_or_none_stringified(matches, "attackIsRegex"), - evidence = self._get_or_none(matches, "evidence"), - evidenceisregex = self._get_or_none_stringified(matches, "evidenceIsRegex"), - ) \ No newline at end of file + url=self._get_or_none(matches, "url"), + urlisregex=self._get_or_none_stringified(matches, "urlIsRegex"), + parameter=self._get_or_none(matches, "parameter"), + parameterisregex=self._get_or_none_stringified( + matches, "parameterIsRegex" + ), + attack=self._get_or_none(matches, "attack"), + attackisregex=self._get_or_none_stringified( + matches, "attackIsRegex" + ), + evidence=self._get_or_none(matches, "evidence"), + evidenceisregex=self._get_or_none_stringified( + matches, "evidenceIsRegex" + ), + ) diff --git a/scanners/zap-advanced/scanner/zapclient/context/zap_context_authentication.py b/scanners/zap-advanced/scanner/zapclient/context/zap_context_authentication.py index 7f84894b13..d314101e10 100644 --- a/scanners/zap-advanced/scanner/zapclient/context/zap_context_authentication.py +++ b/scanners/zap-advanced/scanner/zapclient/context/zap_context_authentication.py @@ -17,10 +17,11 @@ # set up logging to file - see previous section for more details logging.basicConfig( level=logging.INFO, - format='%(asctime)s %(name)-12s %(levelname)-8s: %(message)s', - datefmt='%Y-%m-%d %H:%M') + format="%(asctime)s %(name)-12s %(levelname)-8s: %(message)s", + datefmt="%Y-%m-%d %H:%M", +) -logging = logging.getLogger('ZapConfigureContextAuthentication') +logging = logging.getLogger("ZapConfigureContextAuthentication") class ZapConfigureContextAuthentication(ZapClient): @@ -28,7 +29,7 @@ class ZapConfigureContextAuthentication(ZapClient): def __init__(self, zap: ZAPv2, config: ZapConfiguration): """Initial constructor used for this class - + Parameters ---------- zap : ZAPv2 @@ -36,12 +37,14 @@ def __init__(self, zap: ZAPv2, config: ZapConfiguration): config : ZapConfiguration The configuration object containing all ZAP configs (based on the class ZapConfiguration). """ - - super().__init__(zap, config) - - def configure_context_authentication(self, context: collections.OrderedDict, context_id: int): + + super().__init__(zap, config) + + def configure_context_authentication( + self, context: collections.OrderedDict, context_id: int + ): """Protected method to configure the ZAP 'Context / Authentication Settings' based on a given ZAP config. - + Parameters ---------- context: collections.OrderedDict @@ -49,25 +52,35 @@ def configure_context_authentication(self, context: collections.OrderedDict, con context_id : int The zap context id tot configure the ZAP authentication for (based on the class ZapConfiguration). """ - + authentication = context["authentication"] auth_type = authentication["type"] if auth_type == "script-based" and "script-based" in authentication: - self._configure_context_authentication_script(authentication["script-based"], context_id) + self._configure_context_authentication_script( + authentication["script-based"], context_id + ) elif auth_type == "basic-auth" and "basic-auth" in authentication: - self._configure_context_authentication_basic_auth(authentication["basic-auth"], context_id) + self._configure_context_authentication_basic_auth( + authentication["basic-auth"], context_id + ) elif auth_type == "form-based" and "form-based" in authentication: - self._configure_context_authentication_form_auth(authentication["form-based"], context_id) + self._configure_context_authentication_form_auth( + authentication["form-based"], context_id + ) elif auth_type == "json-based" and "json-based" in authentication: - self._configure_context_authentication_json_auth(authentication["json-based"], context_id) + self._configure_context_authentication_json_auth( + authentication["json-based"], context_id + ) if self._is_not_empty("verification", authentication): self._configure_auth_validation(authentication["verification"], context_id) - - def _configure_context_authentication_script(self, script_config: collections.OrderedDict, context_id: int): + + def _configure_context_authentication_script( + self, script_config: collections.OrderedDict, context_id: int + ): """Protected method to configure the ZAP 'Context / Authentication Settings with Script based Authentication' based on a given ZAP config. - + Parameters ---------- script_config : collections.OrderedDict @@ -75,28 +88,40 @@ def _configure_context_authentication_script(self, script_config: collections.Or context_id : int The zap context id tot configure the ZAP authentication for (based on the class ZapConfiguration). """ - - if(not script_config == None and "name" in script_config and "filePath" in script_config and "engine" in script_config): - self._configure_load_script(script_config=script_config, script_type='authentication') + + if ( + not script_config == None + and "name" in script_config + and "filePath" in script_config + and "engine" in script_config + ): + self._configure_load_script( + script_config=script_config, script_type="authentication" + ) auth_params = self.__get_script_auth_params(script_config) # Add additional script parameters - logging.debug('Loading Authentication Script Parameters: %s', auth_params) + logging.debug("Loading Authentication Script Parameters: %s", auth_params) self.check_zap_result( result=self.get_zap.authentication.set_authentication_method( contextid=context_id, - authmethodname='scriptBasedAuthentication', - authmethodconfigparams=auth_params), + authmethodname="scriptBasedAuthentication", + authmethodconfigparams=auth_params, + ), method_name="set_authentication_method", - exception_message="Missing ZAP Authentication Script Parameters! Please check your secureCodeBox YAML configuration!" + exception_message="Missing ZAP Authentication Script Parameters! Please check your secureCodeBox YAML configuration!", ) else: - logging.warning("Important script authentication configs (name, filePath, engine) are missing! Ignoring the authentication script configuration. Please check your YAML configuration.") + logging.warning( + "Important script authentication configs (name, filePath, engine) are missing! Ignoring the authentication script configuration. Please check your YAML configuration." + ) - def _configure_context_authentication_basic_auth(self, basic_auth: collections.OrderedDict, context_id: int): + def _configure_context_authentication_basic_auth( + self, basic_auth: collections.OrderedDict, context_id: int + ): """Protected method to configure the ZAP 'Context / Authentication Settings with Basic Authentication' based on a given ZAP config. - + Parameters ---------- basic_auth : collections.OrderedDict @@ -104,11 +129,11 @@ def _configure_context_authentication_basic_auth(self, basic_auth: collections.O context_id : int The zap context id tot configure the ZAP authentication for (based on the class ZapConfiguration). """ - + logging.debug("Enabling ZAP HTTP Basic Auth") if "hostname" in basic_auth: - auth_method_config_params = "hostname=" + basic_auth["hostname"] + auth_method_config_params = "hostname=" + basic_auth["hostname"] if "realm" in basic_auth: auth_method_config_params += "&realm=" + basic_auth["realm"] if "port" in basic_auth: @@ -118,12 +143,15 @@ def _configure_context_authentication_basic_auth(self, basic_auth: collections.O self.get_zap.authentication.set_authentication_method( contextid=context_id, - authmethodname='httpAuthentication', - authmethodconfigparams=auth_method_config_params) - - def _configure_context_authentication_form_auth(self, form_auth: collections.OrderedDict, context_id: int): + authmethodname="httpAuthentication", + authmethodconfigparams=auth_method_config_params, + ) + + def _configure_context_authentication_form_auth( + self, form_auth: collections.OrderedDict, context_id: int + ): """Protected method to configure the ZAP 'Context / Authentication Settings with Form Authentication' based on a given ZAP config. - + Parameters ---------- form_auth : collections.OrderedDict @@ -131,24 +159,29 @@ def _configure_context_authentication_form_auth(self, form_auth: collections.Ord context_id : int The zap context id tot configure the ZAP authentication for (based on the class ZapConfiguration). """ - + logging.debug("Enabling ZAP HTTP Form based Authentication") if "loginUrl" in form_auth: - auth_method_config_params = "loginUrl=" + form_auth["loginUrl"] + auth_method_config_params = "loginUrl=" + form_auth["loginUrl"] if "loginRequestData" in form_auth: - auth_method_config_params += "&loginRequestData=" + form_auth["loginRequestData"] + auth_method_config_params += ( + "&loginRequestData=" + form_auth["loginRequestData"] + ) logging.debug("HTTP ZAP HTTP Form Params: '%s'", auth_method_config_params) self.get_zap.authentication.set_authentication_method( contextid=context_id, - authmethodname='formBasedAuthentication', - authmethodconfigparams=auth_method_config_params) + authmethodname="formBasedAuthentication", + authmethodconfigparams=auth_method_config_params, + ) - def _configure_context_authentication_json_auth(self, json_auth: collections.OrderedDict, context_id: int): + def _configure_context_authentication_json_auth( + self, json_auth: collections.OrderedDict, context_id: int + ): """Protected method to configure the ZAP 'Context / Authentication Settings with JSON Authentication' based on a given ZAP config. - + Parameters ---------- json_auth : collections.OrderedDict @@ -156,24 +189,29 @@ def _configure_context_authentication_json_auth(self, json_auth: collections.Ord context_id : int The zap context id tot configure the ZAP authentication for (based on the class ZapConfiguration). """ - + logging.debug("Enabling ZAP HTTP Form based Authentication") if "loginUrl" in json_auth: - auth_method_config_params = "loginUrl=" + json_auth["loginUrl"] + auth_method_config_params = "loginUrl=" + json_auth["loginUrl"] if "loginRequestData" in json_auth: - auth_method_config_params += "&loginRequestData=" + json_auth["loginRequestData"] + auth_method_config_params += ( + "&loginRequestData=" + json_auth["loginRequestData"] + ) logging.info("HTTP ZAP HTTP JSON Params: '%s'", auth_method_config_params) self.get_zap.authentication.set_authentication_method( contextid=context_id, - authmethodname='jsonBasedAuthentication', - authmethodconfigparams=auth_method_config_params) + authmethodname="jsonBasedAuthentication", + authmethodconfigparams=auth_method_config_params, + ) - def _configure_auth_validation(self, validation: collections.OrderedDict, context_id: int): + def _configure_auth_validation( + self, validation: collections.OrderedDict, context_id: int + ): """Protected method to configure the ZAP 'Context / Authentication Settings with Script based Authentication' based on a given ZAP config. - + Parameters ---------- validation : collections.OrderedDict @@ -182,20 +220,22 @@ def _configure_auth_validation(self, validation: collections.OrderedDict, contex The zap context id tot configure the ZAP authentication for (based on the class ZapConfiguration). """ - logging.debug('Configure Authentication Validation: %s', validation) - + logging.debug("Configure Authentication Validation: %s", validation) + if "isLoggedInIndicator" in validation: self.get_zap.authentication.set_logged_in_indicator( contextid=context_id, - loggedinindicatorregex=validation["isLoggedInIndicator"]) + loggedinindicatorregex=validation["isLoggedInIndicator"], + ) if "isLoggedOutIndicator" in validation: self.get_zap.authentication.set_logged_out_indicator( contextid=context_id, - loggedoutindicatorregex=validation["isLoggedOutIndicator"]) + loggedoutindicatorregex=validation["isLoggedOutIndicator"], + ) def __get_script_auth_params(self, script_config: collections.OrderedDict) -> list: """Protected method to configure the ZAP 'Context / Authentication Settings with JSON Authentication' based on a given ZAP config. - + Parameters ---------- json_auth : collections.OrderedDict @@ -205,11 +245,13 @@ def __get_script_auth_params(self, script_config: collections.OrderedDict) -> li """ # Create ZAP Script parameters based on given configuration object - auth_params = ['scriptName=' + script_config["name"],] + auth_params = [ + "scriptName=" + script_config["name"], + ] # Creates a list of URL-Encoded params, based on the YAML config for key, value in script_config["arguments"].items(): auth_params.append(key + "=" + value) # Add a '&' to all elements except the last one - auth_params = '&'.join(auth_params) + auth_params = "&".join(auth_params) return auth_params diff --git a/scanners/zap-advanced/scanner/zapclient/scanner/__init__.py b/scanners/zap-advanced/scanner/zapclient/scanner/__init__.py index bf3741b1b7..f6d2837d4a 100644 --- a/scanners/zap-advanced/scanner/zapclient/scanner/__init__.py +++ b/scanners/zap-advanced/scanner/zapclient/scanner/__init__.py @@ -7,7 +7,7 @@ A Python package containing secureCodeBox specific ZAPv2 Client extensions to automate ZAP scans.. """ -__all__ = ['zap_scanner', 'zap_scanner_active'] +__all__ = ["zap_scanner", "zap_scanner_active"] from .zap_abstract_scanner import ZapConfigureScanner from .zap_scanner_active import ZapConfigureActiveScanner diff --git a/scanners/zap-advanced/scanner/zapclient/scanner/zap_abstract_scanner.py b/scanners/zap-advanced/scanner/zapclient/scanner/zap_abstract_scanner.py index 4cd9e07e77..0e8ec4d772 100644 --- a/scanners/zap-advanced/scanner/zapclient/scanner/zap_abstract_scanner.py +++ b/scanners/zap-advanced/scanner/zapclient/scanner/zap_abstract_scanner.py @@ -8,9 +8,9 @@ import collections import logging +from abc import abstractmethod from zapv2 import ZAPv2 -from abc import abstractmethod from .. import ZapClient from ..configuration import ZapConfiguration @@ -18,22 +18,23 @@ # set up logging to file - see previous section for more details logging.basicConfig( level=logging.INFO, - format='%(asctime)s %(name)-12s %(levelname)-8s: %(message)s', - datefmt='%Y-%m-%d %H:%M') + format="%(asctime)s %(name)-12s %(levelname)-8s: %(message)s", + datefmt="%Y-%m-%d %H:%M", +) -logging = logging.getLogger('ZapConfigureScanner') +logging = logging.getLogger("ZapConfigureScanner") class ZapConfigureScanner(ZapClient): """This class configures a scanner in a running ZAP instance, based on a ZAP Configuration - + Based on this opensource ZAP Python example: - https://github.com/zaproxy/zap-api-python/blob/9bab9bf1862df389a32aab15ea4a910551ba5bfc/src/examples/zap_example_api_script.py """ def __init__(self, zap: ZAPv2, config: ZapConfiguration): """Initial constructor used for this class - + Parameters ---------- zap : ZAPv2 @@ -41,12 +42,12 @@ def __init__(self, zap: ZAPv2, config: ZapConfiguration): config : ZapConfiguration The configuration object containing all ZAP configs (based on the class ZapConfiguration). """ - + super().__init__(zap, config) def start_scan_by_url(self, url: str) -> int: - """ Starts a ZAP ActiveScan for the given target, based on the given configuration and ZAP instance. - + """Starts a ZAP ActiveScan for the given target, based on the given configuration and ZAP instance. + Parameters ---------- url: str @@ -55,20 +56,25 @@ def start_scan_by_url(self, url: str) -> int: scannerId = -1 if self.get_config.get_active_scanner_config is not None: - logging.debug("Trying to start ActiveScan by configuration target url: '%s'", str(url)) + logging.debug( + "Trying to start ActiveScan by configuration target url: '%s'", str(url) + ) scanner_config = self.get_config.get_active_scanner_config scannerId = self.start_scanner(url=url, scanner_config=scanner_config) else: - logging.warning("There is no scanner configuration section defined in your configuration YAML to start by url: %s.", url) + logging.warning( + "There is no scanner configuration section defined in your configuration YAML to start by url: %s.", + url, + ) scannerId = self.start_scanner(url=url, scanner_config=None) return int(scannerId) - + @abstractmethod def start_scanner(self, url: str, scanner_config: collections.OrderedDict) -> int: - """ Starts a ZAP Spider with the given spiders configuration, based on the internal referenced ZAP instance. - + """Starts a ZAP Spider with the given spiders configuration, based on the internal referenced ZAP instance. + Parameters ---------- spider_config: collections.OrderedDict @@ -78,5 +84,5 @@ def start_scanner(self, url: str, scanner_config: collections.OrderedDict) -> in @abstractmethod def wait_until_finished(self, scanner_id: int): - """ Wait until the running ZAP Scanner finished and log results.""" + """Wait until the running ZAP Scanner finished and log results.""" raise NotImplementedError diff --git a/scanners/zap-advanced/scanner/zapclient/scanner/zap_scanner_active.py b/scanners/zap-advanced/scanner/zapclient/scanner/zap_scanner_active.py index 3e71c79840..841cb91614 100644 --- a/scanners/zap-advanced/scanner/zapclient/scanner/zap_scanner_active.py +++ b/scanners/zap-advanced/scanner/zapclient/scanner/zap_scanner_active.py @@ -6,35 +6,36 @@ # -*- coding: utf-8 -*- -import time import collections import logging +import time from zapv2 import ZAPv2, ascan from ..configuration import ZapConfiguration -from . import ZapConfigureScanner from ..configuration.helpers import ZapConfigurationContextUsers +from . import ZapConfigureScanner # set up logging to file - see previous section for more details logging.basicConfig( level=logging.INFO, - format='%(asctime)s %(name)-12s %(levelname)-8s: %(message)s', - datefmt='%Y-%m-%d %H:%M') + format="%(asctime)s %(name)-12s %(levelname)-8s: %(message)s", + datefmt="%Y-%m-%d %H:%M", +) -logging = logging.getLogger('ZapConfigureActiveScanner') +logging = logging.getLogger("ZapConfigureActiveScanner") class ZapConfigureActiveScanner(ZapConfigureScanner): """This class configures a scanner in a running ZAP instance, based on a ZAP Configuration. - + Based on this opensource ZAP Python example: - https://github.com/zaproxy/zap-api-python/blob/9bab9bf1862df389a32aab15ea4a910551ba5bfc/src/examples/zap_example_api_script.py """ def __init__(self, zap: ZAPv2, config: ZapConfiguration): """Initial constructor used for this class - + Parameters ---------- zap : ZAPv2 @@ -42,12 +43,12 @@ def __init__(self, zap: ZAPv2, config: ZapConfiguration): config : ZapConfiguration The configuration object containing all ZAP configs (based on the class ZapConfiguration). """ - + super().__init__(zap, config) def start_scanner(self, url: str, scanner_config: collections.OrderedDict) -> int: - """ Starts a ZAP ActiveScan with the given name for the scanners configuration, based on the given configuration and ZAP instance. - + """Starts a ZAP ActiveScan with the given name for the scanners configuration, based on the given configuration and ZAP instance. + Parameters ---------- scanner_config: collections.OrderedDict @@ -60,16 +61,23 @@ def start_scanner(self, url: str, scanner_config: collections.OrderedDict) -> in self.get_zap.ascan.remove_all_scans() if scanner_config is not None: - scannerId = self.__start_scanner_with_config(url=url, scanner_config=scanner_config) + scannerId = self.__start_scanner_with_config( + url=url, scanner_config=scanner_config + ) else: - logging.info("Starting ActiveScan(url='%s') without any additional scanner configuration!", url) + logging.info( + "Starting ActiveScan(url='%s') without any additional scanner configuration!", + url, + ) scannerId = self.get_zap.ascan.scan(url=url, contextid=None) - + logging.info("ActiveScan returned: %s", scannerId) if not str(scannerId).isdigit() or int(scannerId) < 0: logging.error("ActiveScan couldn't be started due to errors: %s", scannerId) - raise RuntimeError("ActiveScan couldn't be started due to errors: %s", scannerId) + raise RuntimeError( + "ActiveScan couldn't be started due to errors: %s", scannerId + ) else: logging.info("ActiveScan successfully started with id: %s", scannerId) # Give the scanner a chance to start @@ -79,9 +87,11 @@ def start_scanner(self, url: str, scanner_config: collections.OrderedDict) -> in return scannerId - def __start_scanner_with_config(self, url: str, scanner_config: collections.OrderedDict) -> int: - """ Starts a ZAP ActiveScan with the given name for the scanners configuration, based on the given configuration and ZAP instance. - + def __start_scanner_with_config( + self, url: str, scanner_config: collections.OrderedDict + ) -> int: + """Starts a ZAP ActiveScan with the given name for the scanners configuration, based on the given configuration and ZAP instance. + Parameters ---------- scanner_config: collections.OrderedDict @@ -93,24 +103,26 @@ def __start_scanner_with_config(self, url: str, scanner_config: collections.Orde target = None if self._is_not_empty("url", scanner_config): - target = str(scanner_config['url']) + target = str(scanner_config["url"]) else: - logging.warning("The active scanner configuration section has no specific 'url' target defined, trying to use scanType target instead with url: '%s'", url) + logging.warning( + "The active scanner configuration section has no specific 'url' target defined, trying to use scanType target instead with url: '%s'", + url, + ) target = url # "Context" is an optional config for Scanner if self._is_not_empty("context", scanner_config): - + scanner_context_config = self.get_config.get_active_context_config - context_id = int(scanner_context_config['id']) + context_id = int(scanner_context_config["id"]) # "User" is an optional config for Scanner in addition to the context if self._is_not_empty("user", scanner_config): - user_name = str(scanner_config['user']) + user_name = str(scanner_config["user"]) # search for the configured user by its user name in the active context user_id = ZapConfigurationContextUsers.get_context_user_by_name( - scanner_context_config, - user_name + scanner_context_config, user_name )["id"] # Configure HTTP ActiveScan @@ -122,93 +134,137 @@ def __start_scanner_with_config(self, url: str, scanner_config: collections.Orde policy = scanner_config["policy"] # ActiveScan with user - if (context_id is not None) and int(context_id) >= 0 and (user_id is not None) and int(user_id) >= 0: - logging.info('Starting ActiveScan(url=%s, contextid=%s, userid=%s, scanpolicyname=%s)', target, context_id, user_id, policy) - scanner_id = self.get_zap.ascan.scan_as_user(url=target, contextid=context_id, userid=user_id, scanpolicyname=policy) + if ( + (context_id is not None) + and int(context_id) >= 0 + and (user_id is not None) + and int(user_id) >= 0 + ): + logging.info( + "Starting ActiveScan(url=%s, contextid=%s, userid=%s, scanpolicyname=%s)", + target, + context_id, + user_id, + policy, + ) + scanner_id = self.get_zap.ascan.scan_as_user( + url=target, contextid=context_id, userid=user_id, scanpolicyname=policy + ) else: - logging.info('Starting ActiveScan(url=%s, contextid=%s, scanpolicyname=%s)', target, context_id, policy) - scanner_id = self.get_zap.ascan.scan(url=target, contextid=context_id, scanpolicyname=policy) - + logging.info( + "Starting ActiveScan(url=%s, contextid=%s, scanpolicyname=%s)", + target, + context_id, + policy, + ) + scanner_id = self.get_zap.ascan.scan( + url=target, contextid=context_id, scanpolicyname=policy + ) + return scanner_id - def __configure_scanner(self, zap_scanner: ascan, scanner_config: collections.OrderedDict): - """ Starts a ZAP ActiveScan with the given name for the scanners configuration, based on the given configuration and ZAP instance. - + def __configure_scanner( + self, zap_scanner: ascan, scanner_config: collections.OrderedDict + ): + """Starts a ZAP ActiveScan with the given name for the scanners configuration, based on the given configuration and ZAP instance. + Parameters ---------- zap_scanner: ascan - A reference to the active ZAP scanner (of the running ZAP instance) to configure. + A reference to the active ZAP scanner (of the running ZAP instance) to configure. scanner_config: collections.OrderedDict The scanner configuration based on ZapConfiguration. """ - logging.debug('Trying to configure the ActiveScan') + logging.debug("Trying to configure the ActiveScan") self.configure_scripts(config=scanner_config) - + if self._is_not_empty_integer("maxRuleDurationInMins", scanner_config): self.check_zap_result( - result=zap_scanner.set_option_max_rule_duration_in_mins(integer=str(scanner_config['maxRuleDurationInMins'])), - method_name="set_option_max_rule_duration_in_mins" + result=zap_scanner.set_option_max_rule_duration_in_mins( + integer=str(scanner_config["maxRuleDurationInMins"]) + ), + method_name="set_option_max_rule_duration_in_mins", ) if self._is_not_empty_integer("maxScanDurationInMins", scanner_config): self.check_zap_result( - result=zap_scanner.set_option_max_scan_duration_in_mins(integer=str(scanner_config['maxScanDurationInMins'])), - method_name="set_option_max_scan_duration_in_mins" + result=zap_scanner.set_option_max_scan_duration_in_mins( + integer=str(scanner_config["maxScanDurationInMins"]) + ), + method_name="set_option_max_scan_duration_in_mins", ) if self._is_not_empty_integer("threadPerHost", scanner_config): self.check_zap_result( - result=zap_scanner.set_option_thread_per_host(integer=str(scanner_config['threadPerHost'])), - method_name="set_option_thread_per_host" + result=zap_scanner.set_option_thread_per_host( + integer=str(scanner_config["threadPerHost"]) + ), + method_name="set_option_thread_per_host", ) if self._is_not_empty_integer("delayInMs", scanner_config): self.check_zap_result( - result=zap_scanner.set_option_delay_in_ms(integer=str(scanner_config['delayInMs'])), - method_name="set_option_delay_in_ms" + result=zap_scanner.set_option_delay_in_ms( + integer=str(scanner_config["delayInMs"]) + ), + method_name="set_option_delay_in_ms", ) - + if self._is_not_empty_bool("addQueryParam", scanner_config): self.check_zap_result( - result=zap_scanner.set_option_add_query_param(boolean=str(scanner_config['addQueryParam'])), - method_name="set_option_add_query_param" + result=zap_scanner.set_option_add_query_param( + boolean=str(scanner_config["addQueryParam"]) + ), + method_name="set_option_add_query_param", ) if self._is_not_empty_bool("handleAntiCSRFTokens", scanner_config): self.check_zap_result( - result=zap_scanner.set_option_handle_anti_csrf_tokens(boolean=str(scanner_config['handleAntiCSRFTokens'])), - method_name="set_option_handle_anti_csrf_tokens" + result=zap_scanner.set_option_handle_anti_csrf_tokens( + boolean=str(scanner_config["handleAntiCSRFTokens"]) + ), + method_name="set_option_handle_anti_csrf_tokens", ) if self._is_not_empty_bool("injectPluginIdInHeader", scanner_config): self.check_zap_result( - result=zap_scanner.set_option_inject_plugin_id_in_header(boolean=str(scanner_config['injectPluginIdInHeader'])), - method_name="set_option_inject_plugin_id_in_header" + result=zap_scanner.set_option_inject_plugin_id_in_header( + boolean=str(scanner_config["injectPluginIdInHeader"]) + ), + method_name="set_option_inject_plugin_id_in_header", ) if self._is_not_empty_bool("scanHeadersAllRequests", scanner_config): self.check_zap_result( - result=zap_scanner.set_option_scan_headers_all_requests(boolean=str(scanner_config['scanHeadersAllRequests'])), - method_name="set_option_scan_headers_all_requests" + result=zap_scanner.set_option_scan_headers_all_requests( + boolean=str(scanner_config["scanHeadersAllRequests"]) + ), + method_name="set_option_scan_headers_all_requests", ) if self._is_not_empty_string("defaultPolicy", scanner_config): self.check_zap_result( - result=zap_scanner.set_option_default_policy(string=str(scanner_config['defaultPolicy'])), - method_name="set_option_default_policy" + result=zap_scanner.set_option_default_policy( + string=str(scanner_config["defaultPolicy"]) + ), + method_name="set_option_default_policy", ) else: - # Ensure a defualt value even if nothing is defined + # Ensure a default value even if nothing is defined scanner_config["defaultPolicy"] = "Default Policy" def wait_until_finished(self, scanner_id: int): - """ Wait until the running ZAP ActiveScan finished and log results. - + """Wait until the running ZAP ActiveScan finished and log results. + Parameters ---------- scanner_id: int The id of the running scanner instance. """ - if(scanner_id >= 0): - while (int(self.get_zap.ascan.status(scanner_id)) < 100): - logging.info("ActiveScan(%s) progress: %s", scanner_id, self.get_zap.ascan.status(scanner_id)) + if scanner_id >= 0: + while int(self.get_zap.ascan.status(scanner_id)) < 100: + logging.info( + "ActiveScan(%s) progress: %s", + scanner_id, + self.get_zap.ascan.status(scanner_id), + ) time.sleep(1) - + logging.info("ActiveScan(%s) completed", scanner_id) self.__log_statistics(scanner_id) @@ -216,25 +272,33 @@ def __log_statistics(self, scanner_id: int): # Log a count of the number of urls: num_urls = len(self.get_zap.core.urls()) if num_urls == 0: - logging.warning("No URLs found - is the target URL accessible? Local services may not be accessible from the Docker container") + logging.warning( + "No URLs found - is the target URL accessible? Local services may not be accessible from the Docker container" + ) else: - logging.info("ActiveScan(%s) scanned total: %s site URLs", scanner_id, str(num_urls)) - + logging.info( + "ActiveScan(%s) scanned total: %s site URLs", scanner_id, str(num_urls) + ) + list_of_scans = self.get_zap.ascan.scans logging.info("ActiveScan(%s) statistics: %s", scanner_id, list_of_scans) - + def get_alerts(self, baseurl, ignore_scan_rules, out_of_scope_dict): # Retrieve the alerts using paging in case there are lots of them start = 0 count_per_page = 5000 alert_dict = {} alert_count = 0 - alerts_result = self.get_zap.core.alerts(baseurl=baseurl, start=start, count=count_per_page) + alerts_result = self.get_zap.core.alerts( + baseurl=baseurl, start=start, count=count_per_page + ) while len(alerts_result) > 0: - logging.info('Reading #%s alerts from page: %s', str(count_per_page), str(start)) + logging.info( + "Reading #%s alerts from page: %s", str(count_per_page), str(start) + ) alert_count += len(alerts_result) for alert in alerts_result: - plugin_id = str(alert.get('pluginId')) + plugin_id = str(alert.get("pluginId")) # if plugin_id in ignore_scan_rules: # continue # if not is_in_scope(plugin_id, alert.get('url'), out_of_scope_dict): @@ -247,6 +311,10 @@ def get_alerts(self, baseurl, ignore_scan_rules, out_of_scope_dict): alert_dict[plugin_id].append(alert) start += count_per_page alerts_result = self.get_zap.core.alerts(start=start, count=count_per_page) - - logging.info('Total number of alert categories found: #%s with in total #%s alerts.', str(alert_count), alert_count) + + logging.info( + "Total number of alert categories found: #%s with in total #%s alerts.", + str(alert_count), + alert_count, + ) return alert_dict diff --git a/scanners/zap-advanced/scanner/zapclient/settings/__init__.py b/scanners/zap-advanced/scanner/zapclient/settings/__init__.py index fd41c9fcd3..fe449edc4d 100644 --- a/scanners/zap-advanced/scanner/zapclient/settings/__init__.py +++ b/scanners/zap-advanced/scanner/zapclient/settings/__init__.py @@ -7,6 +7,6 @@ A Python package containing secureCodeBox specific ZAPv2 Client extensions to configure global ZAP settings. """ -__all__ = ['zap_global'] +__all__ = ["zap_global"] -from .zap_settings import ZapConfigureSettings \ No newline at end of file +from .zap_settings import ZapConfigureSettings diff --git a/scanners/zap-advanced/scanner/zapclient/settings/zap_settings.py b/scanners/zap-advanced/scanner/zapclient/settings/zap_settings.py index d3b6277efe..38a52742b2 100644 --- a/scanners/zap-advanced/scanner/zapclient/settings/zap_settings.py +++ b/scanners/zap-advanced/scanner/zapclient/settings/zap_settings.py @@ -6,9 +6,9 @@ # -*- coding: utf-8 -*- -import time import collections import logging +import time from zapv2 import ZAPv2 @@ -18,22 +18,23 @@ # set up logging to file - see previous section for more details logging.basicConfig( level=logging.INFO, - format='%(asctime)s %(name)-12s %(levelname)-8s: %(message)s', - datefmt='%Y-%m-%d %H:%M') + format="%(asctime)s %(name)-12s %(levelname)-8s: %(message)s", + datefmt="%Y-%m-%d %H:%M", +) -logging = logging.getLogger('ZapConfigureSettings') +logging = logging.getLogger("ZapConfigureSettings") class ZapConfigureSettings(ZapClient): """This class configures a running ZAP instance, based on a ZAP Global Configuration - + Based on this opensource ZAP Python example: - https://github.com/zaproxy/zap-api-python/blob/9bab9bf1862df389a32aab15ea4a910551ba5bfc/src/examples/zap_example_api_script.py """ def __init__(self, zap: ZAPv2, config: ZapConfiguration): """Initial constructor used for this class - + Parameters ---------- zap : ZAPv2 @@ -41,30 +42,32 @@ def __init__(self, zap: ZAPv2, config: ZapConfiguration): config : ZapConfiguration The configuration object containing all ZAP configs (based on the class ZapConfiguration). """ - + super().__init__(zap, config) - + self.__global_config = None if self.get_config.has_global_configurations(): self.__global_config = self.get_config.get_global - logging.debug("Found the following ZAP Global config: %s", self.get_global_config) + logging.debug( + "Found the following ZAP Global config: %s", self.get_global_config + ) else: logging.debug("No ZAP settings defined!") @property def get_global_config(self) -> collections.OrderedDict: - """ Returns the global config of the currently running ZAP instance.""" + """Returns the global config of the currently running ZAP instance.""" return self.__global_config - + def configure(self): """Configure a new active ZAP Session with all Settings, based on the configuration settings.""" - + if self.get_config.has_global_configurations(): self.__create_session() self.__configure_global_settings() self.__configure_exclude_paths() - self.__configure_proxy() + self.__configure_proxy() self.configure_scripts(config=self.get_global_config) def __create_session(self): @@ -76,48 +79,56 @@ def __create_session(self): session_name = self.get_global_config["sessionName"] # Start the ZAP session - logging.info('Creating a new ZAP session with the name: %s', session_name) + logging.info("Creating a new ZAP session with the name: %s", session_name) self.check_zap_result( result=self.get_zap.core.new_session(name=session_name, overwrite=True), - method_name="new_session" + method_name="new_session", ) - - # Wait for ZAP to update the internal caches + + # Wait for ZAP to update the internal caches time.sleep(5) def __configure_global_settings(self): - """ Configures some global ZAP Configurations, based on the running ZAP instance and given config YAML""" + """Configures some global ZAP Configurations, based on the running ZAP instance and given config YAML""" + + logging.debug("Trying to configure the ZAP Global Settings") - logging.debug('Trying to configure the ZAP Global Settings') - if self._is_not_empty_integer("timeoutInSeconds", self.get_global_config): self.check_zap_result( - result=self.get_zap.core.set_option_timeout_in_secs(integer=str(self.get_global_config['timeoutInSeconds'])), - method_name="set_option_timeout_in_secs" + result=self.get_zap.core.set_option_timeout_in_secs( + integer=str(self.get_global_config["timeoutInSeconds"]) + ), + method_name="set_option_timeout_in_secs", ) if self._is_not_empty_string("defaultUserAgent", self.get_global_config): self.check_zap_result( - result=self.get_zap.core.set_option_default_user_agent(string=str(self.get_global_config['defaultUserAgent'])), - method_name="set_option_default_user_agent" + result=self.get_zap.core.set_option_default_user_agent( + string=str(self.get_global_config["defaultUserAgent"]) + ), + method_name="set_option_default_user_agent", ) if self._is_not_empty_string("mode", self.get_global_config): self.check_zap_result( - result=self.get_zap.core.set_mode(mode=str(self.get_global_config['mode'])), - method_name="set_mode" + result=self.get_zap.core.set_mode( + mode=str(self.get_global_config["mode"]) + ), + method_name="set_mode", ) def __configure_exclude_paths(self): - """Private method to configure the ZAP Global 'Proxy Settings' based on a given ZAP config. """ + """Private method to configure the ZAP Global 'Proxy Settings' based on a given ZAP config.""" if "globalExcludePaths" in self.get_global_config: for regex in self.get_global_config["globalExcludePaths"]: logging.debug("Excluding regex '%s' from global proxy setting", regex) self.check_zap_result( result=self.get_zap.core.exclude_from_proxy(regex=regex), - method_name="exclude_from_proxy" + method_name="exclude_from_proxy", ) else: - logging.debug("No global exclude paths configuration defined (global.globalExcludePaths: ).") + logging.debug( + "No global exclude paths configuration defined (global.globalExcludePaths: )." + ) def __configure_proxy(self): """Private method to configure the ZAP Global 'Proxy Settings' based on a given ZAP config.""" @@ -128,93 +139,134 @@ def __configure_proxy(self): if self._is_not_empty_bool("enabled", proxy_config): self.check_zap_result( - result=self.get_zap.core.set_option_use_proxy_chain(boolean=str(proxy_config["enabled"]).lower()), - method_name="set_option_use_proxy_chain" + result=self.get_zap.core.set_option_use_proxy_chain( + boolean=str(proxy_config["enabled"]).lower() + ), + method_name="set_option_use_proxy_chain", ) self.__configure_proxy_settings(proxy_config) self.__configure_proxy_authentication(proxy_config) self.__configure_socks(proxy_config) else: - logging.debug("Proxy configuration is not enabled (global.proxy.enabled: true)") + logging.debug( + "Proxy configuration is not enabled (global.proxy.enabled: true)" + ) else: logging.debug("No proxy configuration defined (global.proxy: ...).") - + def __configure_proxy_settings(self, proxy_config: collections.OrderedDict): """Private method to configure all proxy specific setings, based on the configuration settings.""" - + if self._is_not_empty_string("address", proxy_config): self.check_zap_result( - result=self.get_zap.core.set_option_proxy_chain_name(string=str(proxy_config['address'])), - method_name="set_option_proxy_chain_name" + result=self.get_zap.core.set_option_proxy_chain_name( + string=str(proxy_config["address"]) + ), + method_name="set_option_proxy_chain_name", ) if self._is_not_empty_integer("port", proxy_config): self.check_zap_result( - result=self.get_zap.core.set_option_proxy_chain_port(integer=str(proxy_config['port'])), - method_name="set_option_proxy_chain_port" + result=self.get_zap.core.set_option_proxy_chain_port( + integer=str(proxy_config["port"]) + ), + method_name="set_option_proxy_chain_port", + ) + if "skipProxyAddresses" in proxy_config and ( + proxy_config["skipProxyAddresses"] is not None + ): + logging.debug( + "Disabling all possible pre existing proxy excluded domains before adding new ones." ) - if "skipProxyAddresses" in proxy_config and (proxy_config['skipProxyAddresses'] is not None): - logging.debug("Disabling all possible pre existing proxy excluded domains before adding new ones.") self.check_zap_result( result=self.get_zap.core.disable_all_proxy_chain_excluded_domains(), - method_name="add_proxy_chain_excluded_domain" + method_name="add_proxy_chain_excluded_domain", ) for address in proxy_config["skipProxyAddresses"]: - logging.debug("Excluding (skip) address '%s' from global proxy setting", address) + logging.debug( + "Excluding (skip) address '%s' from global proxy setting", address + ) self.check_zap_result( - result=self.get_zap.core.add_proxy_chain_excluded_domain(value=address, isregex=True, isenabled=True), - method_name="add_proxy_chain_excluded_domain" + result=self.get_zap.core.add_proxy_chain_excluded_domain( + value=address, isregex=True, isenabled=True + ), + method_name="add_proxy_chain_excluded_domain", ) def __configure_proxy_authentication(self, proxy_config: collections.OrderedDict): """Private method to configure the proxy authenication, based on the configuration settings.""" - + # Configure ZAP outgoing proxy server authentication - if "authentication" in proxy_config and (proxy_config['authentication'] is not None): - proxy_authentication_config = proxy_config['authentication'] - - if "enabled" in proxy_authentication_config and proxy_authentication_config["enabled"]: + if "authentication" in proxy_config and ( + proxy_config["authentication"] is not None + ): + proxy_authentication_config = proxy_config["authentication"] + + if ( + "enabled" in proxy_authentication_config + and proxy_authentication_config["enabled"] + ): self.check_zap_result( - result=self.get_zap.core.set_option_use_proxy_chain_auth(boolean=str(proxy_authentication_config["enabled"]).lower()), - method_name="set_option_use_proxy_chain_auth" + result=self.get_zap.core.set_option_use_proxy_chain_auth( + boolean=str(proxy_authentication_config["enabled"]).lower() + ), + method_name="set_option_use_proxy_chain_auth", + ) + self.__configure_proxy_authentication_settings( + proxy_authentication_config ) - self.__configure_proxy_authentication_settings(proxy_authentication_config) else: - logging.debug("Proxy Authentication configuration is not enabled (global.proxy.authentication.enabled: true)") + logging.debug( + "Proxy Authentication configuration is not enabled (global.proxy.authentication.enabled: true)" + ) else: - logging.debug("No authentication configuration defined for proxy (global.proxy.authentication: ).") + logging.debug( + "No authentication configuration defined for proxy (global.proxy.authentication: )." + ) - def __configure_proxy_authentication_settings(self, proxy_authentication_config: collections.OrderedDict): + def __configure_proxy_authentication_settings( + self, proxy_authentication_config: collections.OrderedDict + ): """Private method to configure the proxy authenication specific settings, based on the configuration settings.""" - + if self._is_not_empty_string("username", proxy_authentication_config): self.check_zap_result( - result=self.get_zap.core.set_option_proxy_chain_user_name(string=str(proxy_authentication_config['username'])), - method_name="set_option_proxy_chain_user_name" + result=self.get_zap.core.set_option_proxy_chain_user_name( + string=str(proxy_authentication_config["username"]) + ), + method_name="set_option_proxy_chain_user_name", ) if self._is_not_empty_string("password", proxy_authentication_config): self.check_zap_result( - result=self.get_zap.core.set_option_proxy_chain_password(string=str(proxy_authentication_config['password'])), - method_name="set_option_proxy_chain_password" + result=self.get_zap.core.set_option_proxy_chain_password( + string=str(proxy_authentication_config["password"]) + ), + method_name="set_option_proxy_chain_password", ) if self._is_not_empty_string("realm", proxy_authentication_config): self.check_zap_result( - result=self.get_zap.core.set_option_proxy_chain_realm(string=str(proxy_authentication_config['realm'])), - method_name="set_option_proxy_chain_realm" + result=self.get_zap.core.set_option_proxy_chain_realm( + string=str(proxy_authentication_config["realm"]) + ), + method_name="set_option_proxy_chain_realm", ) def __configure_socks(self, proxy_config: collections.OrderedDict): """Private method to configure the proxy socks settings, based on the configuration settings.""" - + # Configure ZAP outgoing proxy server authentication if self._is_not_empty("socks", proxy_config): - socks_config = proxy_config['socks'] - + socks_config = proxy_config["socks"] + if self._is_not_empty_bool("enabled", socks_config): self.check_zap_result( - result=self.get_zap.core.set_option_use_socks_proxy(boolean=str(socks_config["enabled"]).lower()), - method_name="set_option_use_socks_proxy" + result=self.get_zap.core.set_option_use_socks_proxy( + boolean=str(socks_config["enabled"]).lower() + ), + method_name="set_option_use_socks_proxy", ) else: - logging.debug("Proxy Socks configuration is not enabled (global.proxy.socks.enabled: true)") + logging.debug( + "Proxy Socks configuration is not enabled (global.proxy.socks.enabled: true)" + ) else: logging.debug("No proxy sock configuration found (global.proxy.socks: ).") diff --git a/scanners/zap-advanced/scanner/zapclient/spider/__init__.py b/scanners/zap-advanced/scanner/zapclient/spider/__init__.py index d2bccd8e23..5046f548d5 100644 --- a/scanners/zap-advanced/scanner/zapclient/spider/__init__.py +++ b/scanners/zap-advanced/scanner/zapclient/spider/__init__.py @@ -7,8 +7,8 @@ A Python package containing secureCodeBox specific ZAPv2 Client extensions to automate ZAP spider. """ -__all__ = ['zap_abstract_spider', 'zap_spider_http', 'zap_spider_ajax'] +__all__ = ["zap_abstract_spider", "zap_spider_http", "zap_spider_ajax"] from .zap_abstract_spider import ZapConfigureSpider from .zap_spider_ajax import ZapConfigureSpiderAjax -from .zap_spider_http import ZapConfigureSpiderHttp \ No newline at end of file +from .zap_spider_http import ZapConfigureSpiderHttp diff --git a/scanners/zap-advanced/scanner/zapclient/spider/zap_abstract_spider.py b/scanners/zap-advanced/scanner/zapclient/spider/zap_abstract_spider.py index cef5cce5b8..42066926d2 100644 --- a/scanners/zap-advanced/scanner/zapclient/spider/zap_abstract_spider.py +++ b/scanners/zap-advanced/scanner/zapclient/spider/zap_abstract_spider.py @@ -9,8 +9,8 @@ import collections import logging import time - from abc import abstractmethod + from zapv2 import ZAPv2, spider from .. import ZapClient @@ -19,22 +19,23 @@ # set up logging to file - see previous section for more details logging.basicConfig( level=logging.INFO, - format='%(asctime)s %(name)-12s %(levelname)-8s: %(message)s', - datefmt='%Y-%m-%d %H:%M') + format="%(asctime)s %(name)-12s %(levelname)-8s: %(message)s", + datefmt="%Y-%m-%d %H:%M", +) -logging = logging.getLogger('ZapConfigureSpider') +logging = logging.getLogger("ZapConfigureSpider") class ZapConfigureSpider(ZapClient): """This abstract class configures a ZAP Spider in a running ZAP instance, based on a ZAP Configuration. - + Based on this opensource ZAP Python example: - https://github.com/zaproxy/zap-api-python/blob/9bab9bf1862df389a32aab15ea4a910551ba5bfc/src/examples/zap_example_api_script.py """ def __init__(self, zap: ZAPv2, config: ZapConfiguration): """Initial constructor used for this class - + Parameters ---------- zap : ZAPv2 @@ -43,27 +44,34 @@ def __init__(self, zap: ZAPv2, config: ZapConfiguration): The configuration object containing all ZAP configs (based on the class ZapConfiguration). """ super().__init__(zap, config) - + self.__spider_config = None self.__ajax = False @property def get_spider_config(self) -> collections.OrderedDict: - """ Returns the spider config of the currently running ZAP instance. """ + """Returns the spider config of the currently running ZAP instance.""" return self.__spider_config - + def is_ajax_spider_enabled(self) -> bool: # "Context" is an optional config for spider - if self.get_spider_config is not None and "ajax" in self.get_spider_config and self.get_spider_config["ajax"]: - self.__ajax = bool(self.get_spider_config['ajax']) + if ( + self.get_spider_config is not None + and "ajax" in self.get_spider_config + and self.get_spider_config["ajax"] + ): + self.__ajax = bool(self.get_spider_config["ajax"]) else: - logging.debug("No Ajax configuration 'ajax: true' found in spider configuration: %s", self.get_spider_config) - + logging.debug( + "No Ajax configuration 'ajax: true' found in spider configuration: %s", + self.get_spider_config, + ) + return self.__ajax def start_spider_by_url(self, url: str): - """ Starts a ZAP Spider for the given url, based on the given configuration and ZAP instance. - + """Starts a ZAP Spider for the given url, based on the given configuration and ZAP instance. + Parameters ---------- url: str @@ -76,18 +84,28 @@ def start_spider_by_url(self, url: str): if self.__spider_config is not None: # Search for a API configuration referencing the context identified by url if spider_context is None: - logging.warning("No context configuration found for target: '%s'! Starting spider without any related context.", url) + logging.warning( + "No context configuration found for target: '%s'! Starting spider without any related context.", + url, + ) else: - logging.info("Trying to start Spider (Ajax: %s) with target url: '%s'", str(self.is_ajax_spider_enabled()), url) + logging.info( + "Trying to start Spider (Ajax: %s) with target url: '%s'", + str(self.is_ajax_spider_enabled()), + url, + ) else: - logging.warning("There is no spider specific configuration section defined in your configuration YAML to start by url: %s.", url) - + logging.warning( + "There is no spider specific configuration section defined in your configuration YAML to start by url: %s.", + url, + ) + self.start_spider(url=url, spider_config=self.get_spider_config) @abstractmethod def configure_spider(self, spider_config: collections.OrderedDict): - """ Configures a ZAP HTTP Spider with the given spider configuration, based on the running ZAP instance. - + """Configures a ZAP HTTP Spider with the given spider configuration, based on the running ZAP instance. + Parameters ---------- spider_config: collections.OrderedDict @@ -97,8 +115,8 @@ def configure_spider(self, spider_config: collections.OrderedDict): @abstractmethod def start_spider(self, url: str, spider_config: collections.OrderedDict): - """ Starts a ZAP Spider with the given spiders configuration, based on the internal referenced ZAP instance. - + """Starts a ZAP Spider with the given spiders configuration, based on the internal referenced ZAP instance. + Parameters ---------- spider_config: collections.OrderedDict @@ -134,7 +152,10 @@ def wait_until_spider_finished(self): This method also enforces the "maxDuration" limit of the spider, ZAP normally enforces it on its own, but there are cases where the spider has stalled and ZAP was unable to enforce it on its own. """ - if self.get_config.get_active_spider_config is not None and "maxDuration" in self.get_config.get_active_spider_config: + if ( + self.get_config.get_active_spider_config is not None + and "maxDuration" in self.get_config.get_active_spider_config + ): # convert to seconds max_duration = self.get_config.get_active_spider_config["maxDuration"] * 60 else: @@ -147,8 +168,12 @@ def wait_until_spider_finished(self): while self.check_if_spider_completed() is not True: time.sleep(1) wait_time += 1 - if max_duration is not None and wait_time > (max_duration + tolerance_duration): - logging.info("Spider has run over its configured maxDuration. Stopping Spider.") + if max_duration is not None and wait_time > ( + max_duration + tolerance_duration + ): + logging.info( + "Spider has run over its configured maxDuration. Stopping Spider." + ) self.stop_spider() break diff --git a/scanners/zap-advanced/scanner/zapclient/spider/zap_spider_ajax.py b/scanners/zap-advanced/scanner/zapclient/spider/zap_spider_ajax.py index 478c7742f8..cf982578c8 100644 --- a/scanners/zap-advanced/scanner/zapclient/spider/zap_spider_ajax.py +++ b/scanners/zap-advanced/scanner/zapclient/spider/zap_spider_ajax.py @@ -6,35 +6,36 @@ # -*- coding: utf-8 -*- -import time import collections import logging +import time from zapv2 import ZAPv2, ajaxSpider -from ..configuration.helpers import ZapConfigurationContextUsers from ..configuration import ZapConfiguration +from ..configuration.helpers import ZapConfigurationContextUsers from . import ZapConfigureSpider # set up logging to file - see previous section for more details logging.basicConfig( level=logging.INFO, - format='%(asctime)s %(name)-12s %(levelname)-8s: %(message)s', - datefmt='%Y-%m-%d %H:%M') + format="%(asctime)s %(name)-12s %(levelname)-8s: %(message)s", + datefmt="%Y-%m-%d %H:%M", +) -logging = logging.getLogger('ZapConfigureSpiderAjax') +logging = logging.getLogger("ZapConfigureSpiderAjax") class ZapConfigureSpiderAjax(ZapConfigureSpider): """This class configures a ZAP Ajax Spider in a running ZAP instance, based on a ZAP Configuration. - + Based on this opensource ZAP Python example: - https://github.com/zaproxy/zap-api-python/blob/9bab9bf1862df389a32aab15ea4a910551ba5bfc/src/examples/zap_example_api_script.py """ def __init__(self, zap: ZAPv2, config: ZapConfiguration): """Initial constructor used for this class - + Parameters ---------- zap : ZAPv2 @@ -46,12 +47,12 @@ def __init__(self, zap: ZAPv2, config: ZapConfiguration): @property def get_zap_spider(self) -> ajaxSpider: - """ Returns the ajax spider of the currently running ZAP instance.""" + """Returns the ajax spider of the currently running ZAP instance.""" return self.get_zap.ajaxSpider def start_spider(self, url: str, spider_config: collections.OrderedDict): - """ Starts a ZAP Spider with the given spiders configuration, based on the internal referenced ZAP instance. - + """Starts a ZAP Spider with the given spiders configuration, based on the internal referenced ZAP instance. + Parameters ---------- spider_config: collections.OrderedDict @@ -70,9 +71,12 @@ def start_spider(self, url: str, spider_config: collections.OrderedDict): if spider_config is not None: if "url" in spider_config: - target = str(spider_config['url']) + target = str(spider_config["url"]) else: - logging.warning("The spider configuration section has no specific 'url' target defined, trying to use scanType target instead with url: '%s'", url) + logging.warning( + "The spider configuration section has no specific 'url' target defined, trying to use scanType target instead with url: '%s'", + url, + ) target = url # Configure Ajax Spider @@ -80,27 +84,46 @@ def start_spider(self, url: str, spider_config: collections.OrderedDict): # "Context" is an optional config for spider if "context" in spider_config: - context_name = str(spider_config['context']) + context_name = str(spider_config["context"]) spider_context_config = self.get_config.get_active_context_config # "User" is an optional config for spider in addition to the context if "user" in spider_config: # this lookup is required as name != username and the ajax spider needs the username user_name = ZapConfigurationContextUsers.get_context_user_by_name( - spider_context_config, - str(spider_config['user']) + spider_context_config, str(spider_config["user"]) )["username"] else: - logging.warning("No context 'context: XYZ' referenced within the spider config. This is ok but maybe not intended.") - - if (context_name is not None) and len(context_name) >= 0 and (user_name is not None) and len(user_name) >= 0: - logging.info('Starting Ajax Spider(target=%s) with Context(%s) and User(%s)', target, context_name, user_name) - result = self.get_zap_spider.scan_as_user(url=target, contextname=context_name, username=user_name) + logging.warning( + "No context 'context: XYZ' referenced within the spider config. This is ok but maybe not intended." + ) + + if ( + (context_name is not None) + and len(context_name) >= 0 + and (user_name is not None) + and len(user_name) >= 0 + ): + logging.info( + "Starting Ajax Spider(target=%s) with Context(%s) and User(%s)", + target, + context_name, + user_name, + ) + result = self.get_zap_spider.scan_as_user( + url=target, contextname=context_name, username=user_name + ) else: - logging.debug('Starting Ajax Spider(target=%s) with Context(%s)', target, context_name) + logging.debug( + "Starting Ajax Spider(target=%s) with Context(%s)", + target, + context_name, + ) result = self.get_zap_spider.scan(url=target, contextname=context_name) else: - logging.info("Starting Ajax Spider(target=%s) without any additinal Config!", url) + logging.info( + "Starting Ajax Spider(target=%s) without any additinal Config!", url + ) result = self.get_zap_spider.scan(url=url, contextname=None) if "OK" != str(result): @@ -115,71 +138,87 @@ def start_spider(self, url: str, spider_config: collections.OrderedDict): self.wait_until_spider_finished() def configure_spider(self, spider_config: collections.OrderedDict): - """ Configures a ZAP Ajax Spider with the given spider configuration, based on the running ZAP instance. - + """Configures a ZAP Ajax Spider with the given spider configuration, based on the running ZAP instance. + Parameters ---------- spider_config: collections.OrderedDict The spider configuration based on ZapConfiguration. """ - logging.debug('Trying to configure the AjaxSpider') + logging.debug("Trying to configure the AjaxSpider") self.configure_scripts(config=spider_config) # Configure Spider (ajax or http) if self._is_not_empty_integer("maxDuration", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_max_duration(integer=str(spider_config['maxDuration'])), - method_name="set_option_max_duration" + result=self.get_zap_spider.set_option_max_duration( + integer=str(spider_config["maxDuration"]) + ), + method_name="set_option_max_duration", ) if self._is_not_empty_integer("maxDepth", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_max_crawl_depth(integer=str(spider_config['maxDepth'])), - method_name="set_option_max_crawl_depth" + result=self.get_zap_spider.set_option_max_crawl_depth( + integer=str(spider_config["maxDepth"]) + ), + method_name="set_option_max_crawl_depth", ) if self._is_not_empty_integer("maxStates", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_max_crawl_states(integer=str(spider_config['maxStates'])), - method_name="set_option_max_crawl_states" + result=self.get_zap_spider.set_option_max_crawl_states( + integer=str(spider_config["maxStates"]) + ), + method_name="set_option_max_crawl_states", ) if self._is_not_empty_string("browserId", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_browser_id(string=str(spider_config['browserId'])), - method_name="set_option_browser_id" + result=self.get_zap_spider.set_option_browser_id( + string=str(spider_config["browserId"]) + ), + method_name="set_option_browser_id", ) if self._is_not_empty_integer("browserCount", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_number_of_browsers(integer=str(spider_config['browserCount'])), - method_name="set_option_number_of_browsers" + result=self.get_zap_spider.set_option_number_of_browsers( + integer=str(spider_config["browserCount"]) + ), + method_name="set_option_number_of_browsers", ) if self._is_not_empty_integer("randomInputs", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_random_inputs(boolean=str(spider_config['randomInputs'])), - method_name="set_option_random_inputs" + result=self.get_zap_spider.set_option_random_inputs( + boolean=str(spider_config["randomInputs"]) + ), + method_name="set_option_random_inputs", ) def check_if_spider_completed(self): - finished = self.get_zap_spider.status != 'running' - logging.info('Ajax Spider running, found urls: %s', self.get_zap_spider.number_of_results) + finished = self.get_zap_spider.status != "running" + logging.info( + "Ajax Spider running, found urls: %s", self.get_zap_spider.number_of_results + ) return finished def print_spider_summary(self): """Method to print out a summary of the spider results""" - logging.info('Ajax Spider complete') + logging.info("Ajax Spider complete") # Print out a count of the number of urls num_urls = len(self.get_zap.core.urls()) if num_urls == 0: logging.error( - "No URLs found - is the target URL accessible? Local services may not be accessible from the Docker container") + "No URLs found - is the target URL accessible? Local services may not be accessible from the Docker container" + ) raise RuntimeError( - 'No URLs found by ZAP Spider :-( - is the target URL accessible? Local services may not be accessible from the Docker container') + "No URLs found by ZAP Spider :-( - is the target URL accessible? Local services may not be accessible from the Docker container" + ) else: logging.info("Ajax Spider found total: %s URLs", str(num_urls)) for url in self.get_zap_spider.results(): - logging.debug("URL: %s", url['requestHeader']) + logging.debug("URL: %s", url["requestHeader"]) def stop_spider(self): - self.get_zap_spider.stop() \ No newline at end of file + self.get_zap_spider.stop() diff --git a/scanners/zap-advanced/scanner/zapclient/spider/zap_spider_http.py b/scanners/zap-advanced/scanner/zapclient/spider/zap_spider_http.py index 4fe93985ea..71a528cc4f 100644 --- a/scanners/zap-advanced/scanner/zapclient/spider/zap_spider_http.py +++ b/scanners/zap-advanced/scanner/zapclient/spider/zap_spider_http.py @@ -6,36 +6,37 @@ # -*- coding: utf-8 -*- -import time import collections import logging +import time from zapv2 import ZAPv2, spider from ..configuration import ZapConfiguration -from . import ZapConfigureSpider # set up logging to file - see previous section for more details from ..configuration.helpers import ZapConfigurationContextUsers +from . import ZapConfigureSpider logging.basicConfig( level=logging.INFO, - format='%(asctime)s %(name)-12s %(levelname)-8s: %(message)s', - datefmt='%Y-%m-%d %H:%M') + format="%(asctime)s %(name)-12s %(levelname)-8s: %(message)s", + datefmt="%Y-%m-%d %H:%M", +) -logging = logging.getLogger('ZapConfigureSpiderHttp') +logging = logging.getLogger("ZapConfigureSpiderHttp") class ZapConfigureSpiderHttp(ZapConfigureSpider): """This class configures a ZAP HTTP Spider in a running ZAP instance, based on a ZAP Configuration. - + Based on this opensource ZAP Python example: - https://github.com/zaproxy/zap-api-python/blob/9bab9bf1862df389a32aab15ea4a910551ba5bfc/src/examples/zap_example_api_script.py """ def __init__(self, zap: ZAPv2, config: ZapConfiguration): """Initial constructor used for this class - + Parameters ---------- zap : ZAPv2 @@ -44,26 +45,26 @@ def __init__(self, zap: ZAPv2, config: ZapConfiguration): The configuration object containing all ZAP configs (based on the class ZapConfiguration). """ self.__spider_id = -1 - + super().__init__(zap, config) @property def get_zap_spider(self) -> spider: - """ Returns the spider of the currently running ZAP instance.""" + """Returns the spider of the currently running ZAP instance.""" return self.get_zap.spider - + @property def get_spider_id(self) -> int: - """ Returns the spider id of the currently running ZAP instance.""" + """Returns the spider id of the currently running ZAP instance.""" return self.__spider_id - + def has_spider_id(self) -> bool: - """ Returns a spider is currently running in the ZAP instance.""" + """Returns a spider is currently running in the ZAP instance.""" return self.__spider_id > 0 - + def start_spider(self, url: str, spider_config: collections.OrderedDict): - """ Starts a ZAP Spider with the given spiders configuration, based on the internal referenced ZAP instance. - + """Starts a ZAP Spider with the given spiders configuration, based on the internal referenced ZAP instance. + Parameters ---------- spider_config: collections.OrderedDict @@ -75,7 +76,7 @@ def start_spider(self, url: str, spider_config: collections.OrderedDict): target = "" # Clear all existing/previous spider data - logging.debug("Removing all pre existing spider scans.") + logging.debug("Removing all pre existing spider scans.") self.get_zap.spider.remove_all_scans() # Open first URL before the spider start's to crawl @@ -83,45 +84,68 @@ def start_spider(self, url: str, spider_config: collections.OrderedDict): if spider_config is not None: - if("url" in spider_config): - target = str(spider_config['url']) + if "url" in spider_config: + target = str(spider_config["url"]) else: - logging.warning("The spider configuration section has no specific 'url' target defined, trying to use scanType target instead with url: '%s'", url) - target=url + logging.warning( + "The spider configuration section has no specific 'url' target defined, trying to use scanType target instead with url: '%s'", + url, + ) + target = url # Configure Spider Options if there are any self.configure_spider(spider_config) # "Context" is an optional config for spider if self._is_not_empty("context", spider_config): - - context_name = str(spider_config['context']) + + context_name = str(spider_config["context"]) spider_context_config = self.get_config.get_active_context_config - context_id = int(spider_context_config['id']) + context_id = int(spider_context_config["id"]) # "User" is an optional config for spider in addition to the context if self._is_not_empty("user", spider_config): - user_name = str(spider_config['user']) + user_name = str(spider_config["user"]) # search for the configured user by its user name in the active context user_id = ZapConfigurationContextUsers.get_context_user_by_name( - spider_context_config, - user_name + spider_context_config, user_name )["id"] else: - logging.warning("No context 'context: XYZ' referenced within the spider config. This is ok but maybe not intended.") + logging.warning( + "No context 'context: XYZ' referenced within the spider config. This is ok but maybe not intended." + ) logging.warning("context_id is currently: %s", context_id) logging.warning("user_id is currently: %s", user_id) - if (context_id is not None) and int(context_id) >= 0 and (user_id is not None) and int(user_id) >= 0: - logging.info("Starting 'traditional' Spider(target=%s) with Context(%s) and User(%s)", target, context_id, user_id) - result = self.get_zap_spider.scan_as_user(url=target, contextid=context_id, userid=user_id) + if ( + (context_id is not None) + and int(context_id) >= 0 + and (user_id is not None) + and int(user_id) >= 0 + ): + logging.info( + "Starting 'traditional' Spider(target=%s) with Context(%s) and User(%s)", + target, + context_id, + user_id, + ) + result = self.get_zap_spider.scan_as_user( + url=target, contextid=context_id, userid=user_id + ) else: - logging.info("Starting 'traditional' Spider(target=%s) with Context(%s)", target, context_name) + logging.info( + "Starting 'traditional' Spider(target=%s) with Context(%s)", + target, + context_name, + ) result = self.get_zap_spider.scan(url=target, contextname=context_name) else: - logging.info("Starting 'traditional' Spider(target=%s) without any additinal configuration!", url) + logging.info( + "Starting 'traditional' Spider(target=%s) without any additinal configuration!", + url, + ) result = self.get_zap_spider.scan(url=url, contextname=None) - + # Check if spider is running successfully if (not str(result).isdigit()) or int(result) < 0: logging.error("Spider couldn't be started due to errors: %s", result) @@ -133,112 +157,148 @@ def start_spider(self, url: str, spider_config: collections.OrderedDict): time.sleep(5) self.wait_until_spider_finished() - + def configure_spider(self, spider_config: collections.OrderedDict): - """ Configures a ZAP HTTP Spider with the given spider configuration, based on the running ZAP instance. - + """Configures a ZAP HTTP Spider with the given spider configuration, based on the running ZAP instance. + Parameters ---------- spider_config: collections.OrderedDict The spider configuration based on ZapConfiguration. """ - logging.debug('Trying to configure the Spider') + logging.debug("Trying to configure the Spider") self.configure_scripts(config=spider_config) - + # Configure Spider (ajax or http) - + if self._is_not_empty_integer("maxDuration", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_max_duration(integer=str(spider_config['maxDuration'])), - method_name="set_option_max_duration" + result=self.get_zap_spider.set_option_max_duration( + integer=str(spider_config["maxDuration"]) + ), + method_name="set_option_max_duration", ) if self._is_not_empty_integer("maxDepth", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_max_depth(integer=str(spider_config['maxDepth'])), - method_name="set_option_max_depth" + result=self.get_zap_spider.set_option_max_depth( + integer=str(spider_config["maxDepth"]) + ), + method_name="set_option_max_depth", ) if self._is_not_empty_integer("maxChildren", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_max_children(integer=str(spider_config['maxChildren'])), - method_name="set_option_max_children" + result=self.get_zap_spider.set_option_max_children( + integer=str(spider_config["maxChildren"]) + ), + method_name="set_option_max_children", ) if self._is_not_empty_integer("maxParseSizeBytes", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_max_parse_size_bytes(integer=str(spider_config['maxParseSizeBytes'])), - method_name="set_option_max_parse_size_bytes" + result=self.get_zap_spider.set_option_max_parse_size_bytes( + integer=str(spider_config["maxParseSizeBytes"]) + ), + method_name="set_option_max_parse_size_bytes", ) if self._is_not_empty_bool("acceptCookies", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_accept_cookies(boolean=str(spider_config['acceptCookies'])), - method_name="set_option_accept_cookies" + result=self.get_zap_spider.set_option_accept_cookies( + boolean=str(spider_config["acceptCookies"]) + ), + method_name="set_option_accept_cookies", ) if self._is_not_empty_bool("handleODataParametersVisited", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_handle_o_data_parameters_visited(boolean=str(spider_config['handleODataParametersVisited'])), - method_name="set_option_handle_o_data_parameters_visited" + result=self.get_zap_spider.set_option_handle_o_data_parameters_visited( + boolean=str(spider_config["handleODataParametersVisited"]) + ), + method_name="set_option_handle_o_data_parameters_visited", ) if self._is_not_empty_bool("handleParameters", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_handle_parameters(string=str(spider_config['handleParameters'])), - method_name="set_option_handle_parameters" + result=self.get_zap_spider.set_option_handle_parameters( + string=str(spider_config["handleParameters"]) + ), + method_name="set_option_handle_parameters", ) - + if self._is_not_empty_bool("parseComments", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_parse_comments(boolean=str(spider_config['parseComments'])), - method_name="set_option_parse_comments" + result=self.get_zap_spider.set_option_parse_comments( + boolean=str(spider_config["parseComments"]) + ), + method_name="set_option_parse_comments", ) if self._is_not_empty_bool("parseGit", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_parse_git(boolean=str(spider_config['parseGit'])), - method_name="set_option_parse_git" + result=self.get_zap_spider.set_option_parse_git( + boolean=str(spider_config["parseGit"]) + ), + method_name="set_option_parse_git", ) if self._is_not_empty_bool("parseRobotsTxt", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_parse_robots_txt(boolean=str(spider_config['parseRobotsTxt'])), - method_name="set_option_parse_robots_txt" + result=self.get_zap_spider.set_option_parse_robots_txt( + boolean=str(spider_config["parseRobotsTxt"]) + ), + method_name="set_option_parse_robots_txt", ) if self._is_not_empty_bool("parseSitemapXml", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_parse_sitemap_xml(boolean=str(spider_config['parseSitemapXml'])), - method_name="set_option_parse_sitemap_xml" + result=self.get_zap_spider.set_option_parse_sitemap_xml( + boolean=str(spider_config["parseSitemapXml"]) + ), + method_name="set_option_parse_sitemap_xml", ) if self._is_not_empty_bool("parseSVNEntries", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_parse_svn_entries(boolean=str(spider_config['parseSVNEntries'])), - method_name="set_option_parse_svn_entries" + result=self.get_zap_spider.set_option_parse_svn_entries( + boolean=str(spider_config["parseSVNEntries"]) + ), + method_name="set_option_parse_svn_entries", ) if self._is_not_empty_bool("postForm", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_post_form(boolean=str(spider_config['postForm'])), - method_name="set_option_post_form" + result=self.get_zap_spider.set_option_post_form( + boolean=str(spider_config["postForm"]) + ), + method_name="set_option_post_form", ) if self._is_not_empty_bool("processForm", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_process_form(boolean=str(spider_config['processForm'])), - method_name="set_option_process_form" + result=self.get_zap_spider.set_option_process_form( + boolean=str(spider_config["processForm"]) + ), + method_name="set_option_process_form", ) - + if self._is_not_empty_integer("requestWaitTime", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_request_wait_time(integer=str(spider_config['requestWaitTime'])), - method_name="set_option_request_wait_time" + result=self.get_zap_spider.set_option_request_wait_time( + integer=str(spider_config["requestWaitTime"]) + ), + method_name="set_option_request_wait_time", ) if self._is_not_empty_bool("sendRefererHeader", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_send_referer_header(boolean=str(spider_config['sendRefererHeader'])), - method_name="set_option_send_referer_header" + result=self.get_zap_spider.set_option_send_referer_header( + boolean=str(spider_config["sendRefererHeader"]) + ), + method_name="set_option_send_referer_header", ) if self._is_not_empty_integer("threadCount", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_thread_count(integer=str(spider_config['threadCount'])), - method_name="set_option_thread_count" + result=self.get_zap_spider.set_option_thread_count( + integer=str(spider_config["threadCount"]) + ), + method_name="set_option_thread_count", ) if self._is_not_empty_string("userAgent", spider_config): self.check_zap_result( - result=self.get_zap_spider.set_option_user_agent(string=str(spider_config['userAgent'])), - method_name="set_option_user_agent" + result=self.get_zap_spider.set_option_user_agent( + string=str(spider_config["userAgent"]) + ), + method_name="set_option_user_agent", ) def check_if_spider_completed(self): @@ -252,12 +312,20 @@ def print_spider_summary(self): num_urls = len(self.get_zap.core.urls()) if num_urls == 0: - logging.error("No URLs found - is the target URL accessible? Local services may not be accessible from the Docker container.") - raise RuntimeError('No URLs found by ZAP Spider :-( - is the target URL accessible? Local services may not be accessible from the Docker container.') + logging.error( + "No URLs found - is the target URL accessible? Local services may not be accessible from the Docker container." + ) + raise RuntimeError( + "No URLs found by ZAP Spider :-( - is the target URL accessible? Local services may not be accessible from the Docker container." + ) else: for url in self.get_zap_spider.results(scanid=self.get_spider_id): logging.info("Spidered URL: %s", url) - logging.info("Spider(%s) found total: %s URLs", str(self.get_spider_id), str(num_urls)) + logging.info( + "Spider(%s) found total: %s URLs", + str(self.get_spider_id), + str(num_urls), + ) def stop_spider(self): self.get_zap_spider.stop() diff --git a/scanners/zap-advanced/scanner/zapclient/zap_abstract_client.py b/scanners/zap-advanced/scanner/zapclient/zap_abstract_client.py index 75d40b3d8b..dbdc921f49 100644 --- a/scanners/zap-advanced/scanner/zapclient/zap_abstract_client.py +++ b/scanners/zap-advanced/scanner/zapclient/zap_abstract_client.py @@ -8,8 +8,8 @@ import collections import logging - from abc import ABC, abstractmethod + from zapv2 import ZAPv2 from .configuration import ZapConfiguration @@ -17,17 +17,19 @@ # set up logging to file - see previous section for more details logging.basicConfig( level=logging.INFO, - format='%(asctime)s %(name)-12s %(levelname)-8s: %(message)s', - datefmt='%Y-%m-%d %H:%M') + format="%(asctime)s %(name)-12s %(levelname)-8s: %(message)s", + datefmt="%Y-%m-%d %H:%M", +) + +logging = logging.getLogger("ZapClient") -logging = logging.getLogger('ZapClient') class ZapClient(ABC): """This abstract class configures a ZAP Client using in a running ZAP instance.""" def __init__(self, zap: ZAPv2, config: ZapConfiguration): """Initial constructor used for this class - + Parameters ---------- zap : ZAPv2 @@ -35,23 +37,25 @@ def __init__(self, zap: ZAPv2, config: ZapConfiguration): config : ZapConfiguration The configuration object containing all ZAP configs (based on the class ZapConfiguration). """ - + self.__zap = zap self.__config = config - + @property def get_config(self) -> ZapConfiguration: - """ Returns the complete config of the currently running ZAP instance. """ + """Returns the complete config of the currently running ZAP instance.""" return self.__config @property def get_zap(self) -> ZAPv2: - """ Returns the currently running ZAP instance. """ + """Returns the currently running ZAP instance.""" return self.__zap - - def check_zap_result(self, result: str, method_name: str, exception_message=None) -> bool: - """ Checks the given result for ZAP API Call for errors and logs a warning messages if there are errors returened by ZAP. - + + def check_zap_result( + self, result: str, method_name: str, exception_message=None + ) -> bool: + """Checks the given result for ZAP API Call for errors and logs a warning messages if there are errors returened by ZAP. + Parameters ---------- result: str @@ -63,23 +67,31 @@ def check_zap_result(self, result: str, method_name: str, exception_message=None """ __result = False - + if "OK" != result: __result = False - if(exception_message is not None): + if exception_message is not None: logging.error(exception_message) raise Exception(exception_message) else: - logging.warning("Failed to call ZAP Method ['%s'], result is: '%s'", method_name, result) + logging.warning( + "Failed to call ZAP Method ['%s'], result is: '%s'", + method_name, + result, + ) else: - logging.debug("Successfull called ZAP Method ['%s'], result is: '%s'", method_name, result) + logging.debug( + "Successful called ZAP Method ['%s'], result is: '%s'", + method_name, + result, + ) __result = True return __result - + def configure_scripts(self, config: collections.OrderedDict): """Private method to configure the script settings, based on the configuration settings.""" - + if self._is_not_empty("scripts", config): self._log_all_scripts() for script in config["scripts"]: @@ -89,88 +101,137 @@ def configure_scripts(self, config: collections.OrderedDict): else: logging.debug("No Scripts found to configure.") - def _configure_load_script(self, script_config: collections.OrderedDict, script_type: str): + def _configure_load_script( + self, script_config: collections.OrderedDict, script_type: str + ): """Protected method to load a new ZAP Script based on a given ZAP config. - + Parameters ---------- script_config : collections.OrderedDict The current 'script' configuration object containing the ZAP script configuration (based on the class ZapConfiguration). """ - + if self._is_not_empty("name", script_config): # Set default to script_type if it is defined - if(script_type is not None and isinstance(script_type, str) and len(script_type) > 0 ): + if ( + script_type is not None + and isinstance(script_type, str) + and len(script_type) > 0 + ): script_config["type"] = script_type # Only try to add new scripts if the definition contains all nessesary config options, otherwise try to only activate/deactivate a given script name - if("filePath" in script_config and "engine" in script_config and "type" in script_config): + if ( + "filePath" in script_config + and "engine" in script_config + and "type" in script_config + ): # Remove existing Script, if already pre-existing - logging.debug("Trying to remove pre-existing Script '%s' at '%s'", script_config["name"], script_config["filePath"]) + logging.debug( + "Trying to remove pre-existing Script '%s' at '%s'", + script_config["name"], + script_config["filePath"], + ) self.get_zap.script.remove(scriptname=script_config["name"]) # Add Script again - logging.info("Loading new Script '%s' at '%s' with type: '%s' and engine '%s'", script_config["name"], script_config["filePath"], script_config["type"], script_config["engine"]) + logging.info( + "Loading new Script '%s' at '%s' with type: '%s' and engine '%s'", + script_config["name"], + script_config["filePath"], + script_config["type"], + script_config["engine"], + ) self.check_zap_result( result=self.get_zap.script.load( - scriptname=script_config["name"], - scripttype=script_config["type"], - scriptengine=script_config["engine"], - filename=script_config["filePath"], - scriptdescription=script_config["description"]), + scriptname=script_config["name"], + scripttype=script_config["type"], + scriptengine=script_config["engine"], + filename=script_config["filePath"], + scriptdescription=script_config["description"], + ), method_name="script.load", - exception_message="The script couldn't be loaded due to errors!" + exception_message="The script couldn't be loaded due to errors!", ) # Set default to: True - if(not self._is_not_empty("enabled", script_config)): + if not self._is_not_empty("enabled", script_config): script_config["enabled"] = True - - logging.info("Activating Script '%s' with 'enabled: %s'", script_config["name"], str(script_config["enabled"]).lower()) - if(script_config["enabled"]): + + logging.info( + "Activating Script '%s' with 'enabled: %s'", + script_config["name"], + str(script_config["enabled"]).lower(), + ) + if script_config["enabled"]: self.check_zap_result( result=self.get_zap.script.enable(scriptname=script_config["name"]), - method_name="script.enable" + method_name="script.enable", ) else: self.check_zap_result( - result=self.get_zap.script.disable(scriptname=script_config["name"]), - method_name="script.disable" + result=self.get_zap.script.disable( + scriptname=script_config["name"] + ), + method_name="script.disable", ) else: - logging.warning("Important script configs (name, type, filePath, engine) are missing! Ignoring the script configuration. Please check your YAML configuration.") + logging.warning( + "Important script configs (name, type, filePath, engine) are missing! Ignoring the script configuration. Please check your YAML configuration." + ) def _log_all_scripts(self): """Protected method to log all currently configured ZAP Scripts.""" - + for scripts in self.get_zap.script.list_scripts: logging.debug(scripts) - + def _is_not_empty(self, item_name: str, config: collections.OrderedDict) -> bool: """Return True if the item with the name 'item_name' is exisiting and not None, otherwise false.""" result = False - if config is not None and item_name in config and (config[item_name] is not None): + if ( + config is not None + and item_name in config + and (config[item_name] is not None) + ): result = True return result - def _is_not_empty_integer(self, item_name: str, config: collections.OrderedDict) -> bool: + def _is_not_empty_integer( + self, item_name: str, config: collections.OrderedDict + ) -> bool: """Return True if the item with the name 'item_name' is exisiting and a valid integer >= 0, otherwise false.""" result = False - if self._is_not_empty(item_name, config) and isinstance(config[item_name], int) and config[item_name] >= 0: + if ( + self._is_not_empty(item_name, config) + and isinstance(config[item_name], int) + and config[item_name] >= 0 + ): result = True return result - - def _is_not_empty_string(self, item_name: str, config: collections.OrderedDict) -> bool: + + def _is_not_empty_string( + self, item_name: str, config: collections.OrderedDict + ) -> bool: """Return True if the item with the name 'item_name' is exisiting and a valid string with len() >= 0, otherwise false.""" result = False - if self._is_not_empty(item_name, config) and isinstance(config[item_name], str) and len(config[item_name]) > 0: + if ( + self._is_not_empty(item_name, config) + and isinstance(config[item_name], str) + and len(config[item_name]) > 0 + ): result = True return result - - def _is_not_empty_bool(self, item_name: str, config: collections.OrderedDict) -> bool: + + def _is_not_empty_bool( + self, item_name: str, config: collections.OrderedDict + ) -> bool: """Return True if the item with the name 'item_name' is exisiting and a valid bool, otherwise false.""" result = False - if self._is_not_empty(item_name, config) and isinstance(config[item_name], bool): + if self._is_not_empty(item_name, config) and isinstance( + config[item_name], bool + ): result = True - return result \ No newline at end of file + return result diff --git a/scanners/zap-advanced/scanner/zapclient/zap_automation.py b/scanners/zap-advanced/scanner/zapclient/zap_automation.py index 47141ad356..a52eec1859 100644 --- a/scanners/zap-advanced/scanner/zapclient/zap_automation.py +++ b/scanners/zap-advanced/scanner/zapclient/zap_automation.py @@ -6,39 +6,42 @@ # -*- coding: utf-8 -*- +import errno import logging import time -import errno - from pathlib import Path + from zapv2 import ZAPv2 +from .api import ZapConfigureApi from .configuration import ZapConfiguration -from .settings import ZapConfigureSettings from .context import ZapConfigureContext -from .api import ZapConfigureApi -from .spider import ZapConfigureSpider, ZapConfigureSpiderHttp, ZapConfigureSpiderAjax from .scanner import ZapConfigureActiveScanner +from .settings import ZapConfigureSettings +from .spider import ZapConfigureSpider, ZapConfigureSpiderAjax, ZapConfigureSpiderHttp # set up logging to file - see previous section for more details logging.basicConfig( level=logging.INFO, - format='%(asctime)s %(name)-12s %(levelname)-8s: %(message)s', - datefmt='%Y-%m-%d %H:%M') + format="%(asctime)s %(name)-12s %(levelname)-8s: %(message)s", + datefmt="%Y-%m-%d %H:%M", +) -logging = logging.getLogger('ZapClient') +logging = logging.getLogger("ZapClient") class ZapAutomation: """This class configures running ZAP instance - + Based on this opensource ZAP Python example: - https://github.com/zaproxy/zap-api-python/blob/9bab9bf1862df389a32aab15ea4a910551ba5bfc/src/examples/zap_example_api_script.py """ - def __init__(self, zap: ZAPv2, config_dir: str, target: str, forced_context: str = None): + def __init__( + self, zap: ZAPv2, config_dir: str, target: str, forced_context: str = None + ): """Initial constructor used for this class - + Parameters ---------- zap : ZAPv2 @@ -46,14 +49,16 @@ def __init__(self, zap: ZAPv2, config_dir: str, target: str, forced_context: str config_dir : ZapConfiguration The configuration object containing all ZAP configs (based on the class ZapConfiguration). """ - + self.__zap = zap self.__config_dir = config_dir - self.__config = ZapConfiguration(self.__config_dir, target, forced_context = forced_context) + self.__config = ZapConfiguration( + self.__config_dir, target, forced_context=forced_context + ) self.__zap_scanner = None - + @property def get_configuration(self) -> ZapConfiguration: return self.__config @@ -65,19 +70,19 @@ def get_zap_scanner(self) -> ZapConfigureActiveScanner: def scan_target(self, target: str): # Wait at least 3 minutes for ZAP to start self.wait_for_zap_start(3 * 60) - - logging.info('Configuring ZAP Global') + + logging.info("Configuring ZAP Global") if self.get_configuration.has_global_configurations: # Starting to configure the ZAP Instance based on the given Configuration zap_settings = ZapConfigureSettings(self.__zap, self.__config) zap_settings.configure() else: logging.info("No ZAP global settings specific YAML configuration found.") - + self.zap_tune(target) # self.zap_access_target(target) - logging.info('Configuring ZAP Context') + logging.info("Configuring ZAP Context") # Starting to configure the ZAP Instance based on the given Configuration if self.get_configuration.get_active_context_config is not None: zap_context = ZapConfigureContext(self.__zap, self.__config) @@ -90,56 +95,64 @@ def scan_target(self, target: str): self.__start_scanner(target) def __start_api_import(self, target: str): - logging.info('Configuring API Import') + logging.info("Configuring API Import") # Starting to configure the ZAP Instance based on the given Configuration if self.get_configuration.get_active_api_config is not None: zap_api = ZapConfigureApi(self.__zap, self.__config) zap_api.start_api_import( target, self.get_configuration.get_active_context_config, - self.get_configuration.get_active_api_config + self.get_configuration.get_active_api_config, ) - # Wait for ZAP to update the internal caches + # Wait for ZAP to update the internal caches time.sleep(5) else: logging.info("No ZAP API specific YAML configuration found.") def __start_spider(self, target: str): - logging.info('Starting ZAP Spider with target %s', target) + logging.info("Starting ZAP Spider with target %s", target) # if a ZAP Configuration is defined start to configure the running ZAP instance (`zap`) if self.get_configuration.get_active_spider_config is not None: # Starting to configure the ZAP Spider Instance based on the given Configuration zap_spider = ZapConfigureSpiderHttp(zap=self.__zap, config=self.__config) zap_spider.start_spider_by_url(target) - # Wait for ZAP to update the internal caches + # Wait for ZAP to update the internal caches time.sleep(5) - # Additionaly start the ZAP Ajax Spider if enabled + # Additionally start the ZAP Ajax Spider if enabled if zap_spider.is_ajax_spider_enabled(): - zap_spider = ZapConfigureSpiderAjax(zap=self.__zap, config=self.__config) + zap_spider = ZapConfigureSpiderAjax( + zap=self.__zap, config=self.__config + ) zap_spider.start_spider_by_url(target) - # Wait for ZAP to update the internal caches + # Wait for ZAP to update the internal caches time.sleep(5) else: logging.info("No ZAP AjaxSpider specific YAML configuration found.") - + else: - logging.info("No ZAP Spider specific YAML configuration found. Stating spider without any configuration.") + logging.info( + "No ZAP Spider specific YAML configuration found. Stating spider without any configuration." + ) zap_spider = ZapConfigureSpiderHttp(zap=self.__zap, config=self.__config) zap_spider.start_spider_by_url(target) def __start_scanner(self, target: str): # if a ZAP Configuration is defined start to configure the running ZAP instance (`zap`) if self.get_configuration.get_active_scanner_config is not None: - logging.info('Starting ZAP Scanner with target %s', target) + logging.info("Starting ZAP Scanner with target %s", target) else: - logging.info("No ZAP Scanner specific YAML configuration found. Stating Active Scanner without any configuration.") - + logging.info( + "No ZAP Scanner specific YAML configuration found. Stating Active Scanner without any configuration." + ) + # Starting to configure the ZAP Instance based on the given Configuration - self.__zap_scanner = ZapConfigureActiveScanner(zap=self.__zap, config=self.__config) + self.__zap_scanner = ZapConfigureActiveScanner( + zap=self.__zap, config=self.__config + ) # Search for the corresponding context based on the given targetUrl which should correspond to defined the spider url self.__zap_scanner.start_scan_by_url(target) @@ -154,12 +167,19 @@ def get_report_template_for_file_type(self, file_type: str): return "traditional-md" else: raise RuntimeError( - "Report file type: '" + file_type + "' hasn't been implemented. Available: XML, JSON, HTML or MD") + "Report file type: '" + + file_type + + "' hasn't been implemented. Available: XML, JSON, HTML or MD" + ) def generate_report_file(self, file_path: str, report_type: str): # To retrieve ZAP report in XML or HTML format - logging.info("Creating a new ZAP Report file with type '%s' at location: '%s'", report_type, file_path) - + logging.info( + "Creating a new ZAP Report file with type '%s' at location: '%s'", + report_type, + file_path, + ) + if report_type is None: report_type = "XML" @@ -169,10 +189,10 @@ def generate_report_file(self, file_path: str, report_type: str): template=self.get_report_template_for_file_type(report_type), reportdir=file_path, contexts=self.__config.get_active_context_config["name"], - reportfilename=report_file + reportfilename=report_file, ) - - def wait_for_zap_start(self, timeout_in_secs = 600): + + def wait_for_zap_start(self, timeout_in_secs=600): version = None if not timeout_in_secs: # if ZAP doesn't start in 10 mins then its probably not going to start @@ -181,39 +201,47 @@ def wait_for_zap_start(self, timeout_in_secs = 600): for x in range(0, timeout_in_secs): try: version = self.__zap.core.version - logging.debug('ZAP Version ' + version) - logging.debug('Took ' + str(x) + ' seconds') + logging.debug("ZAP Version " + version) + logging.debug("Took " + str(x) + " seconds") break except IOError: time.sleep(1) if not version: raise IOError( - errno.EIO, - 'Failed to connect to ZAP after {0} seconds'.format(timeout_in_secs)) + errno.EIO, + "Failed to connect to ZAP after {0} seconds".format(timeout_in_secs), + ) - def zap_access_target(self, target:str): + def zap_access_target(self, target: str): logging.info("Testing ZAP Access to target URL: %s", target) - + res = self.__zap.urlopen(target) if res.startswith("ZAP Error"): - raise IOError(errno.EIO, 'ZAP failed to access: {0}'.format(target)) + raise IOError(errno.EIO, "ZAP failed to access: {0}".format(target)) - def zap_tune(self, target:str): - logging.debug('Tune') - logging.debug('Disable all tags') + def zap_tune(self, target: str): + logging.debug("Tune") + logging.debug("Disable all tags") self.__zap.pscan.disable_all_tags() - logging.debug('Set max pscan alerts') + logging.debug("Set max pscan alerts") self.__zap.pscan.set_max_alerts_per_rule(10) - if self.get_configuration.get_active_context_config is not None and "includePaths" not in self.get_configuration.get_active_context_config: - logging.debug("Ensure the target is included in the active context by adding '%s.*' to the includePaths", target) + if ( + self.get_configuration.get_active_context_config is not None + and "includePaths" not in self.get_configuration.get_active_context_config + ): + logging.debug( + "Ensure the target is included in the active context by adding '%s.*' to the includePaths", + target, + ) self.get_configuration.get_active_context_config["includePaths"] = [] - self.get_configuration.get_active_context_config["includePaths"].append(target + ".*") + self.get_configuration.get_active_context_config["includePaths"].append( + target + ".*" + ) def zap_shutdown(self): - """ This shutdown ZAP and prints out ZAP Scanning stats before shutting down. - """ - + """This shutdown ZAP and prints out ZAP Scanning stats before shutting down.""" + logging.info(":: Show all Statistics") stats = self.__zap.stats.all_sites_stats() logging.info(stats) diff --git a/scanners/zap-advanced/values.yaml b/scanners/zap-advanced/values.yaml index a2d7f7a1dd..7abe5750a5 100644 --- a/scanners/zap-advanced/values.yaml +++ b/scanners/zap-advanced/values.yaml @@ -100,7 +100,7 @@ scanner: drop: # scanner.securityContext.capabilities.drop[0] -- This drops all linux privileges from the container. - all - + # scanner.affinity -- Optional affinity settings that control how the scanner job is scheduled (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/) affinity: {} @@ -156,8 +156,9 @@ zapContainer: # scanner.securityContext.capabilities.drop[0] -- This drops all linux privileges from the container. - all -# -- All `scanType` specific configuration options. Feel free to add more configuration options. All configuration options can be overriden by scan specific configurations if defined. Please have a look into the README.md to find more configuration options. -zapConfiguration: {} +# -- All `scanType` specific configuration options. Feel free to add more configuration options. All configuration options can be overridden by scan specific configurations if defined. Please have a look into the README.md to find more configuration options. +zapConfiguration: + {} # # -- Optional general ZAP Configurations settings. # global: # # -- The ZAP internal Session name. Default: secureCodeBox diff --git a/scanners/zap/examples/demo-bodgeit-baseline-scan/findings.yaml b/scanners/zap/examples/demo-bodgeit-baseline-scan/findings.yaml index 2db7f8e8dc..bee66e732d 100644 --- a/scanners/zap/examples/demo-bodgeit-baseline-scan/findings.yaml +++ b/scanners/zap/examples/demo-bodgeit-baseline-scan/findings.yaml @@ -3,1345 +3,1385 @@ # SPDX-License-Identifier: Apache-2.0 [ - { - "name": "Content Security Policy (CSP) Header Not Set", - "description": "Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page β€” covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.", - "category": "Content Security Policy (CSP) Header Not Set", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "298", - "zap_solution": "Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header, to achieve optimal browser support: \"Content-Security-Policy\" for Chrome 25+, Firefox 23+ and Safari 7+, \"X-Content-Security-Policy\" for Firefox 4.0+ and Internet Explorer 10+, and \"X-WebKit-CSP\" for Chrome 14+ and Safari 6+.", - "zap_otherinfo": null, - "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policyhttps://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.htmlhttp://www.w3.org/TR/CSP/http://w3c.github.io/webappsec/specs/content-security-policy/csp-specification.dev.htmlhttp://www.html5rocks.com/en/tutorials/security/content-security-policy/http://caniuse.com/#feat=contentsecuritypolicyhttp://content-security-policy.com/", - "zap_cweid": "16", - "zap_wascid": "15", - "zap_riskcode": "1", - "zap_pluginid": "10038", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/tagplugin/choose.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/valve.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/tagfiles/panel.jsp.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/loader.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/connectors.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/HelloWorldSimpleTag.java.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/apr.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/appdev/introduction.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/listeners.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/SessionExample", - "method": "POST" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/class-loader-howto.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/RequestParamExample", - "method": "POST" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspx/textRotate.jspx.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/helloworld.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/sessions/carts.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/security-howto.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/jasper-howto.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/misc/config.jsp.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster-interceptor.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/index.html", - "method": "GET" - } - ] - }, - "id": "7e32d4f4-97e2-4d72-8aaf-cd3170096b85" - }, - { - "name": "X-Frame-Options Header Not Set", - "description": "X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.", - "category": "X-Frame-Options Header Not Set", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "MEDIUM", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "280", - "zap_solution": "Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).", - "zap_otherinfo": null, - "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options", - "zap_cweid": "16", - "zap_wascid": "15", - "zap_riskcode": "2", - "zap_pluginid": "10020", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/rewrite.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/mbean-names.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/faq.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/include/include.jsp.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/automatic-deployment.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/colors/colors.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/tagfiles/hello.jsp", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspattribute/shuffle.jsp.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/index.xhtml", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/cluster-howto.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/echo.xhtml", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsptoserv/jts.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/simpletag/foo.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/Functions.java.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/tagplugin/choose.jsp", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/interceptors.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/fs-jndi-realm.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/dates/date.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/RequestHeaderExample", - "method": "GET", - "param": "X-Frame-Options" - } - ] - }, - "id": "81e0f441-e995-415e-a2fb-3888029538d3" - }, - { - "name": "Server Leaks Version Information via \"Server\" HTTP Response Header Field", - "description": "The web/application server is leaking version information via the \"Server\" HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.", - "category": "Server Leaks Version Information via \"Server\" HTTP Response Header Field", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "3", - "zap_count": "337", - "zap_solution": "Ensure that your web server, application server, load balancer, etc. is configured to suppress the \"Server\" header or provide generic details.", - "zap_otherinfo": null, - "zap_reference": "http://httpd.apache.org/docs/current/mod/core.html#servertokenshttp://msdn.microsoft.com/en-us/library/ff648552.aspx#ht_urlscan_007http://blogs.msdn.com/b/varunm/archive/2013/04/23/remove-unwanted-http-response-headers.aspxhttp://www.troyhunt.com/2012/02/shhh-dont-let-your-response-headers.html", - "zap_cweid": "200", - "zap_wascid": "13", - "zap_riskcode": "1", - "zap_pluginid": "10036", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/filter.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/num/numguess.jsp.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/implicit-objects.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/cal/cal2.jsp.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/appdev/index.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/hello.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/book.jsp.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/basic-comparisons.jsp.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/http.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/developers.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/maven-jars.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/service.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/mbeans-descriptors-howto.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/chat.xhtml", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/api/org/apache/catalina/Host.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/snp/snoop.jsp.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/functions.jsp.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspattribute/shuffle.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/tagplugin/foreach.jsp", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/fs-admin-objects.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - } - ] - }, - "id": "bbd6f2df-c5b0-4f0e-aeed-11936f32b826" - }, - { - "name": "Timestamp Disclosure - Unix", - "description": "A timestamp was disclosed by the application/web server - Unix", - "category": "Timestamp Disclosure - Unix", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "INFORMATIONAL", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "1", - "zap_count": "51", - "zap_solution": "Manually confirm that the timestamp data is not sensitive, and that the data cannot be aggregated to disclose exploitable patterns.", - "zap_otherinfo": "0000000039, which evaluates to: 1970-01-01 00:00:39", - "zap_reference": "http://projects.webappsec.org/w/page/13246936/Information%20Leakage", - "zap_cweid": "200", - "zap_wascid": "13", - "zap_riskcode": "0", - "zap_pluginid": "10096", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000000039" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000000008" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000014963" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000018373" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/snp/snoop.jsp", - "method": "GET", - "evidence": "20100101" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000000018" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000005503" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000000026" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000015294" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000016347" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000002280" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000043589" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000015448" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000007734" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000010013" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/manager-howto.html", - "method": "GET", - "evidence": "46800300" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000005214" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000043442" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000005368" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000000301" - } - ] - }, - "id": "322a8f55-aac1-4e2b-8ef5-1da7c9f89497" - }, - { - "name": "Reverse Tabnabbing", - "description": "At least one link on this page is vulnerable to Reverse tabnabbing as it uses a target attribute without using both of the \"noopener\" and \"noreferrer\" keywords in the \"rel\" attribute, which allows the target page to take control of this page.", - "category": "Reverse Tabnabbing", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "MEDIUM", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "102", - "zap_solution": "Do not use a target attribute, or if you have to then also add the attribute: rel=\"noopener noreferrer\".", - "zap_otherinfo": null, - "zap_reference": "https://owasp.org/www-community/attacks/Reverse_Tabnabbinghttps://dev.to/ben/the-targetblank-vulnerability-by-examplehttps://mathiasbynens.github.io/rel-noopener/https://medium.com/@jitbit/target-blank-the-most-underestimated-vulnerability-ever-96e328301f4c", - "zap_cweid": null, - "zap_wascid": null, - "zap_riskcode": "2", - "zap_pluginid": "10108", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/class-loader-howto.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/virtual-hosting-howto.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster-valve.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/windows-service-howto.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster-manager.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/apr.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/connectors.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/security-howto.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster-channel.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/jasper-howto.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/transport.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/status.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/appdev/processes.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/realm.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/index.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/building.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/introduction.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/systemprops.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/membership.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster-deployer.html", - "method": "GET", - "evidence": "\"The" - } - ] - }, - "id": "3c92d43d-c321-47bc-a75d-8823cb69a4b9" - }, - { - "name": "X-Content-Type-Options Header Missing", - "description": "The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.", - "category": "X-Content-Type-Options Header Missing", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "316", - "zap_solution": "Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.", - "zap_otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.At \"High\" threshold this scanner will not alert on client or server error responses.", - "zap_reference": "http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspxhttps://owasp.org/www-community/Security_Headers", - "zap_cweid": "16", - "zap_wascid": "15", - "zap_riskcode": "1", - "zap_pluginid": "10021", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsptoserv/jts.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/automatic-deployment.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/mbean-names.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/include/include.jsp.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/rewrite.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/basic-arithmetic.jsp", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/tomcat.png", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/colors/colors.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/images/asf-feather.png", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/fs-admin-apps.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/introduction.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/faq.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/servletapi/index.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/misc/dynamicattrs.jsp.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/building.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspattribute/shuffle.jsp.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/images/code.gif", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster-receiver.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/deployer-howto.html", - "method": "GET", - "param": "X-Content-Type-Options" - } - ] - }, - "id": "8843596f-ab70-4385-ad6d-604677c9014f" - }, - { - "name": "Absence of Anti-CSRF Tokens", - "description": "No Anti-CSRF tokens were found in a HTML submission form.A cross-site request forgery is an attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge or intent in order to perform an action as the victim. The underlying cause is application functionality using predictable URL/form actions in a repeatable way. The nature of the attack is that CSRF exploits the trust that a web site has for a user. By contrast, cross-site scripting (XSS) exploits the trust that a user has for a web site. Like XSS, CSRF attacks are not necessarily cross-site, but they can be. Cross-site request forgery is also known as CSRF, XSRF, one-click attack, session riding, confused deputy, and sea surf.CSRF attacks are effective in a number of situations, including: * The victim has an active session on the target site. * The victim is authenticated via HTTP auth on the target site. * The victim is on the same local network as the target site.CSRF has primarily been used to perform an action against a target site using the victim's privileges, but recent techniques have been discovered to disclose information by gaining access to the response. The risk of information disclosure is dramatically increased when the target site is vulnerable to XSS, because XSS can be used as a platform for CSRF, allowing the attack to operate within the bounds of the same-origin policy.", - "category": "Absence of Anti-CSRF Tokens", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "29", - "zap_solution": "Phase: Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.For example, use anti-CSRF packages such as the OWASP CSRFGuard.Phase: ImplementationEnsure that your application is free of cross-site scripting issues, because most CSRF defenses can be bypassed using attacker-controlled script.Phase: Architecture and DesignGenerate a unique nonce for each form, place the nonce into the form, and verify the nonce upon receipt of the form. Be sure that the nonce is not predictable (CWE-330).Note that this can be bypassed using XSS.Identify especially dangerous operations. When the user performs a dangerous operation, send a separate confirmation request to ensure that the user intended to perform that operation.Note that this can be bypassed using XSS.Use the ESAPI Session Management control.This control includes a component for CSRF.Do not use the GET method for any request that triggers a state change.Phase: ImplementationCheck the HTTP Referer header to see if the request originated from an expected page. This could break legitimate functionality, because users or proxies may have disabled sending the Referer for privacy reasons.", - "zap_otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret] was found in the following HTML form: [Form 1: \"guess\" ].", - "zap_reference": "http://projects.webappsec.org/Cross-Site-Request-Forgeryhttp://cwe.mitre.org/data/definitions/352.html", - "zap_cweid": "352", - "zap_wascid": "9", - "zap_riskcode": "1", - "zap_pluginid": "10202", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/num/numguess.jsp", - "method": "GET", - "evidence": "
" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/SessionExample?dataname=foo&datavalue=bar", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/sessions/carts.html", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/cal/cal1.jsp?action=Submit&email=ZAP&name=ZAP", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/CookieExample", - "method": "POST", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/SessionExample", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/SessionExample?dataname=ZAP&datavalue=ZAP", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/checkbox/check.html", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/error/error.html", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/sessions/carts.jsp?item=X-files+movie&submit=add", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/implicit-objects.jsp?foo=bar", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/security/protected/index.jsp", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/RequestParamExample", - "method": "POST", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/functions.jsp?foo=JSP+2.0", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/nonblocking/bytecounter.html", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/colors/colors.html", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/SessionExample", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/cal/login.html", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/num/numguess.jsp?guess=ZAP", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/sessions/carts.jsp?item=X-files+movie&submit=remove", - "method": "GET", - "evidence": "" - } - ] - }, - "id": "7e0751eb-ae31-4686-b0b5-53df0e00ea4b" - }, - { - "name": "User Controllable HTML Element Attribute (Potential XSS)", - "description": "This check looks at user-supplied input in query string parameters and POST data to identify where certain HTML attribute values might be controlled. This provides hot-spot detection for XSS (cross-site scripting) that will require further review by a security analyst to determine exploitability.", - "category": "User Controllable HTML Element Attribute (Potential XSS)", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "INFORMATIONAL", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "1", - "zap_count": "7", - "zap_solution": "Validate all input and sanitize output it before writing to any HTML attributes.", - "zap_otherinfo": "User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL:http://bodgeit.demo-targets.svc:8080/examples/jsp/colors/colrs.jsp?action=Hint&color1=ZAP&color2=ZAPappears to include user input in: a(n) [input] tag [value] attribute The user input found was:action=HintThe user-controlled value was:hint", - "zap_reference": "http://websecuritytool.codeplex.com/wikipage?title=Checks#user-controlled-html-attribute", - "zap_cweid": "20", - "zap_wascid": "20", - "zap_riskcode": "0", - "zap_pluginid": "10031", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/colors/colrs.jsp?action=Hint&color1=ZAP&color2=ZAP", - "method": "GET", - "param": "action" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/colors/colrs.jsp?action=Submit&color1=ZAP&color2=ZAP", - "method": "GET", - "param": "action" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/functions.jsp?foo=JSP+2.0", - "method": "GET", - "param": "foo" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/implicit-objects.jsp?foo=bar", - "method": "GET", - "param": "foo" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/sessions/carts.jsp?item=X-files+movie&submit=remove", - "method": "GET", - "param": "submit" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/colors/colrs.jsp?action=Submit&color1=ZAP&color2=ZAP", - "method": "GET", - "param": "action" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/sessions/carts.jsp?item=X-files+movie&submit=add", - "method": "GET", - "param": "submit" - } - ] - }, - "id": "1139b86b-5eb2-4ef9-b5f3-24beeedafbf2" - }, - { - "name": "Private IP Disclosure", - "description": "A private IP (such as 10.x.x.x, 172.x.x.x, 192.168.x.x) or an Amazon EC2 private hostname (for example, ip-10-0-56-78) has been found in the HTTP response body. This information might be helpful for further attacks targeting internal systems.", - "category": "Private IP Disclosure", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "4", - "zap_solution": "Remove the private IP address from the HTTP response body. For comments, use JSP/ASP/PHP comment instead of HTML/JavaScript comment which can be seen by client browsers.", - "zap_otherinfo": "10.1.20.26", - "zap_reference": "https://tools.ietf.org/html/rfc1918", - "zap_cweid": "200", - "zap_wascid": "13", - "zap_riskcode": "1", - "zap_pluginid": "2", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/RequestInfoExample", - "method": "GET", - "evidence": "10.1.20.26" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/snp/snoop.jsp", - "method": "GET", - "evidence": "10.1.20.26" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/filter.html", - "method": "GET", - "evidence": "192.168.0.10" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/monitoring.html", - "method": "GET", - "evidence": "192.168.1.75" - } - ] - }, - "id": "32b8e793-7258-4e6b-bc60-f13ab05dc489" - }, - { - "name": "Application Error Disclosure", - "description": "This page contains an error/warning message that may disclose sensitive information like the location of the file that produced the unhandled exception. This information can be used to launch further attacks against the web application. The alert could be a false positive if the error message is found inside a documentation page.", - "category": "Application Error Disclosure", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "MEDIUM", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "5", - "zap_solution": "Review the source code of this page. Implement custom error pages. Consider implementing a mechanism to provide a unique error reference/identifier to the client (browser) while logging the details on the server side and not exposing them to the user.", - "zap_otherinfo": null, - "zap_reference": null, - "zap_cweid": "200", - "zap_wascid": "13", - "zap_riskcode": "2", - "zap_pluginid": "90022", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/jndi-resources-howto.html", - "method": "GET", - "evidence": "JDBC Driver" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/manager-howto.html", - "method": "GET", - "evidence": "java.lang.NumberFormatException: For input string:" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/jndi-datasource-examples-howto.html", - "method": "GET", - "evidence": "JDBC Driver" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/listeners.html", - "method": "GET", - "evidence": "JDBC Driver" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/valve.html", - "method": "GET", - "evidence": "Error Report" - } - ] - }, - "id": "13184616-ff12-4785-8c31-1c9d9d11942a" - }, - { - "name": "Modern Web Application", - "description": "The application appears to be a modern web application. If you need to explore it automatically then the Ajax Spider may well be more effective than the standard one.", - "category": "Modern Web Application", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "INFORMATIONAL", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "4", - "zap_solution": "This is an informational alert and so no changes are required.", - "zap_otherinfo": "No links have been found while there are scripts, which is an indication that this is a modern web application.", - "zap_reference": null, - "zap_cweid": null, - "zap_wascid": null, - "zap_riskcode": "0", - "zap_pluginid": "10109", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/echo.xhtml", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/drawboard.xhtml", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/snake.xhtml", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/chat.xhtml", - "method": "GET", - "evidence": "" - } - ] - }, - "id": "d6dc3899-b3fc-46cd-b544-590badef18fc" - }, - { - "name": "Weak Authentication Method", - "description": "HTTP basic or digest authentication has been used over an unsecured connection. The credentials can be read and then reused by someone with access to the network.", - "category": "Weak Authentication Method", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "MEDIUM", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "3", - "zap_solution": "Protect the connection using HTTPS or use a stronger authentication mechanism", - "zap_otherinfo": null, - "zap_reference": "https://cheatsheetseries.owasp.org/cheatsheets/Authentication_Cheat_Sheet.html", - "zap_cweid": "326", - "zap_wascid": "4", - "zap_riskcode": "2", - "zap_pluginid": "10105", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/manager/html", - "method": "GET", - "evidence": "WWW-Authenticate: Basic realm=\"Tomcat Manager Application\"" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/manager/status", - "method": "GET", - "evidence": "WWW-Authenticate: Basic realm=\"Tomcat Manager Application\"" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/host-manager/html", - "method": "GET", - "evidence": "WWW-Authenticate: Basic realm=\"Tomcat Host Manager Application\"" - } - ] - }, - "id": "ed7e142a-ea90-4cff-9bfa-214eb99fdf91" - }, - { - "name": "Content-Type Header Missing", - "description": "The Content-Type header was either missing or empty.", - "category": "Content-Type Header Missing", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "INFORMATIONAL", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "2", - "zap_solution": "Ensure each page is setting the specific and appropriate content-type value for the content being delivered.", - "zap_otherinfo": null, - "zap_reference": "http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx", - "zap_cweid": "345", - "zap_wascid": "12", - "zap_riskcode": "0", - "zap_pluginid": "10019", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/appdev/sample/sample.war", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/async/async2", - "method": "GET" - } - ] - }, - "id": "e56b88b8-68cd-4b11-b826-208126850a87" - }, - { - "name": "Cookie Without SameSite Attribute", - "description": "A cookie has been set without the SameSite attribute, which means that the cookie can be sent as a result of a 'cross-site' request. The SameSite attribute is an effective counter measure to cross-site request forgery, cross-site script inclusion, and timing attacks.", - "category": "Cookie Without SameSite Attribute", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "4", - "zap_solution": "Ensure that the SameSite attribute is set to either 'lax' or ideally 'strict' for all cookies.", - "zap_otherinfo": null, - "zap_reference": "https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site", - "zap_cweid": "16", - "zap_wascid": "13", - "zap_riskcode": "1", - "zap_pluginid": "10054", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/security/protected/index.jsp", - "method": "GET", - "param": "JSESSIONID", - "evidence": "Set-Cookie: JSESSIONID" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/basic-arithmetic.jsp", - "method": "GET", - "param": "JSESSIONID", - "evidence": "Set-Cookie: JSESSIONID" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/basic-comparisons.jsp", - "method": "GET", - "param": "JSESSIONID", - "evidence": "Set-Cookie: JSESSIONID" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/CookieExample", - "method": "POST", - "param": "ZAP", - "evidence": "Set-Cookie: ZAP" - } - ] - }, - "id": "fcbdde04-17da-482c-9c68-e9a3b8cdf1fb" - }, - { - "name": "Cookie Poisoning", - "description": "This check looks at user-supplied input in query string parameters and POST data to identify where cookie parameters might be controlled. This is called a cookie poisoning attack, and becomes exploitable when an attacker can manipulate the cookie in various ways. In some cases this will not be exploitable, however, allowing URL parameters to set cookie values is generally considered a bug.", - "category": "Cookie Poisoning", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "INFORMATIONAL", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "1", - "zap_count": "2", - "zap_solution": "Do not allow user input to control cookie names and values. If some query string parameters must be set in cookie values, be sure to filter out semicolon's that can serve as name/value pair delimiters.", - "zap_otherinfo": "An attacker may be able to poison cookie values through POST parameters. To test if this is a more serious issue, you should try resending that request as a GET, with the POST parameter included as a query string parameter. For example: http://nottrusted.com/page?value=maliciousInput.This was identified at:http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/CookieExampleUser-input was found in the following cookie:ZAP=ZAP; Path=/examples/The user input was:cookievalue=ZAP", - "zap_reference": "http://websecuritytool.codeplex.com/wikipage?title=Checks#user-controlled-cookie", - "zap_cweid": "20", - "zap_wascid": "20", - "zap_riskcode": "0", - "zap_pluginid": "10029", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/CookieExample", - "method": "POST", - "param": "cookievalue" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/CookieExample", - "method": "POST", - "param": "cookiename" - } - ] - }, - "id": "f548884e-276e-4631-a32d-1ee3a803e031" - }, - { - "name": "Information Disclosure - Suspicious Comments", - "description": "The response appears to contain suspicious comments which may help an attacker. Note: Matches made within script blocks or files are against the entire content not only comments.", - "category": "Information Disclosure - Suspicious Comments", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "INFORMATIONAL", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "1", - "zap_count": "5", - "zap_solution": "Remove all comments that return information that may help an attacker and fix any underlying problems they refer to.", - "zap_otherinfo": "The following comment/snippet was identified via the pattern: \\bADMIN\\b \"use strict\"; // Enable strict mode (function() { var thisScript = document.currentScript; if (!thisScript) { // Workaround for IE var scripts = document.getElementsByTagName(\"script\"); thisScript = scripts[scripts.length - 1]; } document.addEventListener(\"DOMContentLoaded\", (function() { var commentsDiv = document.getElementById(\"comments_thread\"); var commentsShortname = \"tomcat\"; var commentsIdentifier = \"http://tomcat.apache.org/\" + thisScript.getAttribute(\"data-comments-identifier\") + \".html\"; (function(w, d) { if (w.location.hostname.toLowerCase() == \"tomcat.apache.org\") { var s = d.createElement(\"script\"); s.type = \"application/javascript\"; s.async = true; s.src = \"https://comments.apache.org/show_comments.lua?site=\" + encodeURIComponent(commentsShortname) + \"&page=\" + encodeURIComponent(commentsIdentifier); d.head.appendChild(s); } else { commentsDiv.appendChild(d.createTextNode(\"Comments are disabled for this page at the moment.\")); } })(window, document); }), false); })(); ", - "zap_reference": null, - "zap_cweid": "200", - "zap_wascid": "13", - "zap_riskcode": "0", - "zap_pluginid": "10027", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/fs-admin-opers.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/drawboard.xhtml", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/fs-admin-objects.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/echo.xhtml", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/fs-admin-apps.html", - "method": "GET" - } - ] - }, - "id": "3d9212bf-54d8-4be4-8c47-18c7f006dee7" - }, - { - "name": "Cookie No HttpOnly Flag", - "description": "A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.", - "category": "Cookie No HttpOnly Flag", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "1", - "zap_solution": "Ensure that the HttpOnly flag is set for all cookies.", - "zap_otherinfo": null, - "zap_reference": "https://owasp.org/www-community/HttpOnly", - "zap_cweid": "16", - "zap_wascid": "13", - "zap_riskcode": "1", - "zap_pluginid": "10010", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/CookieExample", - "method": "POST", - "param": "ZAP", - "evidence": "Set-Cookie: ZAP" - } - ] - }, - "id": "7854eea8-b291-4273-ab3a-4ada6ba472f2" - }, - { - "name": "Information Disclosure - Suspicious Comments", - "description": "The response appears to contain suspicious comments which may help an attacker. Note: Matches made within script blocks or files are against the entire content not only comments.", - "category": "Information Disclosure - Suspicious Comments", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "INFORMATIONAL", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "2", - "zap_solution": "Remove all comments that return information that may help an attacker and fix any underlying problems they refer to.", - "zap_otherinfo": "The following comment/snippet was identified via the pattern: \\bADMINISTRATOR\\b String constants used within your application, which can be customized by the system administrator who is installing your application. The values actually assigned to these parameters can be retrieved in a servlet or JSP page by calling: String value = getServletContext().getInitParameter(\"name\"); where \"name\" matches the element of one of these initialization parameters. You can define any number of context initialization parameters, including zero. -->The following comment/snippet was identified via the pattern: \\bWHERE\\b your web application, including initialization parameters. With Tomcat, you can also send requests to servlets not listed here with a request like this: http://localhost:8080/{context-path}/servlet/{classname} but this usage is not guaranteed to be portable. It also makes relative references to images and other resources required by your servlet more complicated, so defining all of your servlets (and defining a mapping to them with a servlet-mapping element) is recommended. Servlet initialization parameters can be retrieved in a servlet or JSP page by calling: String value = getServletConfig().getInitParameter(\"name\"); where \"name\" matches the element of one of these initialization parameters. You can define any number of servlets, including zero. -->The following comment/snippet was identified via the pattern: \\bFROM\\b in minutes. From a servlet or JSP page, you can modify the timeout for a particular session dynamically by using HttpSession.getMaxInactiveInterval(). -->", - "zap_reference": null, - "zap_cweid": "200", - "zap_wascid": "13", - "zap_riskcode": "0", - "zap_pluginid": "10027", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/appdev/web.xml.txt", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/appdev/build.xml.txt", - "method": "GET" - } - ] - }, - "id": "dbf95dc8-8a08-43a6-86c7-e34e892410d4" - }, - { - "name": "Application Error Disclosure", - "description": "This page contains an error/warning message that may disclose sensitive information like the location of the file that produced the unhandled exception. This information can be used to launch further attacks against the web application. The alert could be a false positive if the error message is found inside a documentation page.", - "category": "Application Error Disclosure", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "1", - "zap_solution": "Review the source code of this page. Implement custom error pages. Consider implementing a mechanism to provide a unique error reference/identifier to the client (browser) while logging the details on the server side and not exposing them to the user.", - "zap_otherinfo": null, - "zap_reference": null, - "zap_cweid": "200", - "zap_wascid": "13", - "zap_riskcode": "1", - "zap_pluginid": "90022", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/error/err.jsp?name=bmw328i&submit=Submit", - "method": "GET", - "evidence": "HTTP/1.1 500 Internal Server Error" - } - ] - }, - "id": "bfe66cec-6da6-474c-933e-683c2c9fffbf" - }, - { - "name": "Information Disclosure - Debug Error Messages", - "description": "The response appeared to contain common error messages returned by platforms such as ASP.NET, and Web-servers such as IIS and Apache. You can configure the list of common debug messages.", - "category": "Information Disclosure - Debug Error Messages", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "1", - "zap_solution": "Disable debugging messages before pushing to production.", - "zap_otherinfo": null, - "zap_reference": null, - "zap_cweid": "200", - "zap_wascid": "13", - "zap_riskcode": "1", - "zap_pluginid": "10023", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/changelog.html", - "method": "GET", - "evidence": "internal server error" - } - ] - }, - "id": "325de9a9-63f3-4ec1-a6aa-fd0e1eeae7c4" - } + { + "name": "Content Security Policy (CSP) Header Not Set", + "description": "Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page β€” covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.", + "category": "Content Security Policy (CSP) Header Not Set", + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "LOW", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "2", + "zap_count": "298", + "zap_solution": 'Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header, to achieve optimal browser support: "Content-Security-Policy" for Chrome 25+, Firefox 23+ and Safari 7+, "X-Content-Security-Policy" for Firefox 4.0+ and Internet Explorer 10+, and "X-WebKit-CSP" for Chrome 14+ and Safari 6+.', + "zap_otherinfo": null, + "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policyhttps://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.htmlhttp://www.w3.org/TR/CSP/http://w3c.github.io/webappsec/specs/content-security-policy/csp-specification.dev.htmlhttp://www.html5rocks.com/en/tutorials/security/content-security-policy/http://caniuse.com/#feat=contentsecuritypolicyhttp://content-security-policy.com/", + "zap_cweid": "16", + "zap_wascid": "15", + "zap_riskcode": "1", + "zap_pluginid": "10038", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/tagplugin/choose.html", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/valve.html", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/tagfiles/panel.jsp.html", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/loader.html", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/connectors.html", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/HelloWorldSimpleTag.java.html", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/apr.html", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/appdev/introduction.html", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/listeners.html", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/SessionExample", + "method": "POST", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/class-loader-howto.html", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/RequestParamExample", + "method": "POST", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspx/textRotate.jspx.html", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/helloworld.html", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/sessions/carts.html", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/security-howto.html", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/jasper-howto.html", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/misc/config.jsp.html", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster-interceptor.html", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/index.html", + "method": "GET", + }, + ], + }, + "id": "7e32d4f4-97e2-4d72-8aaf-cd3170096b85", + }, + { + "name": "X-Frame-Options Header Not Set", + "description": "X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.", + "category": "X-Frame-Options Header Not Set", + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "MEDIUM", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "2", + "zap_count": "280", + "zap_solution": "Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).", + "zap_otherinfo": null, + "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options", + "zap_cweid": "16", + "zap_wascid": "15", + "zap_riskcode": "2", + "zap_pluginid": "10020", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/rewrite.html", + "method": "GET", + "param": "X-Frame-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/mbean-names.html", + "method": "GET", + "param": "X-Frame-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/faq.html", + "method": "GET", + "param": "X-Frame-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/include/include.jsp.html", + "method": "GET", + "param": "X-Frame-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster.html", + "method": "GET", + "param": "X-Frame-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/automatic-deployment.html", + "method": "GET", + "param": "X-Frame-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/colors/colors.html", + "method": "GET", + "param": "X-Frame-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/tagfiles/hello.jsp", + "method": "GET", + "param": "X-Frame-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspattribute/shuffle.jsp.html", + "method": "GET", + "param": "X-Frame-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/index.xhtml", + "method": "GET", + "param": "X-Frame-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/cluster-howto.html", + "method": "GET", + "param": "X-Frame-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/echo.xhtml", + "method": "GET", + "param": "X-Frame-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsptoserv/jts.html", + "method": "GET", + "param": "X-Frame-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/simpletag/foo.html", + "method": "GET", + "param": "X-Frame-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/Functions.java.html", + "method": "GET", + "param": "X-Frame-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/tagplugin/choose.jsp", + "method": "GET", + "param": "X-Frame-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/interceptors.html", + "method": "GET", + "param": "X-Frame-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/fs-jndi-realm.html", + "method": "GET", + "param": "X-Frame-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/dates/date.html", + "method": "GET", + "param": "X-Frame-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/RequestHeaderExample", + "method": "GET", + "param": "X-Frame-Options", + }, + ], + }, + "id": "81e0f441-e995-415e-a2fb-3888029538d3", + }, + { + "name": 'Server Leaks Version Information via "Server" HTTP Response Header Field', + "description": 'The web/application server is leaking version information via the "Server" HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.', + "category": 'Server Leaks Version Information via "Server" HTTP Response Header Field', + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "LOW", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "3", + "zap_count": "337", + "zap_solution": 'Ensure that your web server, application server, load balancer, etc. is configured to suppress the "Server" header or provide generic details.', + "zap_otherinfo": null, + "zap_reference": "http://httpd.apache.org/docs/current/mod/core.html#servertokenshttp://msdn.microsoft.com/en-us/library/ff648552.aspx#ht_urlscan_007http://blogs.msdn.com/b/varunm/archive/2013/04/23/remove-unwanted-http-response-headers.aspxhttp://www.troyhunt.com/2012/02/shhh-dont-let-your-response-headers.html", + "zap_cweid": "200", + "zap_wascid": "13", + "zap_riskcode": "1", + "zap_pluginid": "10036", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/filter.html", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/num/numguess.jsp.html", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/implicit-objects.html", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/cal/cal2.jsp.html", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/appdev/index.html", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/hello.html", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/book.jsp.html", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/basic-comparisons.jsp.html", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/http.html", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/developers.html", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/maven-jars.html", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/service.html", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/mbeans-descriptors-howto.html", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/chat.xhtml", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/api/org/apache/catalina/Host.html", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/snp/snoop.jsp.html", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/functions.jsp.html", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspattribute/shuffle.html", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/tagplugin/foreach.jsp", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/fs-admin-objects.html", + "method": "GET", + "evidence": "Apache-Coyote/1.1", + }, + ], + }, + "id": "bbd6f2df-c5b0-4f0e-aeed-11936f32b826", + }, + { + "name": "Timestamp Disclosure - Unix", + "description": "A timestamp was disclosed by the application/web server - Unix", + "category": "Timestamp Disclosure - Unix", + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "1", + "zap_count": "51", + "zap_solution": "Manually confirm that the timestamp data is not sensitive, and that the data cannot be aggregated to disclose exploitable patterns.", + "zap_otherinfo": "0000000039, which evaluates to: 1970-01-01 00:00:39", + "zap_reference": "http://projects.webappsec.org/w/page/13246936/Information%20Leakage", + "zap_cweid": "200", + "zap_wascid": "13", + "zap_riskcode": "0", + "zap_pluginid": "10096", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", + "method": "GET", + "evidence": "0000000039", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", + "method": "GET", + "evidence": "0000000008", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", + "method": "GET", + "evidence": "0000014963", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", + "method": "GET", + "evidence": "0000018373", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/snp/snoop.jsp", + "method": "GET", + "evidence": "20100101", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", + "method": "GET", + "evidence": "0000000018", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", + "method": "GET", + "evidence": "0000005503", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", + "method": "GET", + "evidence": "0000000026", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", + "method": "GET", + "evidence": "0000015294", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", + "method": "GET", + "evidence": "0000016347", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", + "method": "GET", + "evidence": "0000002280", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", + "method": "GET", + "evidence": "0000043589", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", + "method": "GET", + "evidence": "0000015448", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", + "method": "GET", + "evidence": "0000007734", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", + "method": "GET", + "evidence": "0000010013", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/manager-howto.html", + "method": "GET", + "evidence": "46800300", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", + "method": "GET", + "evidence": "0000005214", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", + "method": "GET", + "evidence": "0000043442", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", + "method": "GET", + "evidence": "0000005368", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", + "method": "GET", + "evidence": "0000000301", + }, + ], + }, + "id": "322a8f55-aac1-4e2b-8ef5-1da7c9f89497", + }, + { + "name": "Reverse Tabnabbing", + "description": 'At least one link on this page is vulnerable to Reverse tabnabbing as it uses a target attribute without using both of the "noopener" and "noreferrer" keywords in the "rel" attribute, which allows the target page to take control of this page.', + "category": "Reverse Tabnabbing", + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "MEDIUM", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "2", + "zap_count": "102", + "zap_solution": 'Do not use a target attribute, or if you have to then also add the attribute: rel="noopener noreferrer".', + "zap_otherinfo": null, + "zap_reference": "https://owasp.org/www-community/attacks/Reverse_Tabnabbinghttps://dev.to/ben/the-targetblank-vulnerability-by-examplehttps://mathiasbynens.github.io/rel-noopener/https://medium.com/@jitbit/target-blank-the-most-underestimated-vulnerability-ever-96e328301f4c", + "zap_cweid": null, + "zap_wascid": null, + "zap_riskcode": "2", + "zap_pluginid": "10108", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/class-loader-howto.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/virtual-hosting-howto.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster-valve.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/windows-service-howto.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster-manager.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/apr.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/connectors.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/security-howto.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster-channel.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/jasper-howto.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/transport.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/status.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/appdev/processes.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/realm.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/index.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/building.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/introduction.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/systemprops.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/membership.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster-deployer.html", + "method": "GET", + "evidence": 'The Apache Software Foundation', + }, + ], + }, + "id": "3c92d43d-c321-47bc-a75d-8823cb69a4b9", + }, + { + "name": "X-Content-Type-Options Header Missing", + "description": "The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.", + "category": "X-Content-Type-Options Header Missing", + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "LOW", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "2", + "zap_count": "316", + "zap_solution": "Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.", + "zap_otherinfo": 'This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.At "High" threshold this scanner will not alert on client or server error responses.', + "zap_reference": "http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspxhttps://owasp.org/www-community/Security_Headers", + "zap_cweid": "16", + "zap_wascid": "15", + "zap_riskcode": "1", + "zap_pluginid": "10021", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsptoserv/jts.html", + "method": "GET", + "param": "X-Content-Type-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/automatic-deployment.html", + "method": "GET", + "param": "X-Content-Type-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/mbean-names.html", + "method": "GET", + "param": "X-Content-Type-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/include/include.jsp.html", + "method": "GET", + "param": "X-Content-Type-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/rewrite.html", + "method": "GET", + "param": "X-Content-Type-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster.html", + "method": "GET", + "param": "X-Content-Type-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/basic-arithmetic.jsp", + "method": "GET", + "param": "X-Content-Type-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/tomcat.png", + "method": "GET", + "param": "X-Content-Type-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/colors/colors.html", + "method": "GET", + "param": "X-Content-Type-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/images/asf-feather.png", + "method": "GET", + "param": "X-Content-Type-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/fs-admin-apps.html", + "method": "GET", + "param": "X-Content-Type-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/introduction.html", + "method": "GET", + "param": "X-Content-Type-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/faq.html", + "method": "GET", + "param": "X-Content-Type-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/servletapi/index.html", + "method": "GET", + "param": "X-Content-Type-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/misc/dynamicattrs.jsp.html", + "method": "GET", + "param": "X-Content-Type-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/building.html", + "method": "GET", + "param": "X-Content-Type-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspattribute/shuffle.jsp.html", + "method": "GET", + "param": "X-Content-Type-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/images/code.gif", + "method": "GET", + "param": "X-Content-Type-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster-receiver.html", + "method": "GET", + "param": "X-Content-Type-Options", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/deployer-howto.html", + "method": "GET", + "param": "X-Content-Type-Options", + }, + ], + }, + "id": "8843596f-ab70-4385-ad6d-604677c9014f", + }, + { + "name": "Absence of Anti-CSRF Tokens", + "description": "No Anti-CSRF tokens were found in a HTML submission form.A cross-site request forgery is an attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge or intent in order to perform an action as the victim. The underlying cause is application functionality using predictable URL/form actions in a repeatable way. The nature of the attack is that CSRF exploits the trust that a web site has for a user. By contrast, cross-site scripting (XSS) exploits the trust that a user has for a web site. Like XSS, CSRF attacks are not necessarily cross-site, but they can be. Cross-site request forgery is also known as CSRF, XSRF, one-click attack, session riding, confused deputy, and sea surf.CSRF attacks are effective in a number of situations, including: * The victim has an active session on the target site. * The victim is authenticated via HTTP auth on the target site. * The victim is on the same local network as the target site.CSRF has primarily been used to perform an action against a target site using the victim's privileges, but recent techniques have been discovered to disclose information by gaining access to the response. The risk of information disclosure is dramatically increased when the target site is vulnerable to XSS, because XSS can be used as a platform for CSRF, allowing the attack to operate within the bounds of the same-origin policy.", + "category": "Absence of Anti-CSRF Tokens", + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "LOW", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "2", + "zap_count": "29", + "zap_solution": "Phase: Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.For example, use anti-CSRF packages such as the OWASP CSRFGuard.Phase: ImplementationEnsure that your application is free of cross-site scripting issues, because most CSRF defenses can be bypassed using attacker-controlled script.Phase: Architecture and DesignGenerate a unique nonce for each form, place the nonce into the form, and verify the nonce upon receipt of the form. Be sure that the nonce is not predictable (CWE-330).Note that this can be bypassed using XSS.Identify especially dangerous operations. When the user performs a dangerous operation, send a separate confirmation request to ensure that the user intended to perform that operation.Note that this can be bypassed using XSS.Use the ESAPI Session Management control.This control includes a component for CSRF.Do not use the GET method for any request that triggers a state change.Phase: ImplementationCheck the HTTP Referer header to see if the request originated from an expected page. This could break legitimate functionality, because users or proxies may have disabled sending the Referer for privacy reasons.", + "zap_otherinfo": 'No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret] was found in the following HTML form: [Form 1: "guess" ].', + "zap_reference": "http://projects.webappsec.org/Cross-Site-Request-Forgeryhttp://cwe.mitre.org/data/definitions/352.html", + "zap_cweid": "352", + "zap_wascid": "9", + "zap_riskcode": "1", + "zap_pluginid": "10202", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/num/numguess.jsp", + "method": "GET", + "evidence": "", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/SessionExample?dataname=foo&datavalue=bar", + "method": "GET", + "evidence": '', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/sessions/carts.html", + "method": "GET", + "evidence": "", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/cal/cal1.jsp?action=Submit&email=ZAP&name=ZAP", + "method": "GET", + "evidence": "", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/CookieExample", + "method": "POST", + "evidence": '', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/SessionExample", + "method": "GET", + "evidence": '', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/SessionExample?dataname=ZAP&datavalue=ZAP", + "method": "GET", + "evidence": '', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/checkbox/check.html", + "method": "GET", + "evidence": "", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/error/error.html", + "method": "GET", + "evidence": "", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/sessions/carts.jsp?item=X-files+movie&submit=add", + "method": "GET", + "evidence": "", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/implicit-objects.jsp?foo=bar", + "method": "GET", + "evidence": '', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/security/protected/index.jsp", + "method": "GET", + "evidence": '', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/RequestParamExample", + "method": "POST", + "evidence": '', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/functions.jsp?foo=JSP+2.0", + "method": "GET", + "evidence": '', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/nonblocking/bytecounter.html", + "method": "GET", + "evidence": '', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/colors/colors.html", + "method": "GET", + "evidence": "", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/SessionExample", + "method": "GET", + "evidence": '', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/cal/login.html", + "method": "GET", + "evidence": "", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/num/numguess.jsp?guess=ZAP", + "method": "GET", + "evidence": "", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/sessions/carts.jsp?item=X-files+movie&submit=remove", + "method": "GET", + "evidence": "", + }, + ], + }, + "id": "7e0751eb-ae31-4686-b0b5-53df0e00ea4b", + }, + { + "name": "User Controllable HTML Element Attribute (Potential XSS)", + "description": "This check looks at user-supplied input in query string parameters and POST data to identify where certain HTML attribute values might be controlled. This provides hot-spot detection for XSS (cross-site scripting) that will require further review by a security analyst to determine exploitability.", + "category": "User Controllable HTML Element Attribute (Potential XSS)", + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "1", + "zap_count": "7", + "zap_solution": "Validate all input and sanitize output it before writing to any HTML attributes.", + "zap_otherinfo": "User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL:http://bodgeit.demo-targets.svc:8080/examples/jsp/colors/colrs.jsp?action=Hint&color1=ZAP&color2=ZAPappears to include user input in: a(n) [input] tag [value] attribute The user input found was:action=HintThe user-controlled value was:hint", + "zap_reference": "http://websecuritytool.codeplex.com/wikipage?title=Checks#user-controlled-html-attribute", + "zap_cweid": "20", + "zap_wascid": "20", + "zap_riskcode": "0", + "zap_pluginid": "10031", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/colors/colrs.jsp?action=Hint&color1=ZAP&color2=ZAP", + "method": "GET", + "param": "action", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/colors/colrs.jsp?action=Submit&color1=ZAP&color2=ZAP", + "method": "GET", + "param": "action", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/functions.jsp?foo=JSP+2.0", + "method": "GET", + "param": "foo", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/implicit-objects.jsp?foo=bar", + "method": "GET", + "param": "foo", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/sessions/carts.jsp?item=X-files+movie&submit=remove", + "method": "GET", + "param": "submit", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/colors/colrs.jsp?action=Submit&color1=ZAP&color2=ZAP", + "method": "GET", + "param": "action", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/sessions/carts.jsp?item=X-files+movie&submit=add", + "method": "GET", + "param": "submit", + }, + ], + }, + "id": "1139b86b-5eb2-4ef9-b5f3-24beeedafbf2", + }, + { + "name": "Private IP Disclosure", + "description": "A private IP (such as 10.x.x.x, 172.x.x.x, 192.168.x.x) or an Amazon EC2 private hostname (for example, ip-10-0-56-78) has been found in the HTTP response body. This information might be helpful for further attacks targeting internal systems.", + "category": "Private IP Disclosure", + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "LOW", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "2", + "zap_count": "4", + "zap_solution": "Remove the private IP address from the HTTP response body. For comments, use JSP/ASP/PHP comment instead of HTML/JavaScript comment which can be seen by client browsers.", + "zap_otherinfo": "10.1.20.26", + "zap_reference": "https://tools.ietf.org/html/rfc1918", + "zap_cweid": "200", + "zap_wascid": "13", + "zap_riskcode": "1", + "zap_pluginid": "2", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/RequestInfoExample", + "method": "GET", + "evidence": "10.1.20.26", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/snp/snoop.jsp", + "method": "GET", + "evidence": "10.1.20.26", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/filter.html", + "method": "GET", + "evidence": "192.168.0.10", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/monitoring.html", + "method": "GET", + "evidence": "192.168.1.75", + }, + ], + }, + "id": "32b8e793-7258-4e6b-bc60-f13ab05dc489", + }, + { + "name": "Application Error Disclosure", + "description": "This page contains an error/warning message that may disclose sensitive information like the location of the file that produced the unhandled exception. This information can be used to launch further attacks against the web application. The alert could be a false positive if the error message is found inside a documentation page.", + "category": "Application Error Disclosure", + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "MEDIUM", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "2", + "zap_count": "5", + "zap_solution": "Review the source code of this page. Implement custom error pages. Consider implementing a mechanism to provide a unique error reference/identifier to the client (browser) while logging the details on the server side and not exposing them to the user.", + "zap_otherinfo": null, + "zap_reference": null, + "zap_cweid": "200", + "zap_wascid": "13", + "zap_riskcode": "2", + "zap_pluginid": "90022", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/jndi-resources-howto.html", + "method": "GET", + "evidence": "JDBC Driver", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/manager-howto.html", + "method": "GET", + "evidence": "java.lang.NumberFormatException: For input string:", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/jndi-datasource-examples-howto.html", + "method": "GET", + "evidence": "JDBC Driver", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/listeners.html", + "method": "GET", + "evidence": "JDBC Driver", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/valve.html", + "method": "GET", + "evidence": "Error Report", + }, + ], + }, + "id": "13184616-ff12-4785-8c31-1c9d9d11942a", + }, + { + "name": "Modern Web Application", + "description": "The application appears to be a modern web application. If you need to explore it automatically then the Ajax Spider may well be more effective than the standard one.", + "category": "Modern Web Application", + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "2", + "zap_count": "4", + "zap_solution": "This is an informational alert and so no changes are required.", + "zap_otherinfo": "No links have been found while there are scripts, which is an indication that this is a modern web application.", + "zap_reference": null, + "zap_cweid": null, + "zap_wascid": null, + "zap_riskcode": "0", + "zap_pluginid": "10109", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/echo.xhtml", + "method": "GET", + "evidence": "", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/drawboard.xhtml", + "method": "GET", + "evidence": "", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/snake.xhtml", + "method": "GET", + "evidence": "", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/chat.xhtml", + "method": "GET", + "evidence": "", + }, + ], + }, + "id": "d6dc3899-b3fc-46cd-b544-590badef18fc", + }, + { + "name": "Weak Authentication Method", + "description": "HTTP basic or digest authentication has been used over an unsecured connection. The credentials can be read and then reused by someone with access to the network.", + "category": "Weak Authentication Method", + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "MEDIUM", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "2", + "zap_count": "3", + "zap_solution": "Protect the connection using HTTPS or use a stronger authentication mechanism", + "zap_otherinfo": null, + "zap_reference": "https://cheatsheetseries.owasp.org/cheatsheets/Authentication_Cheat_Sheet.html", + "zap_cweid": "326", + "zap_wascid": "4", + "zap_riskcode": "2", + "zap_pluginid": "10105", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/manager/html", + "method": "GET", + "evidence": 'WWW-Authenticate: Basic realm="Tomcat Manager Application"', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/manager/status", + "method": "GET", + "evidence": 'WWW-Authenticate: Basic realm="Tomcat Manager Application"', + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/host-manager/html", + "method": "GET", + "evidence": 'WWW-Authenticate: Basic realm="Tomcat Host Manager Application"', + }, + ], + }, + "id": "ed7e142a-ea90-4cff-9bfa-214eb99fdf91", + }, + { + "name": "Content-Type Header Missing", + "description": "The Content-Type header was either missing or empty.", + "category": "Content-Type Header Missing", + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "2", + "zap_count": "2", + "zap_solution": "Ensure each page is setting the specific and appropriate content-type value for the content being delivered.", + "zap_otherinfo": null, + "zap_reference": "http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx", + "zap_cweid": "345", + "zap_wascid": "12", + "zap_riskcode": "0", + "zap_pluginid": "10019", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/appdev/sample/sample.war", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/async/async2", + "method": "GET", + }, + ], + }, + "id": "e56b88b8-68cd-4b11-b826-208126850a87", + }, + { + "name": "Cookie Without SameSite Attribute", + "description": "A cookie has been set without the SameSite attribute, which means that the cookie can be sent as a result of a 'cross-site' request. The SameSite attribute is an effective counter measure to cross-site request forgery, cross-site script inclusion, and timing attacks.", + "category": "Cookie Without SameSite Attribute", + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "LOW", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "2", + "zap_count": "4", + "zap_solution": "Ensure that the SameSite attribute is set to either 'lax' or ideally 'strict' for all cookies.", + "zap_otherinfo": null, + "zap_reference": "https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site", + "zap_cweid": "16", + "zap_wascid": "13", + "zap_riskcode": "1", + "zap_pluginid": "10054", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/security/protected/index.jsp", + "method": "GET", + "param": "JSESSIONID", + "evidence": "Set-Cookie: JSESSIONID", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/basic-arithmetic.jsp", + "method": "GET", + "param": "JSESSIONID", + "evidence": "Set-Cookie: JSESSIONID", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/basic-comparisons.jsp", + "method": "GET", + "param": "JSESSIONID", + "evidence": "Set-Cookie: JSESSIONID", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/CookieExample", + "method": "POST", + "param": "ZAP", + "evidence": "Set-Cookie: ZAP", + }, + ], + }, + "id": "fcbdde04-17da-482c-9c68-e9a3b8cdf1fb", + }, + { + "name": "Cookie Poisoning", + "description": "This check looks at user-supplied input in query string parameters and POST data to identify where cookie parameters might be controlled. This is called a cookie poisoning attack, and becomes exploitable when an attacker can manipulate the cookie in various ways. In some cases this will not be exploitable, however, allowing URL parameters to set cookie values is generally considered a bug.", + "category": "Cookie Poisoning", + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "1", + "zap_count": "2", + "zap_solution": "Do not allow user input to control cookie names and values. If some query string parameters must be set in cookie values, be sure to filter out semicolon's that can serve as name/value pair delimiters.", + "zap_otherinfo": "An attacker may be able to poison cookie values through POST parameters. To test if this is a more serious issue, you should try resending that request as a GET, with the POST parameter included as a query string parameter. For example: http://nottrusted.com/page?value=maliciousInput.This was identified at:http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/CookieExampleUser-input was found in the following cookie:ZAP=ZAP; Path=/examples/The user input was:cookievalue=ZAP", + "zap_reference": "http://websecuritytool.codeplex.com/wikipage?title=Checks#user-controlled-cookie", + "zap_cweid": "20", + "zap_wascid": "20", + "zap_riskcode": "0", + "zap_pluginid": "10029", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/CookieExample", + "method": "POST", + "param": "cookievalue", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/CookieExample", + "method": "POST", + "param": "cookiename", + }, + ], + }, + "id": "f548884e-276e-4631-a32d-1ee3a803e031", + }, + { + "name": "Information Disclosure - Suspicious Comments", + "description": "The response appears to contain suspicious comments which may help an attacker. Note: Matches made within script blocks or files are against the entire content not only comments.", + "category": "Information Disclosure - Suspicious Comments", + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "1", + "zap_count": "5", + "zap_solution": "Remove all comments that return information that may help an attacker and fix any underlying problems they refer to.", + "zap_otherinfo": "The following comment/snippet was identified via the pattern: \\bADMIN\\b \"use strict\"; // Enable strict mode (function() { var thisScript = document.currentScript; if (!thisScript) { // Workaround for IE var scripts = document.getElementsByTagName(\"script\"); thisScript = scripts[scripts.length - 1]; } document.addEventListener(\"DOMContentLoaded\", (function() { var commentsDiv = document.getElementById(\"comments_thread\"); var commentsShortname = \"tomcat\"; var commentsIdentifier = \"http://tomcat.apache.org/\" + thisScript.getAttribute(\"data-comments-identifier\") + \".html\"; (function(w, d) { if (w.location.hostname.toLowerCase() == \"tomcat.apache.org\") { var s = d.createElement(\"script\"); s.type = \"application/javascript\"; s.async = true; s.src = \"https://comments.apache.org/show_comments.lua?site=\" + encodeURIComponent(commentsShortname) + \"&page=\" + encodeURIComponent(commentsIdentifier); d.head.appendChild(s); } else { commentsDiv.appendChild(d.createTextNode(\"Comments are disabled for this page at the moment.\")); } })(window, document); }), false); })(); ", + "zap_reference": null, + "zap_cweid": "200", + "zap_wascid": "13", + "zap_riskcode": "0", + "zap_pluginid": "10027", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/fs-admin-opers.html", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/drawboard.xhtml", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/fs-admin-objects.html", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/echo.xhtml", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/fs-admin-apps.html", + "method": "GET", + }, + ], + }, + "id": "3d9212bf-54d8-4be4-8c47-18c7f006dee7", + }, + { + "name": "Cookie No HttpOnly Flag", + "description": "A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.", + "category": "Cookie No HttpOnly Flag", + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "LOW", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "2", + "zap_count": "1", + "zap_solution": "Ensure that the HttpOnly flag is set for all cookies.", + "zap_otherinfo": null, + "zap_reference": "https://owasp.org/www-community/HttpOnly", + "zap_cweid": "16", + "zap_wascid": "13", + "zap_riskcode": "1", + "zap_pluginid": "10010", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/CookieExample", + "method": "POST", + "param": "ZAP", + "evidence": "Set-Cookie: ZAP", + }, + ], + }, + "id": "7854eea8-b291-4273-ab3a-4ada6ba472f2", + }, + { + "name": "Information Disclosure - Suspicious Comments", + "description": "The response appears to contain suspicious comments which may help an attacker. Note: Matches made within script blocks or files are against the entire content not only comments.", + "category": "Information Disclosure - Suspicious Comments", + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "INFORMATIONAL", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "2", + "zap_count": "2", + "zap_solution": "Remove all comments that return information that may help an attacker and fix any underlying problems they refer to.", + "zap_otherinfo": "The following comment/snippet was identified via the pattern: \\bADMINISTRATOR\\b String constants used within your application, which can be customized by the system administrator who is installing your application. The values actually assigned to these parameters can be retrieved in a servlet or JSP page by calling: String value = getServletContext().getInitParameter(\"name\"); where \"name\" matches the element of one of these initialization parameters. You can define any number of context initialization parameters, including zero. -->The following comment/snippet was identified via the pattern: \\bWHERE\\b your web application, including initialization parameters. With Tomcat, you can also send requests to servlets not listed here with a request like this: http://localhost:8080/{context-path}/servlet/{classname} but this usage is not guaranteed to be portable. It also makes relative references to images and other resources required by your servlet more complicated, so defining all of your servlets (and defining a mapping to them with a servlet-mapping element) is recommended. Servlet initialization parameters can be retrieved in a servlet or JSP page by calling: String value = getServletConfig().getInitParameter(\"name\"); where \"name\" matches the element of one of these initialization parameters. You can define any number of servlets, including zero. -->The following comment/snippet was identified via the pattern: \\bFROM\\b in minutes. From a servlet or JSP page, you can modify the timeout for a particular session dynamically by using HttpSession.getMaxInactiveInterval(). -->", + "zap_reference": null, + "zap_cweid": "200", + "zap_wascid": "13", + "zap_riskcode": "0", + "zap_pluginid": "10027", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/appdev/web.xml.txt", + "method": "GET", + }, + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/appdev/build.xml.txt", + "method": "GET", + }, + ], + }, + "id": "dbf95dc8-8a08-43a6-86c7-e34e892410d4", + }, + { + "name": "Application Error Disclosure", + "description": "This page contains an error/warning message that may disclose sensitive information like the location of the file that produced the unhandled exception. This information can be used to launch further attacks against the web application. The alert could be a false positive if the error message is found inside a documentation page.", + "category": "Application Error Disclosure", + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "LOW", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "2", + "zap_count": "1", + "zap_solution": "Review the source code of this page. Implement custom error pages. Consider implementing a mechanism to provide a unique error reference/identifier to the client (browser) while logging the details on the server side and not exposing them to the user.", + "zap_otherinfo": null, + "zap_reference": null, + "zap_cweid": "200", + "zap_wascid": "13", + "zap_riskcode": "1", + "zap_pluginid": "90022", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/error/err.jsp?name=bmw328i&submit=Submit", + "method": "GET", + "evidence": "HTTP/1.1 500 Internal Server Error", + }, + ], + }, + "id": "bfe66cec-6da6-474c-933e-683c2c9fffbf", + }, + { + "name": "Information Disclosure - Debug Error Messages", + "description": "The response appeared to contain common error messages returned by platforms such as ASP.NET, and Web-servers such as IIS and Apache. You can configure the list of common debug messages.", + "category": "Information Disclosure - Debug Error Messages", + "location": "http://bodgeit.demo-targets.svc:8080", + "osi_layer": "APPLICATION", + "severity": "LOW", + "attributes": + { + "host": "bodgeit.demo-targets.svc", + "zap_confidence": "2", + "zap_count": "1", + "zap_solution": "Disable debugging messages before pushing to production.", + "zap_otherinfo": null, + "zap_reference": null, + "zap_cweid": "200", + "zap_wascid": "13", + "zap_riskcode": "1", + "zap_pluginid": "10023", + "zap_finding_urls": + [ + { + "uri": "http://bodgeit.demo-targets.svc:8080/docs/changelog.html", + "method": "GET", + "evidence": "internal server error", + }, + ], + }, + "id": "325de9a9-63f3-4ec1-a6aa-fd0e1eeae7c4", + }, ] diff --git a/scanners/zap/examples/demo-bodgeit-full-scan/findings.yaml b/scanners/zap/examples/demo-bodgeit-full-scan/findings.yaml index cbb4ff2907..4bd29e86b9 100644 --- a/scanners/zap/examples/demo-bodgeit-full-scan/findings.yaml +++ b/scanners/zap/examples/demo-bodgeit-full-scan/findings.yaml @@ -3,2956 +3,3036 @@ # SPDX-License-Identifier: Apache-2.0 [ - { - "name": "HTTP Only Site", - "description": "The site is only served under HTTP and not HTTPS.", - "category": "HTTP Only Site", - "location": "https://bodgeit.demo-targets.svc", - "osi_layer": "APPLICATION", - "severity": "MEDIUM", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "1", - "zap_solution": "Configure your web or application server to use SSL (https).", - "zap_otherinfo": "Failed to connect.ZAP attempted to connect via: https://bodgeit.demo-targets.svc:443", - "zap_reference": "https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Protection_Cheat_Sheet.htmlhttps://letsencrypt.org/", - "zap_cweid": "311", - "zap_wascid": "4", - "zap_riskcode": "2", - "zap_pluginid": "10106", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080", - "method": "GET" - } - ] - }, - "id": "f8f1514f-17ea-4227-9d7f-9c46f35ff798" - }, - { - "name": "Insecure HTTP Method - PUT", - "description": "This method was originally intended for file managemant operations. It is now most commonly used in REST services, PUT is most-often utilized for **update** capabilities, PUT-ing to a known resource URI with the request body containing the newly-updated representation of the original resource..", - "category": "Insecure HTTP Method - PUT", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "MEDIUM", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "323", - "zap_solution": "TBA", - "zap_otherinfo": "See the discussion on stackexchange: https://security.stackexchange.com/questions/21413/how-to-exploit-http-methods, for understanding REST operations see http://www.restapitutorial.com/lessons/httpmethods.html", - "zap_reference": "http://projects.webappsec.org/Fingerprinting", - "zap_cweid": "200", - "zap_wascid": "45", - "zap_riskcode": "2", - "zap_pluginid": "90028", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/misc/EchoAttributesTag.java.html/s8uclk08bz", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/snp/snoop.html/tzuj5ogtbx", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/forward/fwd.html/3t6zfqtnqe", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/appdev/x351y6uhoj", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/api/org/apache/catalina/manager/psvhs1vz88", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsptoserv/jts.html/dd6wfwbmkl", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsptoserv/ServletToJsp.java.html/3vdg6c89rv", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsptoserv/ktyhhbonqd", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/cal/calendar.html/7rx7ih6pz8", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/composite.jsp.html/2sw49hyduf", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/fs-jndi-realm.html/oz35t93hex", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster-interceptor.html/7b3iipmfhp", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/tagfiles/panel.html/o7g7pdpkkz", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/api/org/apache/catalina/tribes/package-summary.html/q94lxax2bm", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/jspapi/tu7ozpyxxx", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/tagfiles/helloWorld.tag.html/wch3hc25o5", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/implicit-objects.html/fzjtgyhfrt", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/aio.html/737jz15t5z", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/transport.html/tme98v7qo3", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/appdev/web.xml.txt/3feawr1mrb", - "method": "PUT", - "evidence": "response code 403 for potentially insecure HTTP METHOD" - } - ] - }, - "id": "36058f3d-b8e3-4a79-9672-63a8fca166cc" - }, - { - "name": "User Agent Fuzzer", - "description": "Check for differences in response based on fuzzed User Agent (eg. mobile sites, access as a Search Engine Crawler). Compares the response statuscode and the hashcode of the response body with the original response.", - "category": "User Agent Fuzzer", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "INFORMATIONAL", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "455", - "zap_solution": null, - "zap_otherinfo": null, - "zap_reference": "https://owasp.org/wstg", - "zap_cweid": null, - "zap_wascid": null, - "zap_riskcode": "0", - "zap_pluginid": "10104", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspattribute", - "method": "GET", - "param": "Header User-Agent", - "attack": "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/appdev", - "method": "GET", - "param": "Header User-Agent", - "attack": "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/chat", - "method": "GET", - "param": "Header User-Agent", - "attack": "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/host-manager", - "method": "GET", - "param": "Header User-Agent", - "attack": "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/servletapi", - "method": "GET", - "param": "Header User-Agent", - "attack": "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/requestProcess", - "method": "GET", - "param": "Header User-Agent", - "attack": "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag", - "method": "GET", - "param": "Header User-Agent", - "attack": "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/checkbox", - "method": "GET", - "param": "Header User-Agent", - "attack": "Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/snp", - "method": "GET", - "param": "Header User-Agent", - "attack": "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/RequestHeaderExample", - "method": "GET", - "param": "Header User-Agent", - "attack": "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/elapi", - "method": "GET", - "param": "Header User-Agent", - "attack": "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/snp/snoop.jsp", - "method": "GET", - "param": "Header User-Agent", - "attack": "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/appdev/sample", - "method": "GET", - "param": "Header User-Agent", - "attack": "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/security", - "method": "GET", - "param": "Header User-Agent", - "attack": "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspattribute/shuffle.jsp", - "method": "GET", - "param": "Header User-Agent", - "attack": "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2", - "method": "GET", - "param": "Header User-Agent", - "attack": "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/tagfiles", - "method": "GET", - "param": "Header User-Agent", - "attack": "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/websocketapi", - "method": "GET", - "param": "Header User-Agent", - "attack": "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspattribute", - "method": "GET", - "param": "Header User-Agent", - "attack": "msnbot/1.1 (+http://search.msn.com/msnbot.htm)" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/host-manager", - "method": "GET", - "param": "Header User-Agent", - "attack": "msnbot/1.1 (+http://search.msn.com/msnbot.htm)" - } - ] - }, - "id": "a011c334-3762-45ef-ad72-16e58bf826e4" - }, - { - "name": "Server Leaks Version Information via \"Server\" HTTP Response Header Field", - "description": "The web/application server is leaking version information via the \"Server\" HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.", - "category": "Server Leaks Version Information via \"Server\" HTTP Response Header Field", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "3", - "zap_count": "337", - "zap_solution": "Ensure that your web server, application server, load balancer, etc. is configured to suppress the \"Server\" header or provide generic details.", - "zap_otherinfo": null, - "zap_reference": "http://httpd.apache.org/docs/current/mod/core.html#servertokenshttp://msdn.microsoft.com/en-us/library/ff648552.aspx#ht_urlscan_007http://blogs.msdn.com/b/varunm/archive/2013/04/23/remove-unwanted-http-response-headers.aspxhttp://www.troyhunt.com/2012/02/shhh-dont-let-your-response-headers.html", - "zap_cweid": "200", - "zap_wascid": "13", - "zap_riskcode": "1", - "zap_pluginid": "10036", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/implicit-objects.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/appdev/index.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspattribute/shuffle.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsptoserv/ServletToJsp.java.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/fs-default.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/CookieExample", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/FindBookSimpleTag.java.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/snp/snoop.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspx/basic.jspx", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/tagplugin/if.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/snp/snoop.jsp", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/cal/login.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/repeat.jsp", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/jndi-resources-howto.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/status.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/SessionExample;jsessionid=6E125575EE927DEA79BD6D83AF048EC5?dataname=foo&datavalue=bar", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/checkbox/checkresult.jsp?fruit=apples&submit=Submit", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/cookies.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/plugin/plugin.jsp", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/monitoring.html", - "method": "GET", - "evidence": "Apache-Coyote/1.1" - } - ] - }, - "id": "b0ce669e-58c4-498a-a276-8d3a13c148d6" - }, - { - "name": "X-Frame-Options Header Not Set", - "description": "X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.", - "category": "X-Frame-Options Header Not Set", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "MEDIUM", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "280", - "zap_solution": "Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).", - "zap_otherinfo": null, - "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options", - "zap_cweid": "16", - "zap_wascid": "15", - "zap_riskcode": "2", - "zap_pluginid": "10020", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/include/include.jsp.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/automatic-deployment.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/tagfiles/hello.jsp", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/cluster-howto.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/interceptors.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/appdev/installation.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/ValuesBean.java.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/context.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/checkbox/checkresult.jsp.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster-receiver.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/index.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/simpletag/foo.jsp.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/book.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/sessions/carts.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/realm-howto.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/ssi-howto.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/index.html", - "method": "GET", - "param": "X-Frame-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/introduction.html", - "method": "GET", - "param": "X-Frame-Options" - } - ] - }, - "id": "392b9b9b-01f7-4cb5-85f2-3b539e25a4c4" - }, - { - "name": "Feature Policy Header Not Set", - "description": "Feature Policy Header is an added layer of security that helps to restrict from unauthorized access or usage of browser/client features by web resources. This policy ensures the user privacy by limiting or specifying the features of the browsers can be used by the web resources. Feature Policy provides a set of standard HTTP headers that allow website owners to limit which features of browsers can be used by the page such as camera, microphone, location, full screen etc.", - "category": "Feature Policy Header Not Set", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "298", - "zap_solution": "Ensure that your web server, application server, load balancer, etc. is configured to set the Feature-Policy header.", - "zap_otherinfo": null, - "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policyhttps://developers.google.com/web/updates/2018/06/feature-policyhttps://scotthelme.co.uk/a-new-security-header-feature-policy/https://w3c.github.io/webappsec-feature-policy/https://www.smashingmagazine.com/2018/12/feature-policy/", - "zap_cweid": "16", - "zap_wascid": "15", - "zap_riskcode": "1", - "zap_pluginid": "10063", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/dates/date.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/index.xhtml", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/jspapi/index.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/rewrite.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/tagplugin/choose.jsp", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsptoserv/jts.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/api/index.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/fs-admin-apps.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/plugin/plugin.jsp", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/comments.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/resources.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/error/err.jsp.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/SessionExample;jsessionid=6E125575EE927DEA79BD6D83AF048EC5?dataname=foo&datavalue=bar", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/tagplugin/foreach.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/hello.jsp.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/Functions.java.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/deployer-howto.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/FindBookSimpleTag.java.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspattribute/shuffle.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/jar-scanner.html", - "method": "GET" - } - ] - }, - "id": "faf1dc34-65c0-4771-b2cd-2c92b181d263" - }, - { - "name": "Cookie Slack Detector", - "description": "Repeated GET requests: drop a different cookie each time, followed by normal request with all cookies to stabilize session, compare responses against original baseline GET. This can reveal areas where cookie based authentication/attributes are not actually enforced.", - "category": "Cookie Slack Detector", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "1", - "zap_count": "186", - "zap_solution": null, - "zap_otherinfo": "NOTE: Because of its name this cookie may be important, but dropping it appears to have no effect: [JSESSIONID] Cookies that don't have expected effects can reveal flaws in application logic. In the worst case, this can reveal where authentication via cookie token(s) is not actually enforced.These cookies affected the response: These cookies did NOT affect the response: JSESSIONID", - "zap_reference": "http://projects.webappsec.org/Fingerprinting", - "zap_cweid": "200", - "zap_wascid": "45", - "zap_riskcode": "1", - "zap_pluginid": "90027", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/images/execute.gif", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/sessions", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsptoserv/ServletToJsp.java.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/error/er.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/sessions/carts.jsp?item=X-files+movie&submit=remove", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/chat", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/num/numguess.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/checkbox/checkresult.jsp?fruit=apples&submit=Submit", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/FindBookSimpleTag.java.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/basic-arithmetic.jsp.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/Functions.java.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/colors/clr.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/images/return.gif", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/tagplugin/if.jsp.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/images/read.gif", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/composite.jsp", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/hello.jsp.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/images", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/images/execute.gif", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/tagfiles/panel.html", - "method": "GET" - } - ] - }, - "id": "19fef1b7-287a-47a9-a4e0-f2e65f7fa8d0" - }, - { - "name": "Storable and Cacheable Content", - "description": "The response contents are storable by caching components such as proxy servers, and may be retrieved directly from the cache, rather than from the origin server by the caching servers, in response to similar requests from other users. If the response data is sensitive, personal or user-specific, this may result in sensitive information being leaked. In some cases, this may even result in a user gaining complete control of the session of another user, depending on the configuration of the caching components in use in their environment. This is primarily an issue where \"shared\" caching servers such as \"proxy\" caches are configured on the local network. This configuration is typically found in corporate or educational environments, for instance.", - "category": "Storable and Cacheable Content", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "INFORMATIONAL", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "329", - "zap_solution": "Validate that the response does not contain sensitive, personal or user-specific information. If it does, consider the use of the following HTTP response headers, to limit, or prevent the content being stored and retrieved from the cache by another user:Cache-Control: no-cache, no-store, must-revalidate, privatePragma: no-cacheExpires: 0This configuration directs both HTTP 1.0 and HTTP 1.1 compliant caching servers to not store the response, and to not retrieve the response (without validation) from the cache, in response to a similar request. ", - "zap_otherinfo": "In the absence of an explicitly specified caching lifetime directive in the response, a liberal lifetime heuristic of 1 year was assumed. This is permitted by rfc7234.", - "zap_reference": "https://tools.ietf.org/html/rfc7234https://tools.ietf.org/html/rfc7231http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html (obsoleted by rfc7234)", - "zap_cweid": "524", - "zap_wascid": "13", - "zap_riskcode": "0", - "zap_pluginid": "10049", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsptoserv/jsptoservlet.jsp.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/implicit-objects.jsp?foo=bar", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/sessionidgenerator.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspattribute/jspattribute.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/composite.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/fs-memory-realm.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/cal/cal1.jsp.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/api/org/apache/catalina/Server.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/jdbc-pool.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/reqparams.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/images/update.gif", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/api/org/apache/juli/package-summary.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/include/include.jsp", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspattribute/jspattribute.jsp", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/apr.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/class-loader-howto.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/tagplugin/choose.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspx/textRotate.jspx.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/service.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/tagplugin/notes.html", - "method": "GET" - } - ] - }, - "id": "faa83cbc-a2ae-402b-9afa-3bfdcfa09c09" - }, - { - "name": "Timestamp Disclosure - Unix", - "description": "A timestamp was disclosed by the application/web server - Unix", - "category": "Timestamp Disclosure - Unix", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "INFORMATIONAL", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "1", - "zap_count": "51", - "zap_solution": "Manually confirm that the timestamp data is not sensitive, and that the data cannot be aggregated to disclose exploitable patterns.", - "zap_otherinfo": "0000000008, which evaluates to: 1970-01-01 00:00:08", - "zap_reference": "http://projects.webappsec.org/w/page/13246936/Information%20Leakage", - "zap_cweid": "200", - "zap_wascid": "13", - "zap_riskcode": "0", - "zap_pluginid": "10096", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000000008" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000018373" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000040687" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000001995" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000000017" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/book.jsp", - "method": "GET", - "evidence": "0618002251" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000000027" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000011633" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000002146" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000000039" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000014963" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000005503" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000016347" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000011768" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000015583" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/images/update.gif", - "method": "GET", - "evidence": "0123456789" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/RequestHeaderExample", - "method": "GET", - "evidence": "20100101" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000000022" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/startup/serverStartup.pdf", - "method": "GET", - "evidence": "0000014864" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/snp/snoop.jsp", - "method": "GET", - "evidence": "20100101" - } - ] - }, - "id": "749c304b-7d5f-4944-96f6-192bb0a45532" - }, - { - "name": "X-Content-Type-Options Header Missing", - "description": "The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.", - "category": "X-Content-Type-Options Header Missing", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "316", - "zap_solution": "Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.", - "zap_otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.At \"High\" threshold this scanner will not alert on client or server error responses.", - "zap_reference": "http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspxhttps://owasp.org/www-community/Security_Headers", - "zap_cweid": "16", - "zap_wascid": "15", - "zap_riskcode": "1", - "zap_pluginid": "10021", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsptoserv/jts.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/rewrite.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/fs-admin-apps.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/images/code.gif", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/deployer-howto.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/tagplugin/foreach.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/favicon.ico", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/RequestHeaderExample", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/plugin/plugin.jsp", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/websocket/index.xhtml", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/comments.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/tagplugin/choose.jsp", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/SessionExample;jsessionid=6E125575EE927DEA79BD6D83AF048EC5?dataname=foo&datavalue=bar", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspx/textRotate.jspx", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspx/textRotate.jspx.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/error/err.jsp.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/resources.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/class-loader-howto.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/FindBookSimpleTag.java.html", - "method": "GET", - "param": "X-Content-Type-Options" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/jar-scanner.html", - "method": "GET", - "param": "X-Content-Type-Options" - } - ] - }, - "id": "9504f6ac-635c-41a6-b4d4-32d69cdf6020" - }, - { - "name": "Base64 Disclosure", - "description": "Base64 encoded data was disclosed by the application/web server. Note: in the interests of performance not all base64 strings in the response were analyzed individually, the entire response should be looked at by the analyst/security team/developer(s).", - "category": "Base64 Disclosure", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "INFORMATIONAL", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "25", - "zap_solution": "Manually confirm that the Base64 data does not leak sensitive information, and that the data cannot be aggregated/used to exploit other vulnerabilities.", - "zap_otherinfo": "οΏ½οΏ½?iοΏ½.οΏ½οΏ½οΏ½kοΏ½(οΏ½kοΏ½οΏ½ά©οΏ½οΏ½\\x001e��ߊvοΏ½οΏ½;+ߍ?οΏ½w^", - "zap_reference": "http://projects.webappsec.org/w/page/13246936/Information%20Leakage", - "zap_cweid": "200", - "zap_wascid": "13", - "zap_riskcode": "0", - "zap_pluginid": "10094", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/index.html", - "method": "GET", - "evidence": "org/aboutJava/communityprocess/final/jsr340/index" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/windows-auth-howto.html", - "method": "GET", - "evidence": "com/javase/7/docs/technotes/guides/security/jgss/tutorials/Troubleshooting" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/http.html", - "method": "GET", - "evidence": "com/javase/7/docs/api/java/net/Socket" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/book.jsp.html", - "method": "GET", - "evidence": "/WEB-INF/jsp2/jsp2-example-taglib" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/jndi-datasource-examples-howto.html", - "method": "GET", - "evidence": "Oracle_8i_with_OCI_client/Introduction" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cookie-processor.html", - "method": "GET", - "evidence": "RFC_6265_Cookie_Processor_-_org" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/cluster-howto.html", - "method": "GET", - "evidence": "0-doc/api/org/apache/catalina/tribes/Channel" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/ajp.html", - "method": "GET", - "evidence": "com/javase/6/docs/api/java/net/Socket" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/jdbc-pool.html", - "method": "GET", - "evidence": "com/javase/6/docs/api/javax/sql/DataSource" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/requestProcess.html", - "method": "GET", - "evidence": "0-doc/architecture/requestProcess" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/", - "method": "GET", - "evidence": "org/aboutJava/communityprocess/final/jsr340/index" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/realm-howto.html", - "method": "GET", - "evidence": "com/javase/7/docs/technotes/guides/security/jaas/tutorials/GeneralAcnOnly" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/manager-howto.html", - "method": "GET", - "evidence": "8080/manager/text/sslConnectorCiphers" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/hello.jsp.html", - "method": "GET", - "evidence": "/WEB-INF/jsp2/jsp2-example-taglib" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/jspx/basic.jspx", - "method": "GET", - "evidence": "org/TR/xhtml-basic/xhtml-basic10" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster-sender.html", - "method": "GET", - "evidence": "com/javase/7/docs/api/java/net/Socket" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/filter.html", - "method": "GET", - "evidence": "org/Protocols/rfc2616/rfc2616-sec14" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster-interceptor.html", - "method": "GET", - "evidence": "MessageDispatch15Interceptor_Attributes" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/appdev/introduction.html", - "method": "GET", - "evidence": "org/aboutJava/communityprocess/mrel/jsr245/index2" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/fs-default.html", - "method": "GET", - "evidence": "org/aboutJava/communityprocess/final/jsr340/index" - } - ] - }, - "id": "22c9f213-8db6-4651-a9c7-486c60ef2224" - }, - { - "name": "Content Security Policy (CSP) Header Not Set", - "description": "Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page β€” covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.", - "category": "Content Security Policy (CSP) Header Not Set", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "298", - "zap_solution": "Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header, to achieve optimal browser support: \"Content-Security-Policy\" for Chrome 25+, Firefox 23+ and Safari 7+, \"X-Content-Security-Policy\" for Firefox 4.0+ and Internet Explorer 10+, and \"X-WebKit-CSP\" for Chrome 14+ and Safari 6+.", - "zap_otherinfo": null, - "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policyhttps://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.htmlhttp://www.w3.org/TR/CSP/http://w3c.github.io/webappsec/specs/content-security-policy/csp-specification.dev.htmlhttp://www.html5rocks.com/en/tutorials/security/content-security-policy/http://caniuse.com/#feat=contentsecuritypolicyhttp://content-security-policy.com/", - "zap_cweid": "16", - "zap_wascid": "15", - "zap_riskcode": "1", - "zap_pluginid": "10038", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/connectors.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/listeners.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/helloworld.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/plugin/plugin.jsp.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/virtual-hosting-howto.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/tagfiles/products.jsp.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/simpletag/hello.jsp", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/websocketapi/index.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/windows-auth-howto.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/dates/date.jsp.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/misc/dynamicattrs.jsp.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/xml/xml.jsp", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/architecture/index.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/elapi/index.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/composite.jsp", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/introduction.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/checkbox/check.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/windows-service-howto.html", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080", - "method": "GET" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/server.html", - "method": "GET" - } - ] - }, - "id": "baf81020-3f58-4e18-beed-2c8f96b9efe0" - }, - { - "name": "Reverse Tabnabbing", - "description": "At least one link on this page is vulnerable to Reverse tabnabbing as it uses a target attribute without using both of the \"noopener\" and \"noreferrer\" keywords in the \"rel\" attribute, which allows the target page to take control of this page.", - "category": "Reverse Tabnabbing", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "MEDIUM", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "102", - "zap_solution": "Do not use a target attribute, or if you have to then also add the attribute: rel=\"noopener noreferrer\".", - "zap_otherinfo": null, - "zap_reference": "https://owasp.org/www-community/attacks/Reverse_Tabnabbinghttps://dev.to/ben/the-targetblank-vulnerability-by-examplehttps://mathiasbynens.github.io/rel-noopener/https://medium.com/@jitbit/target-blank-the-most-underestimated-vulnerability-ever-96e328301f4c", - "zap_cweid": null, - "zap_wascid": null, - "zap_riskcode": "2", - "zap_pluginid": "10108", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster-valve.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/jasper-howto.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/transport.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/introduction.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/membership.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/credentialhandler.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/cgi-howto.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/filter.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/ssi-howto.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/developers.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/realm-howto.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/http.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/index.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/funcspecs/fs-admin-objects.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/cluster-howto.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/changelog.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster-receiver.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/setup.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/config/cluster.html", - "method": "GET", - "evidence": "\"The" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/tribes/interceptors.html", - "method": "GET", - "evidence": "\"The" - } - ] - }, - "id": "dd0fbfe5-2fad-4293-8ee5-5ee88ccb290a" - }, - { - "name": "Source Code Disclosure - Servlet", - "description": "Application Source Code was disclosed by the web server - Servlet", - "category": "Source Code Disclosure - Servlet", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "MEDIUM", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "2", - "zap_solution": "Ensure that application Source Code is not available with alternative extensions, and ensure that source code is not present within other files or data deployed to the web server, or served by the web server. ", - "zap_otherinfo": "public class ChatServlet extends HttpServlet", - "zap_reference": "http://blogs.wsj.com/cio/2013/10/08/adobe-source-code-leak-is-bad-news-for-u-s-government/", - "zap_cweid": "540", - "zap_wascid": "13", - "zap_riskcode": "2", - "zap_pluginid": "10099", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/aio.html", - "method": "GET", - "evidence": "public class ChatServlet\n extends HttpServlet" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsptoserv/ServletToJsp.java.html", - "method": "GET", - "evidence": "import javax.servlet.http.HttpServlet;" - } - ] - }, - "id": "f409b8b4-4f6d-4abd-b57d-36286e39728a" - }, - { - "name": "Non-Storable Content", - "description": "The response contents are not storable by caching components such as proxy servers. If the response does not contain sensitive, personal or user-specific information, it may benefit from being stored and cached, to improve performance.", - "category": "Non-Storable Content", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "INFORMATIONAL", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "8", - "zap_solution": "The content may be marked as storable by ensuring that the following conditions are satisfied:The request method must be understood by the cache and defined as being cacheable (\"GET\", \"HEAD\", and \"POST\" are currently defined as cacheable)The response status code must be understood by the cache (one of the 1XX, 2XX, 3XX, 4XX, or 5XX response classes are generally understood)The \"no-store\" cache directive must not appear in the request or response header fieldsFor caching by \"shared\" caches such as \"proxy\" caches, the \"private\" response directive must not appear in the responseFor caching by \"shared\" caches such as \"proxy\" caches, the \"Authorization\" header field must not appear in the request, unless the response explicitly allows it (using one of the \"must-revalidate\", \"public\", or \"s-maxage\" Cache-Control response directives)In addition to the conditions above, at least one of the following conditions must also be satisfied by the response:It must contain an \"Expires\" header fieldIt must contain a \"max-age\" response directiveFor \"shared\" caches such as \"proxy\" caches, it must contain a \"s-maxage\" response directiveIt must contain a \"Cache Control Extension\" that allows it to be cachedIt must have a status code that is defined as cacheable by default (200, 203, 204, 206, 300, 301, 404, 405, 410, 414, 501). ", - "zap_otherinfo": null, - "zap_reference": "https://tools.ietf.org/html/rfc7234https://tools.ietf.org/html/rfc7231http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html (obsoleted by rfc7234)", - "zap_cweid": "524", - "zap_wascid": "13", - "zap_riskcode": "0", - "zap_pluginid": "10049", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets", - "method": "GET", - "evidence": "302" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/host-manager/html", - "method": "GET", - "evidence": "private" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/security/protected/index.jsp", - "method": "GET", - "evidence": "private" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/manager/html", - "method": "GET", - "evidence": "private" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/chat/", - "method": "GET", - "evidence": "302" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/manager/status", - "method": "GET", - "evidence": "private" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/error/err.jsp?name=ZAP&submit=Submit", - "method": "GET", - "evidence": "500" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp", - "method": "GET", - "evidence": "302" - } - ] - }, - "id": "ec6ab4d9-0ba6-4638-a17d-3d61c1f4b64c" - }, - { - "name": "Anti CSRF Tokens Scanner", - "description": "A cross-site request forgery is an attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge or intent in order to perform an action as the victim. The underlying cause is application functionality using predictable URL/form actions in a repeatable way. The nature of the attack is that CSRF exploits the trust that a web site has for a user. By contrast, cross-site scripting (XSS) exploits the trust that a user has for a web site. Like XSS, CSRF attacks are not necessarily cross-site, but they can be. Cross-site request forgery is also known as CSRF, XSRF, one-click attack, session riding, confused deputy, and sea surf.CSRF attacks are effective in a number of situations, including: * The victim has an active session on the target site. * The victim is authenticated via HTTP auth on the target site. * The victim is on the same local network as the target site.CSRF has primarily been used to perform an action against a target site using the victim's privileges, but recent techniques have been discovered to disclose information by gaining access to the response. The risk of information disclosure is dramatically increased when the target site is vulnerable to XSS, because XSS can be used as a platform for CSRF, allowing the attack to operate within the bounds of the same-origin policy.", - "category": "Anti CSRF Tokens Scanner", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "HIGH", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "26", - "zap_solution": "Phase: Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.For example, use anti-CSRF packages such as the OWASP CSRFGuard.Phase: ImplementationEnsure that your application is free of cross-site scripting issues, because most CSRF defenses can be bypassed using attacker-controlled script.Phase: Architecture and DesignGenerate a unique nonce for each form, place the nonce into the form, and verify the nonce upon receipt of the form. Be sure that the nonce is not predictable (CWE-330).Note that this can be bypassed using XSS.Identify especially dangerous operations. When the user performs a dangerous operation, send a separate confirmation request to ensure that the user intended to perform that operation.Note that this can be bypassed using XSS.Use the ESAPI Session Management control.This control includes a component for CSRF.Do not use the GET method for any request that triggers a state change.Phase: ImplementationCheck the HTTP Referer header to see if the request originated from an expected page. This could break legitimate functionality, because users or proxies may have disabled sending the Referer for privacy reasons.", - "zap_otherinfo": null, - "zap_reference": "http://projects.webappsec.org/Cross-Site-Request-Forgeryhttp://cwe.mitre.org/data/definitions/352.html", - "zap_cweid": "352", - "zap_wascid": "9", - "zap_riskcode": "3", - "zap_pluginid": "20012", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/colors/colors.html", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/checkbox/check.html", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/security/protected/index.jsp", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/colors/colrs.jsp?action=Hint&color1=ZAP&color2=ZAP", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/error/error.html", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/cal/cal1.jsp?action=Submit&email=foo-bar%40example.com&name=ZAP", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/security/protected", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/SessionExample;jsessionid=6E125575EE927DEA79BD6D83AF048EC5?dataname=ZAP&datavalue=ZAP", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/SessionExample;jsessionid=6E125575EE927DEA79BD6D83AF048EC5", - "method": "POST", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/SessionExample", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/CookieExample", - "method": "POST", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/cal/login.html", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/num/numguess.jsp?guess=ZAP", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/num/numguess.jsp", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/RequestParamExample", - "method": "POST", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/implicit-objects.jsp?foo=bar", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/jsp2/el/functions.jsp?foo=JSP+2.0", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/chat/login.jsp", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/servlets/servlet/SessionExample", - "method": "GET", - "evidence": "" - }, - { - "uri": "http://bodgeit.demo-targets.svc:8080/examples/jsp/sessions/carts.html", - "method": "GET", - "evidence": "" - } - ] - }, - "id": "b3371d31-4f1d-48e0-a36f-0b1eca61ccda" - }, - { - "name": "Source Code Disclosure - ActiveVFP", - "description": "Application Source Code was disclosed by the web server - ActiveVFP", - "category": "Source Code Disclosure - ActiveVFP", - "location": "http://bodgeit.demo-targets.svc:8080", - "osi_layer": "APPLICATION", - "severity": "MEDIUM", - "attributes": { - "host": "bodgeit.demo-targets.svc", - "zap_confidence": "2", - "zap_count": "1", - "zap_solution": "Ensure that application Source Code is not available with alternative extensions, and ensure that source code is not present within other files or data deployed to the web server, or served by the web server. ", - "zap_otherinfo": "if (!thisScript) { // Workaround for IE var scripts = document.getElementsByTagName(\"script\"); thisScript = scripts[scripts.length - 1]; } document.addEventListener(\"DOMContentLoaded\", (function() { var commentsDiv = document.getElementById(\"comments_thread\"); var commentsShortname = \"tomcat\"; var commentsIdentifier = \"http://tomcat.apache.org/\" + thisScript.getAttribute(\"data-comments-identifier\") + \".html\"; (function(w, d) { if (w.location.hostname.toLowerCase() == \"tomcat.apache.org\") { var s = d.createElement(\"script\"); s.type = \"application/javascript\"; s.async = true; s.src = \"https://comments.apache.org/show_comments.lua?site=\" + encodeURIComponent(commentsShortname) + \"&page=\" + encodeURIComponent(commentsIdentifier); d.head.appendChild(s); } else { commentsDiv.appendChild(d.createTextNode(\"Comments are disabled for this page at the moment.\")); } })(window, document); }), false); })(); Apache Tomcat 8 Version 8.0.37, Sep 1 2016LinksDocs HomeFAQUser CommentsUser Guide1) Introduction2) Setup3) First webapp4) Deployer5) Manager6) Realms and AAA7) Security Manager8) JNDI Resources9) JDBC DataSources10) Classloading11) JSPs12) SSL/TLS13) SSI14) CGI15) Proxy Support16) MBeans Descriptors17) Default Servlet18) Clustering19) Load Balancer20) Connectors21) Monitoring and Management22) Logging23) APR/Native24) Virtual Hosting25) Advanced IO26) Additional Components27) Mavenized28) Security Considerations29) Windows Service30) Windows Authentication31) Tomcat's JDBC Pool32) WebSocket33) RewriteReferenceRelease NotesConfigurationTomcat JavadocsServlet JavadocsJSP 2.3 JavadocsEL 3.0 JavadocsWebSocket 1.1 JavadocsJK 1.2 DocumentationApache Tomcat DevelopmentBuildingChangelogStatusDevelopersArchitectureFunctional Specs.TribesSSI How ToTable of ContentsIntroductionInstallationServlet ConfigurationFilter ConfigurationDirectivesVariablesIntroductionSSI (Server Side Includes) are directives that are placed in HTML pages,and evaluated on the server while the pages are being served. They let youadd dynamically generated content to an existing HTML page, without havingto serve the entire page via a CGI program, or other dynamic technology.Within Tomcat SSI support can be added when using Tomcat as yourHTTP server and you require SSI support. Typically this is doneduring development when you don't want to run a web server like Apache.Tomcat SSI support implements the same SSI directives as Apache. See theApache Introduction to SSI for information on using SSI directives.SSI support is available as a servlet and as a filter. You should use oneor the other to provide SSI support but not both.Servlet based SSI support is implemented using the classorg.apache.catalina.ssi.SSIServlet. Traditionally, this servletis mapped to the URL pattern \"*.shtml\".Filter based SSI support is implemented using the classorg.apache.catalina.ssi.SSIFilter. Traditionally, this filteris mapped to the URL pattern \"*.shtml\", though it can be mapped to \"*\" asit will selectively enable/disable SSI processing based on mime types. ThecontentType init param allows you to apply SSI processing to JSP pages,javascript, or any other content you wish.By default SSI support is disabled in Tomcat.InstallationCAUTION - SSI directives can be used to execute programsexternal to the Tomcat JVM. If you are using the Java SecurityManager thiswill bypass your security policy configuration in catalina.policy.To use the SSI servlet, remove the XML comments from around the SSI servletand servlet-mapping configuration in$CATALINA_BASE/conf/web.xml.To use the SSI filter, remove the XML comments from around the SSI filterand filter-mapping configuration in$CATALINA_BASE/conf/web.xml.Only Contexts which are marked as privileged may use SSI features (see theprivileged property of the Context element).Servlet ConfigurationThere are several servlet init parameters which can be used toconfigure the behaviour of the SSI servlet.buffered - Should output from this servlet be buffered?(0=false, 1=true) Default 0 (false).debug - Debugging detail level for messages loggedby this servlet. Default 0.expires - The number of seconds before a page with SSIdirectives will expire. Default behaviour is for all SSI directives to beevaluated for every request.isVirtualWebappRelative - Should \"virtual\" SSI directivepaths be interpreted as relative to the context root, instead of the serverroot? Default false.inputEncoding - The encoding to be assumed for SSIresources if one cannot be determined from the resource itself. Default isthe default platform encoding.outputEncoding - The encoding to be used for the resultof the SSI processing. Default is UTF-8.allowExec - Is the exec command enabled? Default isfalse.Filter ConfigurationThere are several filter init parameters which can be used toconfigure the behaviour of the SSI filter.contentType - A regex pattern that must be matched beforeSSI processing is applied. When crafting your own pattern, don't forget that amime content type may be followed by an optional character set in the form\"mime/type; charset=set\" that you must take into account. Default is\"text/x-server-parsed-html(;.*)?\".debug - Debugging detail level for messages loggedby this servlet. Default 0.expires - The number of seconds before a page with SSIdirectives will expire. Default behaviour is for all SSI directives to beevaluated for every request.isVirtualWebappRelative - Should \"virtual\" SSI directivepaths be interpreted as relative to the context root, instead of the serverroot? Default false.allowExec - Is the exec command enabled? Default isfalse.DirectivesServer Side Includes are invoked by embedding SSI directives in an HTML document whose type will be processed by the SSI servlet. The directives take the form of an HTML comment. The directive is replaced by the results of interpreting it before sending the page to the client. The general form of a directive is: <!--#directive [parm=value] -->The directives are:config - <!--#config timefmt=\"%B %Y\" -->Used to set the format of dates and other items processed by SSIecho - <!--#echo var=\"VARIABLE_NAME\" -->will be replaced by the value of the variable.exec - Used to run commands on the host system.include - <!--#include virtual=\"file-name\" -->inserts the contentsflastmod - <!--#flastmod file=\"filename.shtml\" -->Returns the time that a file was lost modified.fsize - <!--#fsize file=\"filename.shtml\" -->Returns the size of a file.printenv - <!--#printenv -->Returns the list of all the defined variables.set - <!--#set var=\"foo\" value=\"Bar\" -->is used to assign a value to a user-defined variable.if elif endif", - "zap_reference": "http://blogs.wsj.com/cio/2013/10/08/adobe-source-code-leak-is-bad-news-for-u-s-government/", - "zap_cweid": "540", - "zap_wascid": "13", - "zap_riskcode": "2", - "zap_pluginid": "10099", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.demo-targets.svc:8080/docs/ssi-howto.html", - "method": "GET", - "evidence": "if (!thisScript) { // Workaround for IE <= 11\n var scripts = document.getElementsByTagName(\"script\");\n thisScript = scripts[scripts.length - 1];\n }\n document.addEventListener(\"DOMContentLoaded\", (function() {\n var commentsDiv = document.getElementById(\"comments_thread\");\n var commentsShortname = \"tomcat\";\n var commentsIdentifier = \"http://tomcat.apache.org/\" +\n thisScript.getAttribute(\"data-comments-identifier\") + \".html\";\n\n (function(w, d) {\n if (w.location.hostname.toLowerCase() == \"tomcat.apache.org\") {\n var s = d.createElement(\"script\");\n s.type = \"application/javascript\";\n s.async = true;\n s.src = \"https://comments.apache.org/show_comments.lua?site=\" +\n encodeURIComponent(commentsShortname) +\n \"&page=\" + encodeURIComponent(commentsIdentifier);\n d.head.appendChild(s);\n } else {\n commentsDiv.appendChild(d.createTextNode(\"Comments are disabled for this page at the moment.\"));\n }\n })(window, document);\n }), false);\n })();\n

Apache Tomcat 8

\n Version 8.0.37,\n

SSI How To

Table of Contents

\n\n

Introduction

\n\n

SSI (Server Side Includes) are directives that are placed in HTML pages,\nand evaluated on the server while the pages are being served. They let you\nadd dynamically generated content to an existing HTML page, without having\nto serve the entire page via a CGI program, or other dynamic technology.\n

\n\n

Within Tomcat SSI support can be added when using Tomcat as your\nHTTP server and you require SSI support. Typically this is done\nduring development when you don't want to run a web server like Apache.

\n\n

Tomcat SSI support implements the same SSI directives as Apache. See the\n\nApache Introduction to SSI for information on using SSI directives.

\n\n

SSI support is available as a servlet and as a filter. You should use one\nor the other to provide SSI support but not both.

\n\n

Servlet based SSI support is implemented using the class\norg.apache.catalina.ssi.SSIServlet. Traditionally, this servlet\nis mapped to the URL pattern \"*.shtml\".

\n\n

Filter based SSI support is implemented using the class\norg.apache.catalina.ssi.SSIFilter. Traditionally, this filter\nis mapped to the URL pattern \"*.shtml\", though it can be mapped to \"*\" as\nit will selectively enable/disable SSI processing based on mime types. The\ncontentType init param allows you to apply SSI processing to JSP pages,\njavascript, or any other content you wish.

\n

By default SSI support is disabled in Tomcat.

\n

Installation

\n\n

CAUTION - SSI directives can be used to execute programs\nexternal to the Tomcat JVM. If you are using the Java SecurityManager this\nwill bypass your security policy configuration in catalina.policy.\n

\n\n

To use the SSI servlet, remove the XML comments from around the SSI servlet\nand servlet-mapping configuration in\n$CATALINA_BASE/conf/web.xml.

\n\n

To use the SSI filter, remove the XML comments from around the SSI filter\nand filter-mapping configuration in\n$CATALINA_BASE/conf/web.xml.

\n\n

Only Contexts which are marked as privileged may use SSI features (see the\nprivileged property of the Context element).

\n\n

Servlet Configuration

\n\n

There are several servlet init parameters which can be used to\nconfigure the behaviour of the SSI servlet.

\n
    \n
  • buffered - Should output from this servlet be buffered?\n(0=false, 1=true) Default 0 (false).
    • \n
  • debug - Debugging detail level for messages logged\nby this servlet. Default 0.
    • \n
  • expires - The number of seconds before a page with SSI\ndirectives will expire. Default behaviour is for all SSI directives to be\nevaluated for every request.
    • \n
  • isVirtualWebappRelative - Should \"virtual\" SSI directive\npaths be interpreted as relative to the context root, instead of the server\nroot? Default false.
    • \n
  • inputEncoding - The encoding to be assumed for SSI\nresources if one cannot be determined from the resource itself. Default is\nthe default platform encoding.
    • \n
  • outputEncoding - The encoding to be used for the result\nof the SSI processing. Default is UTF-8.
    • \n
  • allowExec - Is the exec command enabled? Default is\nfalse.
    • \n
\n\n\n

Filter Configuration

\n\n

There are several filter init parameters which can be used to\nconfigure the behaviour of the SSI filter.

\n
    \n
  • contentType - A regex pattern that must be matched before\nSSI processing is applied. When crafting your own pattern, don't forget that a\nmime content type may be followed by an optional character set in the form\n\"mime/type; charset=set\" that you must take into account. Default is\n\"text/x-server-parsed-html(;.*)?\".
    • \n
  • debug - Debugging detail level for messages logged\nby this servlet. Default 0.
    • \n
  • expires - The number of seconds before a page with SSI\ndirectives will expire. Default behaviour is for all SSI directives to be\nevaluated for every request.
    • \n
  • isVirtualWebappRelative - Should \"virtual\" SSI directive\npaths be interpreted as relative to the context root, instead of the server\nroot? Default false.
    • \n
  • allowExec - Is the exec command enabled? Default is\nfalse.
    • \n
\n\n\n

Directives

\n

Server Side Includes are invoked by embedding SSI directives in an HTML document\n whose type will be processed by the SSI servlet. The directives take the form of an HTML\n comment. The directive is replaced by the results of interpreting it before sending the\n page to the client. The general form of a directive is:

\n

<!--#directive [parm=value] -->

\n

The directives are:

\n